Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following can prevent an unauthorized employee from entering a data center?






2. Which of the following should be performed on a computer to protect the operating system from malicious software?






3. Which of the following logical controls does a flood guard protect against?






4. Used in conjunction which of the following are PII?






5. An administrator who wishes to block all database ports at the firewall should include which of the following ports in the block list?






6. Which of the following devices BEST allows a security administrator to identify malicious activity after it has occurred?






7. Which of the following describes a passive attempt to identify weaknesses?






8. Which of the following is the MAIN reason to require data labeling?






9. Which of the following threats corresponds with an attacker targeting specific employees of a company?






10. Which of the following malware types is an antivirus scanner MOST unlikely to discover?






11. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?






12. Which of the following should be enabled to ensure only certain wireless clients can access the network?






13. What fire suppression method should be used to extinguish an electrical fire in one of the racks in the server room?






14. Proper wireless antenna placement and radio power setting reduces the success of which of the following reconnaissance methods?






15. In order to provide flexible working conditions a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access?






16. You want to setup a secure method of sending and receiving email. Which two of the following protocols can be used for this purpose?






17. Which of the following tools provides the ability to determine if an application is transmitting a password in clear-text?






18. Data can potentially be stolen from a disk screen-lock protected - smartphone by which of the following?






19. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin






20. Which of the following is used when performing a quantitative risk analysis?






21. Separating of duties is valuable in deterring?






22. An IT administrator wants to provide 250 staff with secure remote access to the corporate network. Which of the following BEST achieves this requirement?






23. During the analysis of malicious code a security analyst discovers JavaScript being used to send random data to another service on the same system. This is MOST likely an example of which of the following?






24. Based on logs from file servers remote access systems - and IDS - a malicious insider was stealing data using a personal laptop while connected by VPN. The affected company wants access to the laptop to determine loss - but the insider's lawyer insis






25. Which of the following is MOST likely to be the last rule contained on any firewall?






26. Which of the following is used when performing a qualitative risk analysis?






27. Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems the users are still reporting issues of data being corrupt. Which of the following assessment techniques need to be performed to






28. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?






29. What types of encryption are used for adding a digital signature to a message?






30. Instead of giving a security administrator full the administrator is given rights only to review logs and update security related network devices. Additional rights are handed out to network administrators for the areas that fall within their job des






31. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?






32. Which of the following includes a photo and can be used for identification?






33. Which of the following is a best practice when securing a switch from physical access?






34. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?






35. The server log shows 25 SSH login sessions it is a large company and the administrator does not know if this is normal behavior or if the network is under attack. Where should the administrator look to determine if this is normal behavior?






36. Which of the following is another name for a malicious attacker?






37. What allows for all activities on a network or system to be traced to the user who performed them?






38. Which of the following are important physical security considerations when choosing a location for a new remote branch office?






39. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?






40. A user receives an automated call which appears to be from their bank. The automated recording provides details about the bank's privacy policy security policy and requests that the user clearly state their name - birthday and enter the banking detai






41. You need to advise a new wiring system for a company with several locations partly open to the public. A primary requirement is to make tapping into the network as difficult as possible. Which of the following cable types should you advice?






42. Network users whose computers are running Windows7 complain that the extra windows that appear when they browse the Internet are becoming a nuisance. You need to minimize how often these windows appear. What should you do?






43. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?






44. A security firm has been engaged to assess a software application. A production-like test environment login details - production documentation and source code have been provided. Which of the following types of testing is being described?






45. Which of the following would provide the MOST reliable proof that a data center was accessed at a certain time of day?






46. What asymmetric key is used to encrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


47. Upper management decides which risk to mitigate based on cost. This is an example of:






48. Which of the following are accomplished when a message is digitally signed?






49. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?






50. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?