SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following devices is used to optimize and distribute data workloads across multiple computers or networks?
Principle of least privilege
Load balancer
signing of a user agreement.
extremely slow and numerous antivirus alerts
2. Several staff members working in a datacenter have reported instances of tailgating. Which of the following could be implemented to prevent this security concern?
Mantraps
Spam filters
Symmetric Key
Spear phishing
3. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?
Data Encryption Standard (DES)
Buffer overflow
Segmentation of each wireless user from other wireless users
Footprinting
4. How a Trojan works: A user downloads a keygen to install pirated software. After running the keygen - system performance is ________________ are displayed.
quantitative risk assessment
Having the offsite location of tapes also be the hot siteservers
extremely slow and numerous antivirus alerts
Firewall rulesflow of network traffic at the edge of the network
5. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?
Footprinting
Cross-site scripting
User rights and permissions reviews
Pharming - Logic bomb
6. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?
To provide documentation as to who has handled the evidence
Validate input to remove hypertext
IPSec
Confidentiality
7. Which of the following should be enabled to ensure only certain wireless clients can access the network?
Humidity
Pharming - Logic bomb
MAC filtering
IKE
8. Which of the following is true concerning email message encryption by using S/MIME?
Cross-site scripting
Account disablement
Only the message data is encrypted
Algorithm
9. MAC filtering is a form of which of the following?
Spear phishing
Buffer overflow
Network Access Control
Accountability
10. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?
SNMP (also use to monitor the parameters of network devices)
WPA2-PSK
Organize data based on severity and asset value.
Rootkit
11. What fire suppression method should be used to extinguish an electrical fire in one of the racks in the server room?
Having the offsite location of tapes also be the hot siteservers
Gas
Judgment
The web site's public key.
12. When configuring multiple computers for RDP on the same wireless router it may be necessary to do which of the following?
Forward to different RDP listening ports.
Mandatory vacation
DoS
Vulnerability scanning
13. Which of the following is a detective security control?
PEAP-TLS
System A fails open. System B fails closed.
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
CCTV
14. You are designing a secure application environment. You need to ensure that data is kept as secure as possible. You need to select the strictest access control model. What access control model should you use?
MAC
Implement a change management strategy
EMI shielding
FTPS
15. Which of the following would provide the MOST reliable proof that a data center was accessed at a certain time of day?
Implicit deny
Mantraps
Video surveillance
Polymorphic
16. DRPs should contain which of the following?
IPSec
1433
Memory - network processes - and system processesserver. If the computer is powered off
Hierarchical list of critical systems
17. Two systems are being designed. System A has a high availability requirement. System B has a high security requirement with less emphasis on system uptime. Which of the following configurations BEST fits the need for each system?
Mantrap
System A fails open. System B fails closed.
content inspection.
Dumpster diving
18. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?
Organize data based on severity and asset value.
Symmetric
Buffer overflow
Loop protection
19. You discover that company confidential information is being encoded into graphics files and sent to a destination outside of the company. This is an example of what kind of cryptography?
Lets you minimize the attack surface relating to the application
Install a network-based IDS
Integrity and Authentication
Steganography
20. Which of the following attacks would password masking help mitigate?
The web site's public key.
Separation of duties
White box
Shoulder surfing
21. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?
SYN attacks
Visibility - Accessibility - Neighborhood crime rate
Block port 23 on the network firewall.
Disable unused ports
22. Which of the following allows a security administrator to set device traps?
Install a network-based IDS
Polymorphic
SNMP (also use to monitor the parameters of network devices)
Pharming - Logic bomb
23. Based on logs from file servers remote access systems - and IDS - a malicious insider was stealing data using a personal laptop while connected by VPN. The affected company wants access to the laptop to determine loss - but the insider's lawyer insis
content inspection.
MAC address
Steganography
ICMP
24. Which of the following should be performed on a computer to protect the operating system from malicious software?
The web site's private key.
Vulnerability scanning
NIDS
Disable unused services - Update HIPS signatures
25. Which of the following BEST describes the proper method and reason to implement port security?
DoS
mitigation - acceptance - transference
Vulnerability scanning
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
26. Which of the following is true regarding the WTLS protocol?
It is used to provide data encryption for WAP connections.
Principle of least privilege
Buffer overflow
A system that stops an attack in progress.
27. Your organization recently purchased several new laptop computers for employees. You're asked to encrypt the laptop's hard drives without purchasing any additional hardware. What would you use?
Rogue access points
TPM
1433
80 - 443
28. Which of the following is the BEST choice for encryption on a wireless network?
War driving
WPA2-PSK
Forward to different RDP listening ports.
MD5
29. Which of the following environmental variables reduces the potential for static discharges?
Humidity
Risk transference
Implement a change management strategy
Tailgating
30. Which of the following are the default ports for HTTP and HTTPS protocols?
Clustering
80 - 443
Decrease the power levels on the WAP
VLAN
31. Proper wireless antenna placement and radio power setting reduces the success of which of the following reconnaissance methods?
Principle of least privilege
Vulnerability scanning
War driving
Integrity
32. Data can potentially be stolen from a disk screen-lock protected - smartphone by which of the following?
Bluesnarfing
NOOP instructions
Protocol analyzer
Principle of least privilege
33. Which of the following is a security control that is lost when using cloud computing?
Risk assessmentproduct Answer: D
White box
NIDS
Physical control of the data
34. Which of the following attacks is NOT aimed at fragmentation vulnerabilities of the IP stack?
Mantrap
Smurf attack
Confidentiality
Shoulder surfing
35. Which of the following is MOST relevant to a buffer overflow attack?
TPM
Birthday - Full name
Vulnerability scanning
NOOP instructions
36. Which of the following functions is MOST likely performed by a web security gateway?
Phishing techniques
MAC
Implicit deny
Content filtering
37. In order to provide flexible working conditions a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access?
Firewall - VPN
mitigation - acceptance - transference
A system that stops an attack in progress.
Risk assessmentproduct Answer: D
38. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?
By masking the IP address of internal computers from the Internet
Privacy policy
The web site's public key.
Data Encryption Standard (DES)
39. An application log shows that the text 'test; rm -rf /etc/passwd' was entered into an HTML form. Which of the following describes the type of attack that was attempted?
signing of a user agreement.
Command injection
Install a network-based IDS
Forward to different RDP listening ports.
40. With which of the following is RAID MOST concerned?
Availability
Tailgating
Multi-factor authentication.
HSM
41. Which of the following is the BEST way to secure data for the purpose of retention?
Shielding
Integrity
Off-site backup
Mantrap
42. An existing application has never been assessed from a security perspective. Which of the following is the BEST assessment technique in order to identify the application's security posture?
MAC
Baseline reporting
Social Engineering attack
Change Management System
43. An administrator identifies a security issue on but does not attempt to exploit it. Which of the following describes what the administrator has done?
IPSec
Software as a Service (SaaS)
Hot and cold aisles
Vulnerability scan
44. Which of the following encryption algorithms can be used in PGP for data encryption?
1433
IDEA and TripleDes
Cross-site scripting
To provide documentation as to who has handled the evidence
45. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?
Polymorphic
SSH
Run the image through SHA256. Answer: D
Dumpster diving - Shoulder surfing
46. Which of the following is the MOST likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network?
Protocol analyzer
Risk transference
VLAN segregation
Botnet
47. Which of the following is the MOST secure method of utilizing FTP?
Vulnerability scan
FTPS
SSH
Mandatory vacations
48. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?
Judgment
Spear phishing
NIDS
IPv6
49. What principle requires that for a particular set of transactions - no one individual is solely responsible or allowed to execute the complete set?
signing of a user agreement.
Separation of duties
DNS spoofing
Confidentiality
50. Which of the following is MOST likely to be the last rule contained on any firewall?
extremely slow and numerous antivirus alerts
Run the image through SHA256. Answer: D
Implicit deny
Buffer overflow
