Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?






2. Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?






3. A network administrator is implementing a network addressing scheme that uses a long string of both numbers and alphanumeric characters to create addressing options and avoid duplicates. Which of the following describes a protocol built for this purp






4. During the analysis of malicious code a security analyst discovers JavaScript being used to send random data to another service on the same system. This is MOST likely an example of which of the following?






5. Which of the following is the BEST way to secure data for the purpose of retention?






6. Which of the following is used when performing a qualitative risk analysis?






7. Which of the following functions is MOST likely performed by a web security gateway?






8. What asymmetric key is used to encrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


9. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?






10. Performing routine security audits is a form of which of the following controls?






11. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin






12. A security administrator with full administrative rights on the network is forced to temporarily take time off of their duties. Which of the following describes this form of access control?






13. You discover that company confidential information is being encoded into graphics files and sent to a destination outside of the company. This is an example of what kind of cryptography?






14. Which of the following secure protocols is MOST commonly used to remotely administer Unix/Linux systems?






15. Which of the following ports would a security administrator block if the administrator wanted to stop users from accessing outside SMTP services?






16. You want to setup a secure method of sending and receiving email. Which two of the following protocols can be used for this purpose?






17. Which of the following are the default ports for HTTP and HTTPS protocols?






18. Proper wireless antenna placement and radio power setting reduces the success of which of the following reconnaissance methods?






19. Webmail is classified under which of the following cloud-based technologies?






20. An administrator who wishes to block all database ports at the firewall should include which of the following ports in the block list?






21. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?






22. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?






23. A security firm has been engaged to assess a software application. A production-like test environment login details - production documentation and source code have been provided. Which of the following types of testing is being described?






24. An existing application has never been assessed from a security perspective. Which of the following is the BEST assessment technique in order to identify the application's security posture?






25. A security administrator wants to know which systems are more susceptible to an attack compared to other systems on the network. Which of the following assessment tools would be MOST effective?






26. While browsing the Internet an administrator notices their browser behaves erratically - appears to download something - and then crashes. Upon restarting the PC - the administrator notices performance is extremely slow and there are hundreds of outb






27. Which of the following is the MOST secure method of utilizing FTP?






28. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?






29. Which of the following is a best practice when securing a switch from physical access?






30. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?






31. Which of the following assists in identifying if a system was properly handled during transport?






32. Which of the following is the BEST choice for encryption on a wireless network?






33. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?






34. Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration?






35. A set of instructions normally implemented on a computer system as a procedure to manipulate data is called a(n)?






36. Which of the following encryption algorithms can be used in PGP for data encryption?






37. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?






38. Which of the following would need to be configured correctly to allow remote access to the network?






39. You have several computers that use the NTLM authentication protocol for client authentication. Network policy requires user passwords with at least 16 characters. What hash algorithm is used for password authentication?






40. Your organization recently purchased several new laptop computers for employees. You're asked to encrypt the laptop's hard drives without purchasing any additional hardware. What would you use?






41. In order to ensure high availability of all critical backups of the main data center are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in






42. Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems the users are still reporting issues of data being corrupt. Which of the following assessment techniques need to be performed to






43. What is the term used to describe the type of FTP access in which the user does not have permissions to list the content of directories but can access the contents if he knows the path and file name?






44. Which of the following is an example of allowing another user physical access to a secured area without validation of their credentials?






45. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?






46. An administrator is taking an image of a server and converting it to a virtual instance. Which of the following BEST describes the information security requirements of a virtualized server?






47. Which of the following BEST explains the security benefit of a standardized server image?






48. An administrator is updating firmware on routers throughout the company. Where should the administrator document this work?






49. Which of the following is used when performing a quantitative risk analysis?






50. In an 802.11n network which of the following provides the MOST secure method of both encryption and authorization?