SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following facilitates computing for heavily utilized systems and networks?
HSM
25
VLAN segregation
Provider cloud
2. Which environmental control is part of TEMPEST compliance?
Shielding
FTPS
Hierarchical list of critical systems
User rights
3. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?
Business impact analysis
Vishing
Loop protection
WPA Enterprise
4. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?
Whaling
IDS
Dumpster diving
HSM
5. Which of the following is a method to prevent ad-hoc configuration mistakes?
Multi-factor authentication.
Asset value
Implement a change management strategy
Buffer overflow
6. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?
Mantrap
MD5
The web site's private key.
S/MIME PGP
7. Which of the following can prevent an unauthorized employee from entering a data center?
MAC address
Security guard - Proximity reader
MS-CHAP
content inspection.
8. What types of encryption are used for adding a digital signature to a message?
To ensure that staff understands what data they are handling and processing
Whaling
Asymmetric and Hashing
Smurf attack
9. Which of the following authentication protocols utilizes the MD4 hashing algorithm?
Clustering
Visibility - Accessibility - Neighborhood crime rate
Determine open ports
MS-CHAP
10. A user reports that their 802.11n capable interface connects and disconnects frequently to an access point that was recently installed. The user has a Bluetooth enabled laptop. A company in the next building had their wireless network breached last m
MAC
The new access point was mis-configured and is interfering with another nearby access point.
Fraud
Pharming - Logic bomb
11. Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?
MAC filtering
CCTV
Smurf attack
AC filtering - Disabled SSID broadcast
12. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?
Vulnerability scanning
EMI shielding
Man-in-the-middle
SSH
13. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?
Principle of least privilege
IPSec
Baseline reporting
SSH
14. A security administrator performs several war driving routes each month and recently has noticed a certain area with a large number of unauthorized devices. Which of the following attack types is MOST likely occurring?
Fraud
Cross-site scripting
Business impact analysis
Rogue access points
15. Users in your network are able to assign permissions to their own shared resources. Which of the following access control models is used in your network?
Phishing techniques
Privacy policy
The web site's public key.
DAC
16. Which of the following is MOST commonly a part of routine system audits?
Baseline reporting
Mantraps
User rights and permissions reviews
A system that stops an attack in progress.
17. Which of the following reduces the likelihood of a single point of failure when a server fails?
Clustering
A system that stops an attack in progress.
Tailgating
Integrity and Authentication
18. A critical system in the datacenter is not connected to a UPS. The security administrator has coordinated an authorized service interruption to resolve this issue. This is an example of which of the following?
Fault tolerance
By masking the IP address of internal computers from the Internet
User rights and permissions reviews
Separation of duties
19. Which of the following are the default ports for HTTP and HTTPS protocols?
Hardware RAID 5 - Software RAID 1
Platform as a Service
ARP poisoning
80 - 443
20. Which of the following should be installed to prevent employees from receiving unsolicited emails?
Spam filters
Ensure a proper chain of custody
se file servers attached to an NAS system.
Tailgating
21. The security administrator is getting reports from users that they are accessing certain websites and are unable to download anything off of those sites. The security administrator is also receiving several alarms from the IDS about suspicious traffi
NIDS
User rights
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
NIPS is blocking activities from those specific websites.
22. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?
Asset value
Network Access Control
Pharming - Logic bomb
Hardware RAID 5 - Software RAID 1
23. During the analysis of malicious code a security analyst discovers JavaScript being used to send random data to another service on the same system. This is MOST likely an example of which of the following?
Buffer overflow
IPv6
Steganography
To ensure that staff understands what data they are handling and processing
24. What key is used to encrypt an HTTPS session?
IDEA and TripleDes
Symmetric
CCTV
Load balancer
25. Which of the following allows a security administrator to set device traps?
Whaling
Off-site backup
SNMP (also use to monitor the parameters of network devices)
DMZ
26. Which of the following is BEST used to prevent ARP poisoning attacks across a network?
Privacy policy
VLAN segregation
DAC
MS-CHAP
27. Which of the following BEST describes an intrusion prevention system?
Location that meets power and connectivity requirementsdatacenter
Clustering
Confidentiality - Availability
A system that stops an attack in progress.
28. What fire suppression method should be used to extinguish an electrical fire in one of the racks in the server room?
Integrity
Gas
Loop protection
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
29. What asymmetric key is used to encrypt when using HTTPS?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
30. Which of the following is true concerning email message encryption by using S/MIME?
Run the image through SHA256. Answer: D
Social Engineering attack
Only the message data is encrypted
WPA Enterprise
31. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?
Software as a Service
Determine the potential monetary costs related to a threat
Clean desk policy
Shoulder surfing
32. The detection of a NOOP sled is an indication of which of the following attacks?
Buffer overflow
Use SSH to connect to the Linux shell
Symmetric Key
Dumpster diving
33. Which of the following includes a photo and can be used for identification?
BIOS
Content filtering
CAC
Smurf attack
34. A system administrator could have a user level account and an administrator account to prevent:...
80 - 443
Buffer overflow
Tailgating
escalation of privileges.
35. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?
25
Ensure a proper chain of custody
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
Firewall rulesflow of network traffic at the edge of the network
36. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?
Baseline reporting
DoS
Mandatory vacation
Information disclosure
37. How does a NAT server help protect your network?
The web site's private key.
Virtual servers have the same information security requirements as physical servers.
White box
By masking the IP address of internal computers from the Internet
38. When configuring multiple computers for RDP on the same wireless router it may be necessary to do which of the following?
Privacy policy
Confidentiality - Availability
Rogue access points
Forward to different RDP listening ports.
39. Which of the following is the MOST likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network?
Botnet
VLAN
Mandatory vacation
Buffer overflow
40. Which of the following is an unauthorized wireless router that allows access to a secure network?
Vulnerability scan
Rogue access point
Determine the potential monetary costs related to a threat
Spear phishing
41. A security administrator wants to know which systems are more susceptible to an attack compared to other systems on the network. Which of the following assessment tools would be MOST effective?
Vulnerability scanner
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
Load balancer
Buffer overflow
42. A company that purchases insurance to reduce risk is an example of which of the following?
Install a network-based IDS
Black hat
ID badges
Risk transference
43. Which of the following environmental variables reduces the potential for static discharges?
ACLs
Birthday - Full name
Asymmetric and Hashing
Humidity
44. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?
It is used to provide data encryption for WAP connections.
Block port 23 on the network firewall.
Hardware RAID 5 - Software RAID 1
Software as a Service
45. Your daily bandwidth monitoring report of your Internet connection shows an excessive amount of outgoing traffic on port 25. You have seen peaks in the reports before but this report shows many peaks outside office times. What should you do?
Check if relaying is denied for unauthorized domains
Phishing techniques
Organize data based on severity and asset value.
Power levels
46. Which of the following secure protocols is MOST commonly used to remotely administer Unix/Linux systems?
SSH
Evil twin
S/MIME PGP
Having the offsite location of tapes also be the hot siteservers
47. Which of the following cloud computing concepts is BEST described as providing an easy-to configure OS and on-demand computing for customers?
Platform as a Service
Disable unused ports
Run the image through SHA256. Answer: D
Buffer overflow
48. How a Trojan works: A user downloads a keygen to install pirated software. After running the keygen - system performance is ________________ are displayed.
Check if relaying is denied for unauthorized domains
Symmetric Key
Organize data based on severity and asset value.
extremely slow and numerous antivirus alerts
49. With which of the following is RAID MOST concerned?
Integrity
Change Management System
Dumpster diving
Availability
50. Which of the following is a management control type?
Principle of least privilege
Vulnerability scanning
Protocol analyzer
Software as a Service (SaaS)
