SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A web application has been found to be vulnerable to a SQL injection attack. Which of the following BEST describes the required remediation action?
Add input validation to forms.
CAC
Proxies
Loop protection
2. What can you prevent when you deploy wireless devices inside a TEMPEST-certified building?
ACLs
Dumpster diving
War driving
It is used to provide data encryption for WAP connections.
3. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?
53
Confidentiality - Availability
SNMP (also use to monitor the parameters of network devices)
25
4. By default which of the following stops network traffic when the traffic is not identified in the firewall ruleset?
Software as a Service (SaaS)
Symmetric Key
Physical control of the data
Implicit deny
5. Which of the following is used for exchanging secret keys over an insecure public network?
Diffie-Hellman
Privacy policy
War driving
Risk assessmentproduct Answer: D
6. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?
80 - 443
Tailgating
Privacy policy
TPM
7. MAC filtering is a form of which of the following?
Provider cloud
Network Access Control
The server is missing the default gateway.
Implicit deny
8. On-going annual awareness security training should be coupled with:..
NIPS is blocking activities from those specific websites.
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
signing of a user agreement.
Spam filters
9. What port does the Domain Name Service (DNS) use by default?
53
SNMP (also use to monitor the parameters of network devices)
Change Management System
Validate input to remove hypertext
10. Which of the following is used when performing a quantitative risk analysis?
Check if relaying is denied for unauthorized domains
Availability
IDS
Asset value
11. Which of the following BEST describes the proper method and reason to implement port security?
DMZ
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
DMZ
Confidentiality - Availability
12. Two systems are being designed. System A has a high availability requirement. System B has a high security requirement with less emphasis on system uptime. Which of the following configurations BEST fits the need for each system?
Information disclosure
Mantraps
System A fails open. System B fails closed.
Baseline reporting
13. Which of the following should NOT be used with username/password authentication?
Change Management System
Data Encryption Standard (DES)
Buffer overflow
Cognitive passwords
14. Which of the following uses TCP port 22 by default?
ICMP
Privacy policy
CAC
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
15. The 802.11i standard specifies support for which encryption algorithms?
Vulnerability scanner
Integrity and Authentication
Shoulder surfing
AES and TKIP
16. Which of the following threats corresponds with an attacker targeting specific employees of a company?
Spear phishing
Chain of custody
Implicit deny
A system that stops an attack in progress.
17. Which of the following malware types is MOST commonly installed through the use of thumb drives to compromise systems and provide unauthorized access?
Disable unused services - Update HIPS signatures
Vishing
Cross-site scripting
Trojans
18. Which of the following describes the purpose of chain of custody as applied to forensic image retention?
Validate input to remove hypertext
To provide documentation as to who has handled the evidence
White box
Organize data based on severity and asset value.
19. Which of the following is a technique designed to obtain information from a specific person?
Check if relaying is denied for unauthorized domains
mitigation - acceptance - transference
Spear phishing
Mandated security configurations have been made to the operating system.
20. How a Trojan works: A user downloads a keygen to install pirated software. After running the keygen - system performance is ________________ are displayed.
Symmetric Key
Implicit deny
Fault tolerance
extremely slow and numerous antivirus alerts
21. Which solution should you use?
Implement a change management strategy
se file servers attached to an NAS system.
IPSec
Hardware RAID 5 - Software RAID 1
22. Which of the following would be implemented to allow access to services while segmenting access to the internal network?
DMZ
Spear phishing
Platform as a Service
Determine open ports
23. Which of the following environmental controls would BEST be used to regulate cooling within a datacenter?
Run the image through SHA256. Answer: D
Hot and cold aisles
Having the offsite location of tapes also be the hot siteservers
Principle of least privilege
24. You discover that company confidential information is being encoded into graphics files and sent to a destination outside of the company. This is an example of what kind of cryptography?
By masking the IP address of internal computers from the Internet
TPM
DAC
Steganography
25. Actively monitoring data streams in search of malicious code or behavior is an example of..
To minimize the organizational risk posed by users
Clustering
Fault tolerance
content inspection.
26. What principle dictates that a user is given no more privilege necessary than that required to preform his/her job?
Principle of least privilege
DoS
Disable unused services - Update HIPS signatures
Polymorphic
27. You want to improve security for remote administration to several Linux web servers on the Internet. The data as well as the authentication process needs to be encrypted. Which of the following should you do?
Use SSH to connect to the Linux shell
25
PEAP-TLS
extremely slow and numerous antivirus alerts
28. Which of the following MUST a programmer implement to prevent cross-site scripting?
Spam filters
Validate input to remove hypertext
ID badges
Fraud
29. A programmer allocates 16 bytes for a string but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?
Content filtering
Memory - network processes - and system processesserver. If the computer is powered off
Buffer overflow
Fiber optic
30. Which of the following is MOST likely to be the last rule contained on any firewall?
Implicit deny
Separation of duties
Steganography
DMZ
31. Which of the following malware types is an antivirus scanner MOST unlikely to discover?
The new access point was mis-configured and is interfering with another nearby access point.
Vulnerability scanner
Pharming - Logic bomb
MAC filtering
32. Which of the following concepts ensures that the data is only viewable to authorized users?
DNS spoofing
Confidentiality
PEAP-TLS
Smurf attack
33. Which of the following describes a passive attempt to identify weaknesses?
Mandatory vacation
Cross-site scripting
IKE
Vulnerability scanning
34. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of
Polymorphic
ARP poisoning
ACLs
SSL
35. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?
HSM
Integrity and Authentication
Vishing
Only the message data is encrypted
36. A remote office is reporting they are unable to access any of the network resources from the main office. The security administrator realizes the error and corrects it. The administrator then tries to ping the router at the remote office and receives
Trojans
The remote router has ICMP blocked.
War driving
Diffie-Hellman
37. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?
Hierarchical list of critical systems
NIDS
Polymorphic
Black hat
38. What is the advantage of using application virtualization?
ACLs
Lets you minimize the attack surface relating to the application
Buffer overflow
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
39. Which of the following is the MOST secure method of utilizing FTP?
Vulnerability scanning
EMI shielding
FTPS
TPM
40. Which of the following attacks is NOT aimed at fragmentation vulnerabilities of the IP stack?
Mandatory vacations
By masking the IP address of internal computers from the Internet
EMI shielding
Smurf attack
41. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?
Virtual servers have the same information security requirements as physical servers.
Mantrap
Blind FTP
Ensure a proper chain of custody
42. Which of the following should be installed to prevent employees from receiving unsolicited emails?
Determine open ports
Spam filters
Memory - network processes - and system processesserver. If the computer is powered off
Use SSH to connect to the Linux shell
43. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?
CCTV
Implicit deny
Cross-site scripting
FTPS
44. Which of the following can prevent an unauthorized employee from entering a data center?
Network Access Control
Disable unused ports
Botnet
Security guard - Proximity reader
45. You are designing a secure application environment. You need to ensure that data is kept as secure as possible. You need to select the strictest access control model. What access control model should you use?
mitigation - acceptance - transference
MAC
Privacy policy
Blind FTP
46. Which of the following devices would allow a technician to view IP headers on a data packet?
Disable unused ports
VPN concentrator
Protocol analyzer
Mandated security configurations have been made to the operating system.
47. In order to ensure high availability of all critical backups of the main data center are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in
Virtual servers have the same information security requirements as physical servers.
Having the offsite location of tapes also be the hot siteservers
CAC
Hierarchical list of critical systems
48. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?
extremely slow and numerous antivirus alerts
SSL
Polymorphic
IPSec
49. Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?
Blind FTP
Firewall - VPN
Integrity and Authentication
AC filtering - Disabled SSID broadcast
50. Which of the following is a best practice to identify fraud from an employee in a sensitive position?
Proxies
Firewall - VPN
Mandatory vacations
Vulnerability scan
