Test your basic knowledge |

Comptia Security + Exam

Subjects : certifications, comptia-security-+, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?
Asymmetric and Hashing
Security guard - Proximity reader
ICMP
Rogue access points

2. Which of the following is the MOST likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network?
Botnet
User rights
IPSec
A system that stops an attack in progress.

3. Which of the following describes when forensic hashing should occur on a drive?
S/MIME PGP
Only the message data is encrypted
Before and after the imaging process and then hash the forensic image
War driving

4. Which of the following devices BEST allows a security administrator to identify malicious activity after it has occurred?
The web site's private key.
Software as a Service
IDS
Algorithm

5. Which of the following is the MAIN reason to require data labeling?
DMZ
To ensure that staff understands what data they are handling and processing
Baseline reporting
Risk transference

6. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?
IPSec
SSH
SNMP (also use to monitor the parameters of network devices)
Initial vector

7. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?
Only the message data is encrypted
Virtual servers have the same information security requirements as physical servers.
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
Pharming - Logic bomb

8. What is the term used to describe the type of FTP access in which the user does not have permissions to list the content of directories but can access the contents if he knows the path and file name?
Content filtering
MS-CHAP
Install a network-based IDS
Blind FTP

9. A security engineer is troubleshooting a server which cannot be reached from the Internet or the internal network. All other servers on the DMZ are able to communicate with this server. Which of the following is the MOST likely cause?
DES
To minimize the organizational risk posed by users
The server is missing the default gateway.
quantitative risk assessment

10. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?
Mantrap
User rights and permissions reviews
Clean desk policy
Buffer overflow

11. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of
Software as a Service
System A fails open. System B fails closed.
Vulnerability scanning
SSL

12. Which of the following devices would allow a technician to view IP headers on a data packet?
White box
The user's PC is missing the authentication agent.
Buffer overflow
Protocol analyzer

13. NIDS can also be used to help identify...
smurf attacks
SSH
EMI shielding
Rogue access points

14. What are typical elements of authentication as part of physical access controls?
Decrease the power levels on the WAP
Disable unused services - Update HIPS signatures
ID badges
ARP poisoning

15. Performing routine security audits is a form of which of the following controls?
Dumpster diving - Shoulder surfing
Birthday - Full name
Detective
To provide documentation as to who has handled the evidence

16. Which of the following ports would a security administrator block if the administrator wanted to stop users from accessing outside SMTP services?
Mandatory vacation
Rogue access points
Privilege escalation
25

17. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?
Hardware RAID 5 - Software RAID 1
53
Platform as a Service
DAC

18. Which of the following concepts ensures that the data is only viewable to authorized users?
Tailgating
Off-site backup
Run the image through SHA256. Answer: D
Confidentiality

19. An IT administrator wants to provide 250 staff with secure remote access to the corporate network. Which of the following BEST achieves this requirement?
VPN concentrator
Privacy policy
Fiber optic
A worm is self-replicating

20. Which of the following environmental controls would BEST be used to regulate cooling within a datacenter?
Account disablement
Hot and cold aisles
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
The web site's public key.

21. Which of the following is a reason to perform user awareness and training?
NIDS
Run the image through SHA256. Answer: D
Symmetric Key
To minimize the organizational risk posed by users

22. A set of instructions normally implemented on a computer system as a procedure to manipulate data is called a(n)?
S/MIME PGP
Algorithm
MAC
AES and TKIP

23. MAC filtering is a form of which of the following?
MAC
Network Access Control
Clean desk policy
Birthday - Full name

24. Which of the following authentication protocols utilizes the MD4 hashing algorithm?
FTPS
escalation of privileges.
MS-CHAP
NIDS

25. DRPs should contain which of the following?
Hierarchical list of critical systems
WPA2
Virtual servers have the same information security requirements as physical servers.
Polymorphic

26. Which of the following is another name for a malicious attacker?
Platform as a Service
25
Black hat
Off-site backup

27. Which of the following logical controls does a flood guard protect against?
IPv6
SYN attacks
Clustering
VLAN segregation

28. You are performing risk assessment for an organization. What should you do during impact assessment?
Off-site backup
Determine the potential monetary costs related to a threat
Least privilege
NIDS

29. The security administrator notices a number of TCP connections from the development department to the test network segregation. Large volumes of data are being transmitted between the two networks only on port 22. Which of the following is MOST likel
Integrity and Authentication
The development team is transferring data to test systems using SFTP and SCP.
Vishing
Mandated security configurations have been made to the operating system.

30. Which of the following can prevent an unauthorized employee from entering a data center?
Initial vector
Security guard - Proximity reader
80 - 443
Polymorphic

31. A security administrator is tasked with revoking the access of a terminated employee. Which of the following account policies MUST be enacted to ensure the employee no longer has access to the network?
ACLs
Use SSH to connect to the Linux shell
Account disablement
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.

32. Which of the following includes a photo and can be used for identification?
CCTV
Provider cloud
Birthday - Full name
CAC

33. Isolation mode on an AP provides which of the following functionality types?
DES
Spear phishing
Segmentation of each wireless user from other wireless users
Check if relaying is denied for unauthorized domains

34. Which of the following malware types is MOST commonly installed through the use of thumb drives to compromise systems and provide unauthorized access?
FTPS
User rights
Trojans
ID badges

35. A critical system in the datacenter is not connected to a UPS. The security administrator has coordinated an authorized service interruption to resolve this issue. This is an example of which of the following?
Fault tolerance
Software as a Service (SaaS)
25
Clustering

36. A security administrator needs to separate two departments. Which of the following would the administrator implement to perform this?
NIDS
War driving
VLAN
Platform as a Service

37. Your company wants a new web server that can be accessed both by users on your internal network and by users on the Internet. You advice the company to locate the server behind the corporate firewall so it can enjoy similar protection as the internal
IPSec
Vulnerability scanning
DMZ
1433

38. You are the network admin for a large LAN with a single - firewall-protected - Internet connection. You want to analyze all network traffic in your local network for suspicious activities and receive a notification when a possible attack is in proces
Humidity
Chain of custody
AES and TKIP
Install a network-based IDS

39. Which of the following functions is MOST likely performed by a web security gateway?
Content filtering
Physical control of the data
Integrity and Authentication
War driving

40. Which of the following security threats does shredding mitigate?
Dumpster diving
Use SSH to connect to the Linux shell
Virtual servers have the same information security requirements as physical servers.
Pharming - Logic bomb

41. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?
Enact a policy banning users from bringing in personal music devices.
Footprinting
The web site's public key.
Physical control of the data

42. Which of the following assists in identifying if a system was properly handled during transport?
Chain of custody
IPSec
War driving
Data Encryption Standard (DES)

43. Used in conjunction which of the following are PII?
VLAN
Birthday - Full name
Configure the IE popup blockers
Location that meets power and connectivity requirementsdatacenter

44. During the analysis of malicious code a security analyst discovers JavaScript being used to send random data to another service on the same system. This is MOST likely an example of which of the following?
The web site's public key.
Buffer overflow
A system that stops an attack in progress.
Cross-site scripting

45. Which of the following identifies some of the running services on a system?
Spam filters
Lets you minimize the attack surface relating to the application
Platform as a Service
Determine open ports

46. For which of the following is centralized key management most complicated?
Symmetric Key
SSH
Initial vector
Detective

47. A security administrator performs several war driving routes each month and recently has noticed a certain area with a large number of unauthorized devices. Which of the following attack types is MOST likely occurring?
extremely slow and numerous antivirus alerts
Load balancer
Rogue access points
Availability

48. What is the advantage of using application virtualization?
Social Engineering attack
A system that stops an attack in progress.
Evil twin
Lets you minimize the attack surface relating to the application

49. A user reports that their 802.11n capable interface connects and disconnects frequently to an access point that was recently installed. The user has a Bluetooth enabled laptop. A company in the next building had their wireless network breached last m
The new access point was mis-configured and is interfering with another nearby access point.
Symmetric
Forward to different RDP listening ports.
ID badges

50. Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems the users are still reporting issues of data being corrupt. Which of the following assessment techniques need to be performed to
Vulnerability scan
Chain of custody
Mantraps
Firewall - VPN