Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?






2. Which of the following is the BEST way to secure data for the purpose of retention?






3. Which of the following assists in identifying if a system was properly handled during transport?






4. Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?






5. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?






6. Performing routine security audits is a form of which of the following controls?






7. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?






8. Which of the following environmental variables reduces the potential for static discharges?






9. What are typical elements of authentication as part of physical access controls?






10. Which of the following is the MOST likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network?






11. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?






12. While browsing the Internet an administrator notices their browser behaves erratically - appears to download something - and then crashes. Upon restarting the PC - the administrator notices performance is extremely slow and there are hundreds of outb






13. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?






14. Which of the following is BEST used to prevent ARP poisoning attacks across a network?






15. Which of the following authentication protocols utilizes the MD4 hashing algorithm?






16. A company that purchases insurance to reduce risk is an example of which of the following?






17. Which of the following may cause a user connected to a NAC-enabled network - to not be prompted for credentials?


18. Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?






19. You discover that company confidential information is being encoded into graphics files and sent to a destination outside of the company. This is an example of what kind of cryptography?






20. User in your department complain about a slow Internet connection. You monitor the external interface of your company's border router and notice a huge mount of half-open TCP connections. What type of attack is your company currently a victim of?






21. You are looking for ways to protect data on a network. Your solution should: Provide for easy backup of all user data.






22. Which of the following would provide the MOST reliable proof that a data center was accessed at a certain time of day?






23. Which of the following is another name for a malicious attacker?






24. What principle requires that for a particular set of transactions - no one individual is solely responsible or allowed to execute the complete set?






25. An application log shows that the text 'test; rm -rf /etc/passwd' was entered into an HTML form. Which of the following describes the type of attack that was attempted?






26. A network administrator is implementing a network addressing scheme that uses a long string of both numbers and alphanumeric characters to create addressing options and avoid duplicates. Which of the following describes a protocol built for this purp






27. Which of the following is the default rule found in a corporate firewall's access control list?






28. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?






29. Which of the following should a security administrator implement to prevent users from disrupting network connectivity if a user connects both ends of a network cable to different switch ports?






30. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?






31. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of






32. You need to advise a new wiring system for a company with several locations partly open to the public. A primary requirement is to make tapping into the network as difficult as possible. Which of the following cable types should you advice?






33. What asymmetric key is used to decrypt when using HTTPS?


34. What port does the Domain Name Service (DNS) use by default?






35. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin






36. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?






37. Which of the following attacks would password masking help mitigate?






38. Users in your network are able to assign permissions to their own shared resources. Which of the following access control models is used in your network?






39. How a Trojan works: A user downloads a keygen to install pirated software. After running the keygen - system performance is ________________ are displayed.






40. Which of the following ports would a security administrator block if the administrator wanted to stop users from accessing outside SMTP services?






41. Risk can be managed in the following ways...






42. Which of the following is not an asymmetric system?






43. Which of the following is an unauthorized wireless router that allows access to a secure network?






44. Which of the following should be enabled to ensure only certain wireless clients can access the network?






45. A security administrator performs several war driving routes each month and recently has noticed a certain area with a large number of unauthorized devices. Which of the following attack types is MOST likely occurring?






46. MAC filtering is a form of which of the following?






47. Which solution should you use?






48. Which of the following describes when forensic hashing should occur on a drive?






49. Which of the following should NOT be used with username/password authentication?






50. Actively monitoring data streams in search of malicious code or behavior is an example of..