SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?
DES
Principle of least privilege
Block port 23 on the network firewall.
Vulnerability scanner
2. Which of the following is true regarding the WTLS protocol?
MAC address
It is used to provide data encryption for WAP connections.
Buffer overflow
DMZ
3. When configuring multiple computers for RDP on the same wireless router it may be necessary to do which of the following?
Mandatory vacation
Social Engineering attack
Forward to different RDP listening ports.
Fault tolerance
4. Which of the following BEST describes the proper method and reason to implement port security?
ARP poisoning
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
Social Engineering attack
User rights and permissions reviews
5. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?
Shoulder surfing
Cross-site scripting
Multi-factor authentication.
The user's PC is missing the authentication agent.
6. Which of the following logical controls does a flood guard protect against?
Data Encryption Standard (DES)
Provider cloud
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
SYN attacks
7. Which of the following describes when forensic hashing should occur on a drive?
The server is missing the default gateway.
Before and after the imaging process and then hash the forensic image
IPv6
Steganography
8. Which of the following risks may result from improper use of social networking and P2P software?
Implement a change management strategy
Information disclosure
smurf attacks
TPM
9. Data can potentially be stolen from a disk screen-lock protected - smartphone by which of the following?
MD5
Bluesnarfing
The new access point was mis-configured and is interfering with another nearby access point.
Firewall rulesflow of network traffic at the edge of the network
10. A security firm has been engaged to assess a software application. A production-like test environment login details - production documentation and source code have been provided. Which of the following types of testing is being described?
White box
Having the offsite location of tapes also be the hot siteservers
Steganography
WPA2
11. Which of the following manages peer authentication and key exchange for an IPSec connection?
Security guard - Proximity reader
IKE
MAC filtering
War driving
12. A security administrator with full administrative rights on the network is forced to temporarily take time off of their duties. Which of the following describes this form of access control?
Data Encryption Standard (DES)
A worm is self-replicating
Check if relaying is denied for unauthorized domains
Mandatory vacation
13. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?
IPSec
Confidentiality - Availability
Ensure a proper chain of custody
Business impact analysis
14. The security administrator is getting reports from users that they are accessing certain websites and are unable to download anything off of those sites. The security administrator is also receiving several alarms from the IDS about suspicious traffi
AC filtering - Disabled SSID broadcast
Information disclosure
Software as a Service
NIPS is blocking activities from those specific websites.
15. Which of the following devices would allow a technician to view IP headers on a data packet?
Protocol analyzer
Privacy policy
Having the offsite location of tapes also be the hot siteservers
Configure the IE popup blockers
16. Which of the following protocols requires the use of a CA based authentication process?
VLAN
PEAP-TLS
Hardware RAID 5 - Software RAID 1
Protocol analyzer
17. Which of the following reduces the likelihood of a single point of failure when a server fails?
Video surveillance
Clustering
Polymorphic
Loop protection
18. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?
Multi-factor authentication.
PEAP-TLS
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
Blind FTP
19. Which of the following is BEST used to prevent ARP poisoning attacks across a network?
Risk assessmentproduct Answer: D
PEAP-TLS
VLAN segregation
Visibility - Accessibility - Neighborhood crime rate
20. Which of the following devices is used to optimize and distribute data workloads across multiple computers or networks?
Decrease the power levels on the WAP
Mantrap
Botnet
Load balancer
21. Your daily bandwidth monitoring report of your Internet connection shows an excessive amount of outgoing traffic on port 25. You have seen peaks in the reports before but this report shows many peaks outside office times. What should you do?
Check if relaying is denied for unauthorized domains
Principle of least privilege
Tailgating
25
22. Which of the following is the MOST likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network?
Whaling
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
Botnet
TLS
23. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?
Hierarchical list of critical systems
Blind FTP
System A fails open. System B fails closed.
DoS
24. You want to improve security for remote administration to several Linux web servers on the Internet. The data as well as the authentication process needs to be encrypted. Which of the following should you do?
Multi-factor authentication.
se file servers attached to an NAS system.
WPA2
Use SSH to connect to the Linux shell
25. Which of the following is a management control type?
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
Buffer overflow
Vulnerability scanning
Hot and cold aisles
26. Network users whose computers are running Windows7 complain that the extra windows that appear when they browse the Internet are becoming a nuisance. You need to minimize how often these windows appear. What should you do?
Smurf attack
Configure the IE popup blockers
Forward to different RDP listening ports.
22
27. A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?
Run the image through SHA256. Answer: D
VLAN segregation
Forward to different RDP listening ports.
Implicit deny
28. What asymmetric key is used to encrypt when using HTTPS?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
29. Which of the following is true concerning email message encryption by using S/MIME?
The PC has become part of a botnet.
Provider cloud
1433
Only the message data is encrypted
30. Based on logs from file servers remote access systems - and IDS - a malicious insider was stealing data using a personal laptop while connected by VPN. The affected company wants access to the laptop to determine loss - but the insider's lawyer insis
MAC address
Software as a Service (SaaS)
Confidentiality
Disable unused services - Update HIPS signatures
31. In which of the following locations would a forensic analyst look to find a hooked process?
S/MIME PGP
Logic Bomb
SYN attacks
BIOS
32. Your organization recently purchased several new laptop computers for employees. You're asked to encrypt the laptop's hard drives without purchasing any additional hardware. What would you use?
Cross-site scripting
ARP poisoning
TPM
Mantrap
33. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?
Logic Bomb
Hardware RAID 5 - Software RAID 1
Rogue access point
Visibility - Accessibility - Neighborhood crime rate
34. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
Forward to different RDP listening ports.
FTPS
Dumpster diving - Shoulder surfing
35. You want to setup a secure method of sending and receiving email. Which two of the following protocols can be used for this purpose?
S/MIME PGP
Symmetric
Confidentiality - Availability
It is used to provide data encryption for WAP connections.
36. A security administrator is tasked with revoking the access of a terminated employee. Which of the following account policies MUST be enacted to ensure the employee no longer has access to the network?
VLAN
Firewall rulesflow of network traffic at the edge of the network
WPA Enterprise
Account disablement
37. Which of the following are accomplished when a message is digitally signed?
Only the message data is encrypted
Vishing
Integrity and Authentication
Vulnerability scanner
38. An existing application has never been assessed from a security perspective. Which of the following is the BEST assessment technique in order to identify the application's security posture?
Video surveillance
Trojans
ICMP
Baseline reporting
39. Which of the following concepts ensures that the data is only viewable to authorized users?
Confidentiality
1433
DMZ
WPA2-PSK
40. A security administrator wants to know which systems are more susceptible to an attack compared to other systems on the network. Which of the following assessment tools would be MOST effective?
The new access point was mis-configured and is interfering with another nearby access point.
IPSec
Vulnerability scanner
Footprinting
41. In order to provide flexible working conditions a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access?
Social Engineering attack
It is used to provide data encryption for WAP connections.
Fault tolerance
Firewall - VPN
42. Which of the following should be installed to prevent employees from receiving unsolicited emails?
Block port 23 on the network firewall.
Spam filters
Whaling
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
43. Several staff members working in a datacenter have reported instances of tailgating. Which of the following could be implemented to prevent this security concern?
IDEA and TripleDes
Mantraps
The user's PC is missing the authentication agent.
Spam filters
44. Which of the following attacks would password masking help mitigate?
The development team is transferring data to test systems using SFTP and SCP.
Shoulder surfing
Virtual servers have the same information security requirements as physical servers.
Symmetric Key
45. In order to ensure high availability of all critical backups of the main data center are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in
Steganography
Having the offsite location of tapes also be the hot siteservers
Change Management System
A system that stops an attack in progress.
46. Which of the following is an unauthorized wireless router that allows access to a secure network?
Rogue access point
Integrity
WPA2
Off-site backup
47. During the analysis of malicious code a security analyst discovers JavaScript being used to send random data to another service on the same system. This is MOST likely an example of which of the following?
Buffer overflow
Business impact analysis
Command injection
NOOP instructions
48. What asymmetric key is used to decrypt when using HTTPS?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
49. A visitor plugs their laptop into the network and receives a warning about their antivirus being out of-date along with various patches that are missing. The visitor is unable to access the Internet or any network resources. Which of the following is
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
TLS
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
Separation of duties
50. Which of the following should a security administrator implement to prevent users from disrupting network connectivity if a user connects both ends of a network cable to different switch ports?
Integrity
EMI shielding
Evil twin
Loop protection
