Test your basic knowledge |

Comptia Security + Exam

Subjects : certifications, comptia-security-+, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Which of the following describes when forensic hashing should occur on a drive?
signing of a user agreement.
Lets you minimize the attack surface relating to the application
Initial vector
Before and after the imaging process and then hash the forensic image

2. A visitor plugs their laptop into the network and receives a warning about their antivirus being out of-date along with various patches that are missing. The visitor is unable to access the Internet or any network resources. Which of the following is
DMZ
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
MD5
Power levels

3. A user reports that their 802.11n capable interface connects and disconnects frequently to an access point that was recently installed. The user has a Bluetooth enabled laptop. A company in the next building had their wireless network breached last m
Only the message data is encrypted
The new access point was mis-configured and is interfering with another nearby access point.
Logic Bomb
TCP SYN flood attack

4. An administrator is taking an image of a server and converting it to a virtual instance. Which of the following BEST describes the information security requirements of a virtualized server?
WPA2-PSK
NIPS is blocking activities from those specific websites.
Virtual servers have the same information security requirements as physical servers.
Integrity

5. Which of the following is a technique designed to obtain information from a specific person?
Chain of custody
IPSec
Shoulder surfing
Spear phishing

6. Which of the following is NOT an application layer security protocol?
Spear phishing
IPSec
Separation of duties
Hot and cold aisles

7. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?
Software as a Service (SaaS)
MAC
signing of a user agreement.
Footprinting

8. The 802.11i standard specifies support for which encryption algorithms?
Enact a policy banning users from bringing in personal music devices.
HSM
Fault tolerance
AES and TKIP

9. Which of the following are the default ports for HTTP and HTTPS protocols?
Enact a policy banning users from bringing in personal music devices.
Integrity and Authentication
Symmetric
80 - 443

10. Which of the following are important physical security considerations when choosing a location for a new remote branch office?
Confidentiality - Availability
Visibility - Accessibility - Neighborhood crime rate
Accountability
Mantrap

11. The security administrator notices a number of TCP connections from the development department to the test network segregation. Large volumes of data are being transmitted between the two networks only on port 22. Which of the following is MOST likel
Fault tolerance
S/MIME PGP
The development team is transferring data to test systems using SFTP and SCP.
DNS spoofing

12. Which of the following should be enabled to ensure only certain wireless clients can access the network?
Ensure a proper chain of custody
Privacy policy
MAC filtering
Cross-site scripting

13. Due to sensitive data concerns a security administrator has enacted a policy preventing the use of flash drives. Additionally - which of the following can the administrator implement to reduce the risk of data leakage?
Pharming - Logic bomb
VPN concentrator
Enact a policy banning users from bringing in personal music devices.
Rootkit

14. Which of the following devices is often used to cache and filter content?
Proxies
Clustering
Change Management System
ACLs

15. Which of the following would allow traffic to be redirected through a malicious machine by sending false hardware address updates to a switch?
Visibility - Accessibility - Neighborhood crime rate
SYN attacks
Judgment
ARP poisoning

16. MAC filtering is a form of which of the following?
Vulnerability scan
Network Access Control
SSH
WPA Enterprise

17. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?
BIOS
Hot and cold aisles
WPA Enterprise
Man-in-the-middle

18. You want to setup a secure method of sending and receiving email. Which two of the following protocols can be used for this purpose?
NIDS
S/MIME PGP
Command injection
IKE

19. A technician needs to limit the wireless signal from reaching outside of a building. Which of the following actions should the technician take?
IPv6
To ensure that staff understands what data they are handling and processing
VLAN
Decrease the power levels on the WAP

20. What fire suppression method should be used to extinguish an electrical fire in one of the racks in the server room?
Mantrap
Gas
Integrity and Authentication
Baseline reporting

21. Which of the following reduces the likelihood of a single point of failure when a server fails?
Clustering
AC filtering - Disabled SSID broadcast
Separation of duties
Evil twin

22. A set of instructions normally implemented on a computer system as a procedure to manipulate data is called a(n)?
Algorithm
Having the offsite location of tapes also be the hot siteservers
The remote router has ICMP blocked.
S/MIME PGP

23. Which of the following is a management control type?
Bluesnarfing
Risk transference
Determine the potential monetary costs related to a threat
Vulnerability scanning

24. Performing routine security audits is a form of which of the following controls?
Vishing
Detective
MAC
DMZ

25. Risk can be managed in the following ways...
MAC filtering
mitigation - acceptance - transference
Symmetric Key
Birthday - Full name

26. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?
DoS
Vulnerability scanner
Whaling
Proxies

27. Which of the following BEST describes the proper method and reason to implement port security?
Multi-factor authentication.
Privilege escalation
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
Rootkit

28. Which of the following is used when performing a qualitative risk analysis?
extremely slow and numerous antivirus alerts
Judgment
The user's PC is missing the authentication agent.
Network Access Control

29. Which of the following is not an asymmetric system?
Polymorphic
CCTV
DES
Only the message data is encrypted

30. A rogue access point with the same SSID as the production wireless network is found. Which of the following BEST describes this attack?
To provide documentation as to who has handled the evidence
Trojans
Diffie-Hellman
Evil twin

31. On-going annual awareness security training should be coupled with:..
signing of a user agreement.
Buffer overflow
IKE
se file servers attached to an NAS system.

32. Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?
ICMP
A system that stops an attack in progress.
Determine the potential monetary costs related to a threat
Mantrap

33. A new enterprise solution is currently being evaluated due to its potential to increase the company's profit margins. The security administrator has been asked to review its security implications. While evaluating the various vulnerability scans were
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
TPM
Risk assessmentproduct Answer: D
Fault tolerance

34. Which of the following includes a photo and can be used for identification?
CAC
Social Engineering attack
80 - 443
A system that stops an attack in progress.

35. Which of the following is specific to a buffer overflow attack?
SYN attacks
Initial vector
IPv6
Blind FTP

36. In which of the following locations would a forensic analyst look to find a hooked process?
BIOS
Change Management System
The web site's private key.
Physical control of the data

37. Which of the following port numbers is used for SCP by default?
22
Software as a Service
Risk transference
MAC

38. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?
HSM
By masking the IP address of internal computers from the Internet
MAC filtering
Only the message data is encrypted

39. Which of the following devices is used to optimize and distribute data workloads across multiple computers or networks?
TPM
Load balancer
Install a network-based IDS
Diffie-Hellman

40. A company that purchases insurance to reduce risk is an example of which of the following?
Enact a policy banning users from bringing in personal music devices.
Man-in-the-middle
Risk transference
The web site's private key.

41. Which of the following is a reason to perform user awareness and training?
To minimize the organizational risk posed by users
The remote router has ICMP blocked.
Software as a Service
Protocol analyzer

42. Your daily bandwidth monitoring report of your Internet connection shows an excessive amount of outgoing traffic on port 25. You have seen peaks in the reports before but this report shows many peaks outside office times. What should you do?
DES
Least privilege
Check if relaying is denied for unauthorized domains
MAC

43. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
Mantrap
Determine open ports
Account disablement

44. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?
Phishing techniques
Integrity
Clean desk policy
ACLs

45. Actively monitoring data streams in search of malicious code or behavior is an example of..
content inspection.
The web site's public key.
Principle of least privilege
Visibility - Accessibility - Neighborhood crime rate

46. What key is used to encrypt an HTTPS session?
Fiber optic
Man-in-the-middle
Account disablement
Symmetric

47. When configuring multiple computers for RDP on the same wireless router it may be necessary to do which of the following?
Forward to different RDP listening ports.
Enact a policy banning users from bringing in personal music devices.
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
Principle of least privilege

48. What port does the Domain Name Service (DNS) use by default?
53
Vulnerability scan
TLS
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.

49. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?
22
NIPS is blocking activities from those specific websites.
Mantrap
Implicit deny

50. Which of the following is BEST used to prevent ARP poisoning attacks across a network?
IDEA and TripleDes
Botnet
VLAN segregation
Forward to different RDP listening ports.

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

Comptia Security + Exam

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests