SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A remote office is reporting they are unable to access any of the network resources from the main office. The security administrator realizes the error and corrects it. The administrator then tries to ping the router at the remote office and receives
Algorithm
The remote router has ICMP blocked.
Principle of least privilege
Botnet
2. In order to ensure high availability of all critical backups of the main data center are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in
MS-CHAP
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
Having the offsite location of tapes also be the hot siteservers
User rights and permissions reviews
3. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?
ARP poisoning
Footprinting
NIDS
Run the image through SHA256. Answer: D
4. Webmail is classified under which of the following cloud-based technologies?
Pharming - Logic bomb
Mandated security configurations have been made to the operating system.
Mantraps
Software as a Service (SaaS)
5. When configuring multiple computers for RDP on the same wireless router it may be necessary to do which of the following?
Fault tolerance
Phishing techniques
Forward to different RDP listening ports.
Multi-factor authentication.
6. Based on logs from file servers remote access systems - and IDS - a malicious insider was stealing data using a personal laptop while connected by VPN. The affected company wants access to the laptop to determine loss - but the insider's lawyer insis
Account disablement
MAC address
Dumpster diving
AES and TKIP
7. Logs from an IDS show that a computer has been compromised with a botnet and is actively communicating with a command and control which of the following data types will be unavailable for later investigation?
To ensure that staff understands what data they are handling and processing
extremely slow and numerous antivirus alerts
Forward to different RDP listening ports.
Memory - network processes - and system processesserver. If the computer is powered off
8. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?
Risk assessmentproduct Answer: D
Segmentation of each wireless user from other wireless users
Cross-site scripting
Organize data based on severity and asset value.
9. Due to sensitive data concerns a security administrator has enacted a policy preventing the use of flash drives. Additionally - which of the following can the administrator implement to reduce the risk of data leakage?
Software as a Service
To provide documentation as to who has handled the evidence
Add input validation to forms.
Enact a policy banning users from bringing in personal music devices.
10. Which of the following secure protocols is MOST commonly used to remotely administer Unix/Linux systems?
Mantrap
SSH
Gas
Initial vector
11. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?
Asymmetric and Hashing
ID badges
DNS spoofing
Software as a Service (SaaS)
12. Which of the following concepts ensures that the data is only viewable to authorized users?
DES
Confidentiality
Implicit deny
Mantraps
13. Which of the following is a method to prevent ad-hoc configuration mistakes?
Least privilege
Software as a Service
quantitative risk assessment
Implement a change management strategy
14. Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?
TLS
Confidentiality - Availability
ICMP
Spam filters
15. A security administrator is tasked with revoking the access of a terminated employee. Which of the following account policies MUST be enacted to ensure the employee no longer has access to the network?
A system that stops an attack in progress.
Account disablement
Principle of least privilege
53
16. You are looking for ways to protect data on a network. Your solution should: Provide for easy backup of all user data.
White box
FTPS
SSH
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
17. Used in conjunction which of the following are PII?
Implement a change management strategy
Check if relaying is denied for unauthorized domains
CAC
Birthday - Full name
18. A new enterprise solution is currently being evaluated due to its potential to increase the company's profit margins. The security administrator has been asked to review its security implications. While evaluating the various vulnerability scans were
Risk assessmentproduct Answer: D
ID badges
CCTV
MD5
19. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?
Cross-site scripting
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
Spear phishing
ACLs
20. Performing routine security audits is a form of which of the following controls?
Change Management System
IPv6
Detective
Cross-site scripting
21. Which of the following logical controls does a flood guard protect against?
Provider cloud
SYN attacks
MAC address
IDEA and TripleDes
22. Which of the following manages peer authentication and key exchange for an IPSec connection?
IKE
Man-in-the-middle
Asymmetric and Hashing
Shielding
23. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?
Rootkit
Mandatory vacations
AES and TKIP
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
24. The detection of a NOOP sled is an indication of which of the following attacks?
Ensure a proper chain of custody
WPA Enterprise
Buffer overflow
Software as a Service
25. Instead of giving a security administrator full the administrator is given rights only to review logs and update security related network devices. Additional rights are handed out to network administrators for the areas that fall within their job des
Least privilege
WPA Enterprise
VLAN segregation
Baseline reporting
26. Network users whose computers are running Windows7 complain that the extra windows that appear when they browse the Internet are becoming a nuisance. You need to minimize how often these windows appear. What should you do?
Run the image through SHA256. Answer: D
Chain of custody
Vulnerability scan
Configure the IE popup blockers
27. You are designing a Web-based application. You design the application so that it runs under a security context that allows only those privileges required for the application to run to minimize risk in the event of an attack. This is an example of whi
Principle of least privilege
By masking the IP address of internal computers from the Internet
Determine open ports
22
28. Which of the following is BEST used to prevent ARP poisoning attacks across a network?
S/MIME PGP
VLAN segregation
Cross-site scripting
Man-in-the-middle
29. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?
se file servers attached to an NAS system.
Mantrap
mitigation - acceptance - transference
DES
30. Which of the following protocols requires the use of a CA based authentication process?
Whaling
Vulnerability scanning
PEAP-TLS
Spam filters
31. A security administrator is in charge of a a hot site and a cold site. Due to a recent disaster - the administrator needs to ensure that their cold site is ready to go in case of a disaster. Which of the following does the administrator need to ensur
To minimize the organizational risk posed by users
Location that meets power and connectivity requirementsdatacenter
Evil twin
Vulnerability scan
32. An administrator identifies a security issue on but does not attempt to exploit it. Which of the following describes what the administrator has done?
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
Vulnerability scan
Mantrap
Memory - network processes - and system processesserver. If the computer is powered off
33. Which of the following is MOST likely to be the last rule contained on any firewall?
Cognitive passwords
Fiber optic
HSM
Implicit deny
34. Which of the following includes a photo and can be used for identification?
Firewall - VPN
CAC
The web site's private key.
EMI shielding
35. Which of the following are accomplished when a message is digitally signed?
Man-in-the-middle
Integrity and Authentication
Algorithm
ID badges
36. Which of the following would be implemented to allow access to services while segmenting access to the internal network?
DMZ
The development team is transferring data to test systems using SFTP and SCP.
IKE
Block port 23 on the network firewall.
37. Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems the users are still reporting issues of data being corrupt. Which of the following assessment techniques need to be performed to
BIOS
Confidentiality
Vulnerability scan
Software as a Service (SaaS)
38. Which of the following BEST describes an intrusion prevention system?
User rights
A system that stops an attack in progress.
1433
Mandatory vacations
39. What fire suppression method should be used to extinguish an electrical fire in one of the racks in the server room?
Symmetric Key
ACLs
Gas
ACLs
40. What are typical elements of authentication as part of physical access controls?
Mantraps
Deny all
SNMP (also use to monitor the parameters of network devices)
ID badges
41. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin
PEAP-TLS
Social Engineering attack
Firewall rulesflow of network traffic at the edge of the network
WPA Enterprise
42. Which of the following is a technique designed to obtain information from a specific person?
Implicit deny
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
Spear phishing
Blind FTP
43. Which of the following is a detective security control?
CCTV
Spear phishing
Location that meets power and connectivity requirementsdatacenter
Network Access Control
44. A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?
Run the image through SHA256. Answer: D
Implicit deny
Shoulder surfing
Polymorphic
45. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?
escalation of privileges.
Bluesnarfing
Confidentiality - Availability
DMZ
46. Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?
The server is missing the default gateway.
Steganography
Power levels
AC filtering - Disabled SSID broadcast
47. An administrator is taking an image of a server and converting it to a virtual instance. Which of the following BEST describes the information security requirements of a virtualized server?
Rogue access points
IDS
Virtual servers have the same information security requirements as physical servers.
signing of a user agreement.
48. A rogue access point with the same SSID as the production wireless network is found. Which of the following BEST describes this attack?
Evil twin
DMZ
Polymorphic
Multi-factor authentication.
49. Which of the following threats corresponds with an attacker targeting specific employees of a company?
AES and TKIP
Implicit deny
Dumpster diving - Shoulder surfing
Spear phishing
50. The 802.11i standard specifies support for which encryption algorithms?
AES and TKIP
Loop protection
DNS spoofing
Social Engineering attack
