Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. On-going annual awareness security training should be coupled with:..






2. Which of the following includes a photo and can be used for identification?






3. Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?






4. Which of the following is an unauthorized wireless router that allows access to a secure network?






5. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?






6. Which of the following is used when performing a quantitative risk analysis?






7. What allows for all activities on a network or system to be traced to the user who performed them?






8. Which of the following encryption algorithms can be used in PGP for data encryption?






9. What principle dictates that a user is given no more privilege necessary than that required to preform his/her job?






10. Logs from an IDS show that a computer has been compromised with a botnet and is actively communicating with a command and control which of the following data types will be unavailable for later investigation?






11. A technician needs to limit the wireless signal from reaching outside of a building. Which of the following actions should the technician take?






12. Which of the following is MOST likely to be the last rule contained on any firewall?






13. Which of the following would be implemented to allow access to services while segmenting access to the internal network?






14. A critical system in the datacenter is not connected to a UPS. The security administrator has coordinated an authorized service interruption to resolve this issue. This is an example of which of the following?






15. Which of the following risks may result from improper use of social networking and P2P software?






16. Which of the following manages peer authentication and key exchange for an IPSec connection?






17. You are designing a Web-based application. You design the application so that it runs under a security context that allows only those privileges required for the application to run to minimize risk in the event of an attack. This is an example of whi






18. A bulk update process fails and writes incorrect data throughout the database. Which of the following concepts describes what has been compromised?






19. Which of the following would allow traffic to be redirected through a malicious machine by sending false hardware address updates to a switch?






20. Your company wants a new web server that can be accessed both by users on your internal network and by users on the Internet. You advice the company to locate the server behind the corporate firewall so it can enjoy similar protection as the internal






21. By default which of the following stops network traffic when the traffic is not identified in the firewall ruleset?






22. A remote office is reporting they are unable to access any of the network resources from the main office. The security administrator realizes the error and corrects it. The administrator then tries to ping the router at the remote office and receives






23. What is the advantage of using application virtualization?






24. Which of the following threats corresponds with an attacker targeting specific employees of a company?






25. Which of the following is used for exchanging secret keys over an insecure public network?






26. Proper wireless antenna placement and radio power setting reduces the success of which of the following reconnaissance methods?






27. Upper management decides which risk to mitigate based on cost. This is an example of:






28. Which of the following is an example of allowing another user physical access to a secured area without validation of their credentials?






29. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?






30. Which of the following BEST describes the proper method and reason to implement port security?






31. Which of the following environmental variables reduces the potential for static discharges?






32. Which of the following concepts ensures that the data is only viewable to authorized users?






33. Which of the following BEST explains the security benefit of a standardized server image?






34. When configuring multiple computers for RDP on the same wireless router it may be necessary to do which of the following?






35. Which of the following devices would allow a technician to view IP headers on a data packet?






36. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?






37. DRPs should contain which of the following?






38. Which of the following devices is often used to cache and filter content?






39. Which of the following should be considered when trying to prevent somebody from capturing network traffic?






40. Data can potentially be stolen from a disk screen-lock protected - smartphone by which of the following?






41. A security firm has been engaged to assess a software application. A production-like test environment login details - production documentation and source code have been provided. Which of the following types of testing is being described?






42. An IT administrator wants to provide 250 staff with secure remote access to the corporate network. Which of the following BEST achieves this requirement?






43. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?






44. An existing application has never been assessed from a security perspective. Which of the following is the BEST assessment technique in order to identify the application's security posture?






45. Which of the following is a method to prevent ad-hoc configuration mistakes?






46. For which of the following is centralized key management most complicated?






47. A set of instructions normally implemented on a computer system as a procedure to manipulate data is called a(n)?






48. Due to sensitive data concerns a security administrator has enacted a policy preventing the use of flash drives. Additionally - which of the following can the administrator implement to reduce the risk of data leakage?






49. Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?






50. What asymmetric key is used to encrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183