Test your basic knowledge |

Comptia Security + Exam

Subjects : certifications, comptia-security-+, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. A security firm has been engaged to assess a software application. A production-like test environment login details - production documentation and source code have been provided. Which of the following types of testing is being described?
Birthday - Full name
Confidentiality
Command injection
White box

2. A technician needs to limit the wireless signal from reaching outside of a building. Which of the following actions should the technician take?
Decrease the power levels on the WAP
MAC filtering
Tailgating
Integrity

3. Which of the following would allow traffic to be redirected through a malicious machine by sending false hardware address updates to a switch?
Tailgating
ARP poisoning
Cross-site scripting
Mantraps

4. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?
Polymorphic
Forward to different RDP listening ports.
Initial vector
Cross-site scripting

5. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?
IPv6
MD5
Mantrap
Buffer overflow

6. Which of the following is a detective security control?
It is used to provide data encryption for WAP connections.
Smurf attack
IDEA and TripleDes
CCTV

7. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
Shielding
Social Engineering attack
Add input validation to forms.

8. Which of the following is used when performing a qualitative risk analysis?
Phishing techniques
WPA Enterprise
Judgment
MAC filtering

9. Which of the following BEST describes an intrusion prevention system?
VPN concentrator
Organize data based on severity and asset value.
By masking the IP address of internal computers from the Internet
A system that stops an attack in progress.

10. User in your department complain about a slow Internet connection. You monitor the external interface of your company's border router and notice a huge mount of half-open TCP connections. What type of attack is your company currently a victim of?
mitigation - acceptance - transference
22
TCP SYN flood attack
ICMP

11. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?
Firewall rulesflow of network traffic at the edge of the network
Software as a Service
TPM
Logic Bomb

12. Which of the following devices is often used to cache and filter content?
Proxies
Baseline reporting
Mandated security configurations have been made to the operating system.
Black hat

13. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?
It is used to provide data encryption for WAP connections.
TLS
Disable unused services - Update HIPS signatures
content inspection.

14. Which of the following can prevent an unauthorized employee from entering a data center?
Security guard - Proximity reader
NOOP instructions
TLS
extremely slow and numerous antivirus alerts

15. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?
Software as a Service
VPN concentrator
Footprinting
Bluesnarfing

16. Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?
ACLs
User rights and permissions reviews
Power levels
ACLs

17. Which of the following facilitates computing for heavily utilized systems and networks?
Firewall - VPN
Rogue access points
Provider cloud
Proxies

18. A security administrator needs to separate two departments. Which of the following would the administrator implement to perform this?
VLAN
Disable unused ports
The web site's public key.
MAC address

19. Which of the following secure protocols is MOST commonly used to remotely administer Unix/Linux systems?
SSH
Vulnerability scanner
Cognitive passwords
DMZ

20. Which of the following protocols requires the use of a CA based authentication process?
PEAP-TLS
Symmetric Key
DES
Gas

21. Which of the following risks may result from improper use of social networking and P2P software?
Footprinting
Rogue access point
Information disclosure
Off-site backup

22. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?
Baseline reporting
DNS spoofing
Before and after the imaging process and then hash the forensic image
To minimize the organizational risk posed by users

23. An attacker forces a Windows service that uses the Local System account as its service account to crash. The attacker is able to access administrator-level resources as a result. What kind of attack is this?
Software as a Service (SaaS)
Privilege escalation
PEAP-TLS
IPSec

24. Network users whose computers are running Windows7 complain that the extra windows that appear when they browse the Internet are becoming a nuisance. You need to minimize how often these windows appear. What should you do?
Accountability
MS-CHAP
Configure the IE popup blockers
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.

25. Which of the following are accomplished when a message is digitally signed?
Visibility - Accessibility - Neighborhood crime rate
Integrity and Authentication
Implicit deny
Chain of custody

26. An administrator identifies a security issue on but does not attempt to exploit it. Which of the following describes what the administrator has done?
Protocol analyzer
Mantrap
Vulnerability scan
Segmentation of each wireless user from other wireless users

27. A small company needs to invest in a new expensive database. The company's budget does not include the purchase of additional servers or personnel. Which of the following solutions would allow the small company to save money on hiring additional pers
SSH
ARP poisoning
Software as a Service
Enact a policy banning users from bringing in personal music devices.

28. DRPs should contain which of the following?
Use SSH to connect to the Linux shell
Hierarchical list of critical systems
Asymmetric and Hashing
AC filtering - Disabled SSID broadcast

29. What can you prevent when you deploy wireless devices inside a TEMPEST-certified building?
Run the image through SHA256. Answer: D
War driving
Rogue access points
Software as a Service

30. Which of the following is an unauthorized wireless router that allows access to a secure network?
Rogue access point
80 - 443
Mantrap
Dumpster diving

31. Which of the following is used for exchanging secret keys over an insecure public network?
User rights
Firewall - VPN
Diffie-Hellman
SSL

32. How a Trojan works: A user downloads a keygen to install pirated software. After running the keygen - system performance is ________________ are displayed.
Network Access Control
The PC has become part of a botnet.
extremely slow and numerous antivirus alerts
Implicit deny

33. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?
Determine the potential monetary costs related to a threat
DoS
FTPS
content inspection.

34. Which environmental control is part of TEMPEST compliance?
TPM
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
Shielding
Validate input to remove hypertext

35. Which of the following tools provides the ability to determine if an application is transmitting a password in clear-text?
Polymorphic
Shielding
Risk transference
Protocol analyzer

36. A set of instructions normally implemented on a computer system as a procedure to manipulate data is called a(n)?
Evil twin
extremely slow and numerous antivirus alerts
Algorithm
Shoulder surfing

37. Which of the following should NOT be used with username/password authentication?
Cognitive passwords
Spear phishing
Network Access Control
Lets you minimize the attack surface relating to the application

38. Which of the following assists in identifying if a system was properly handled during transport?
Chain of custody
Visibility - Accessibility - Neighborhood crime rate
Algorithm
By masking the IP address of internal computers from the Internet

39. Several staff members working in a datacenter have reported instances of tailgating. Which of the following could be implemented to prevent this security concern?
IPSec
NOOP instructions
Mantraps
Load balancer

40. A security engineer is troubleshooting a server which cannot be reached from the Internet or the internal network. All other servers on the DMZ are able to communicate with this server. Which of the following is the MOST likely cause?
Cross-site scripting
The server is missing the default gateway.
SSL
DNS spoofing

41. Which of the following are important physical security considerations when choosing a location for a new remote branch office?
Principle of least privilege
Visibility - Accessibility - Neighborhood crime rate
SSH
Pharming - Logic bomb

42. A bulk update process fails and writes incorrect data throughout the database. Which of the following concepts describes what has been compromised?
Integrity
Baseline reporting
The development team is transferring data to test systems using SFTP and SCP.
FTPS

43. A remote office is reporting they are unable to access any of the network resources from the main office. The security administrator realizes the error and corrects it. The administrator then tries to ping the router at the remote office and receives
Mantraps
Trojans
White box
The remote router has ICMP blocked.

44. You want to setup a secure method of sending and receiving email. Which two of the following protocols can be used for this purpose?
S/MIME PGP
Validate input to remove hypertext
Rogue access points
Birthday - Full name

45. Which of the following is the BEST way to secure data for the purpose of retention?
Forward to different RDP listening ports.
Hierarchical list of critical systems
Off-site backup
System A fails open. System B fails closed.

46. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?
Hardware RAID 5 - Software RAID 1
Implement a change management strategy
Implicit deny
Birthday - Full name

47. Which of the following will provide the HIGHEST level of wireless network security?
WPA2
By masking the IP address of internal computers from the Internet
Spear phishing
Principle of least privilege

48. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?
A system that stops an attack in progress.
Evil twin
Data Encryption Standard (DES)
Dumpster diving - Shoulder surfing

49. A network administrator is implementing a network addressing scheme that uses a long string of both numbers and alphanumeric characters to create addressing options and avoid duplicates. Which of the following describes a protocol built for this purp
The web site's public key.
Vulnerability scanning
DAC
IPv6

50. Which of the following should be considered when trying to prevent somebody from capturing network traffic?
Dumpster diving
EMI shielding
Proxies
The web site's public key.