SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following allows a security administrator to set device traps?
Tailgating
WPA2-PSK
SNMP (also use to monitor the parameters of network devices)
Black hat
2. Network users whose computers are running Windows7 complain that the extra windows that appear when they browse the Internet are becoming a nuisance. You need to minimize how often these windows appear. What should you do?
CAC
Bluesnarfing
Add input validation to forms.
Configure the IE popup blockers
3. Which environmental control is part of TEMPEST compliance?
Mantrap
signing of a user agreement.
Shielding
SSL
4. Isolation mode on an AP provides which of the following functionality types?
Physical control of the data
Trojans
IDS
Segmentation of each wireless user from other wireless users
5. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of
Dumpster diving - Shoulder surfing
extremely slow and numerous antivirus alerts
SSL
quantitative risk assessment
6. Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?
Power levels
WPA2-PSK
System A fails open. System B fails closed.
Rogue access point
7. Which of the following devices is used to optimize and distribute data workloads across multiple computers or networks?
Load balancer
Tailgating
Mandated security configurations have been made to the operating system.
Forward to different RDP listening ports.
8. An administrator identifies a security issue on but does not attempt to exploit it. Which of the following describes what the administrator has done?
IDS
Shoulder surfing
Vulnerability scan
A worm is self-replicating
9. A security engineer is troubleshooting a server which cannot be reached from the Internet or the internal network. All other servers on the DMZ are able to communicate with this server. Which of the following is the MOST likely cause?
The server is missing the default gateway.
Vulnerability scanning
Asymmetric and Hashing
The new access point was mis-configured and is interfering with another nearby access point.
10. A security administrator with full administrative rights on the network is forced to temporarily take time off of their duties. Which of the following describes this form of access control?
Mandatory vacation
mitigation - acceptance - transference
IPSec
DMZ
11. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?
ICMP
Mantrap
DMZ
Least privilege
12. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?
NIDS
War driving
Install a network-based IDS
NOOP instructions
13. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?
Virtual servers have the same information security requirements as physical servers.
DoS
Availability
Cross-site scripting
14. Which of the following identifies some of the running services on a system?
Determine open ports
User rights and permissions reviews
Trojans
ARP poisoning
15. Which of the following malware types is an antivirus scanner MOST unlikely to discover?
DMZ
Pharming - Logic bomb
Humidity
Deny all
16. Which of the following risks may result from improper use of social networking and P2P software?
DMZ
Information disclosure
Shoulder surfing
1433
17. You are designing a Web-based application. You design the application so that it runs under a security context that allows only those privileges required for the application to run to minimize risk in the event of an attack. This is an example of whi
The new access point was mis-configured and is interfering with another nearby access point.
NIPS is blocking activities from those specific websites.
Cross-site scripting
Principle of least privilege
18. A user is no longer able to transfer files to the FTP server. The security administrator has verified the ports are open on the network firewall. Which of the following should the security administrator check?
ACLs
Shoulder surfing
Detective
Separation of duties
19. What key is used to encrypt an HTTPS session?
Visibility - Accessibility - Neighborhood crime rate
Memory - network processes - and system processesserver. If the computer is powered off
Implicit deny
Symmetric
20. NIDS can also be used to help identify...
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
smurf attacks
Algorithm
Determine open ports
21. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?
Principle of least privilege
Visibility - Accessibility - Neighborhood crime rate
content inspection.
IPSec
22. An existing application has never been assessed from a security perspective. Which of the following is the BEST assessment technique in order to identify the application's security posture?
Baseline reporting
Separation of duties
To provide documentation as to who has handled the evidence
DES
23. Which of the following is NOT an application layer security protocol?
IPSec
ID badges
WPA Enterprise
The remote router has ICMP blocked.
24. What port does the Domain Name Service (DNS) use by default?
53
MAC
Protocol analyzer
S/MIME PGP
25. Which of the following is used when performing a qualitative risk analysis?
Fiber optic
Vulnerability scanning
DMZ
Judgment
26. Which of the following logical controls does a flood guard protect against?
Rootkit
Logic Bomb
SYN attacks
Footprinting
27. Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems the users are still reporting issues of data being corrupt. Which of the following assessment techniques need to be performed to
IPv6
PEAP-TLS
Vulnerability scan
IPSec
28. An administrator is updating firmware on routers throughout the company. Where should the administrator document this work?
Change Management System
Configure the IE popup blockers
Install a network-based IDS
25
29. Which of the following is the BEST way to secure data for the purpose of retention?
Off-site backup
Clustering
Gas
Location that meets power and connectivity requirementsdatacenter
30. Which of the following is specific to a buffer overflow attack?
DoS
Loop protection
Initial vector
The web site's private key.
31. Which of the following port numbers is used for SCP by default?
WPA2
Phishing techniques
22
Judgment
32. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?
AES and TKIP
Ensure a proper chain of custody
Before and after the imaging process and then hash the forensic image
System A fails open. System B fails closed.
33. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?
Clean desk policy
Hardware RAID 5 - Software RAID 1
NIDS
Enact a policy banning users from bringing in personal music devices.
34. An IT administrator wants to provide 250 staff with secure remote access to the corporate network. Which of the following BEST achieves this requirement?
Risk assessmentproduct Answer: D
Visibility - Accessibility - Neighborhood crime rate
VPN concentrator
To ensure that staff understands what data they are handling and processing
35. Several staff members working in a datacenter have reported instances of tailgating. Which of the following could be implemented to prevent this security concern?
Mantraps
Rogue access point
mitigation - acceptance - transference
VLAN segregation
36. Data can potentially be stolen from a disk screen-lock protected - smartphone by which of the following?
Rogue access point
Integrity
Bluesnarfing
Mantrap
37. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
The development team is transferring data to test systems using SFTP and SCP.
25
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
38. Used in conjunction which of the following are PII?
Security guard - Proximity reader
Birthday - Full name
Power levels
Implicit deny
39. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?
Cross-site scripting
Integrity
Rootkit
Before and after the imaging process and then hash the forensic image
40. Which of the following is the default rule found in a corporate firewall's access control list?
Symmetric
Deny all
EMI shielding
IPSec
41. Instead of giving a security administrator full the administrator is given rights only to review logs and update security related network devices. Additional rights are handed out to network administrators for the areas that fall within their job des
Diffie-Hellman
escalation of privileges.
Least privilege
Business impact analysis
42. A targeted email attack sent to the company's Chief Executive Officer (CEO) is known as which of the following?
Whaling
ARP poisoning
Confidentiality
SNMP (also use to monitor the parameters of network devices)
43. Separating of duties is valuable in deterring?
Run the image through SHA256. Answer: D
Fraud
CAC
IDEA and TripleDes
44. Which of the following is not an asymmetric system?
WPA2
DES
Security guard - Proximity reader
BIOS
45. You need to advise a new wiring system for a company with several locations partly open to the public. A primary requirement is to make tapping into the network as difficult as possible. Which of the following cable types should you advice?
FTPS
Fiber optic
Command injection
content inspection.
46. You want to setup a secure method of sending and receiving email. Which two of the following protocols can be used for this purpose?
The web site's public key.
Trojans
S/MIME PGP
ACLs
47. Upper management decides which risk to mitigate based on cost. This is an example of:
Principle of least privilege
Add input validation to forms.
quantitative risk assessment
DMZ
48. Which of the following would be implemented to allow access to services while segmenting access to the internal network?
Account disablement
Implicit deny
Privacy policy
DMZ
49. Logs from an IDS show that a computer has been compromised with a botnet and is actively communicating with a command and control which of the following data types will be unavailable for later investigation?
Blind FTP
White box
Memory - network processes - and system processesserver. If the computer is powered off
Humidity
50. Which of the following should a security administrator implement to prevent users from disrupting network connectivity if a user connects both ends of a network cable to different switch ports?
SNMP (also use to monitor the parameters of network devices)
Loop protection
AES and TKIP
To ensure that staff understands what data they are handling and processing