Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A security firm has been engaged to assess a software application. A production-like test environment login details - production documentation and source code have been provided. Which of the following types of testing is being described?






2. Which of the following is the BEST way to secure data for the purpose of retention?






3. Which of the following protocols requires the use of a CA based authentication process?






4. Which of the following describes when forensic hashing should occur on a drive?






5. A bulk update process fails and writes incorrect data throughout the database. Which of the following concepts describes what has been compromised?






6. By default which of the following stops network traffic when the traffic is not identified in the firewall ruleset?






7. Which of the following is a method to prevent ad-hoc configuration mistakes?






8. A security administrator is tasked with revoking the access of a terminated employee. Which of the following account policies MUST be enacted to ensure the employee no longer has access to the network?






9. Which of the following threats corresponds with an attacker targeting specific employees of a company?






10. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin






11. Which of the following is the primary difference between a virus and a worm?






12. Which of the following tools provides the ability to determine if an application is transmitting a password in clear-text?






13. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?






14. The 802.11i standard specifies support for which encryption algorithms?






15. A new enterprise solution is currently being evaluated due to its potential to increase the company's profit margins. The security administrator has been asked to review its security implications. While evaluating the various vulnerability scans were






16. Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?






17. A security administrator performs several war driving routes each month and recently has noticed a certain area with a large number of unauthorized devices. Which of the following attack types is MOST likely occurring?






18. You want to setup a secure method of sending and receiving email. Which two of the following protocols can be used for this purpose?






19. You are the network admin for a large LAN with a single - firewall-protected - Internet connection. You want to analyze all network traffic in your local network for suspicious activities and receive a notification when a possible attack is in proces






20. Webmail is classified under which of the following cloud-based technologies?






21. Which of the following is the BEST choice for encryption on a wireless network?






22. An application log shows that the text 'test; rm -rf /etc/passwd' was entered into an HTML form. Which of the following describes the type of attack that was attempted?






23. Which of the following devices would allow a technician to view IP headers on a data packet?






24. Which of the following port numbers is used for SCP by default?






25. Which of the following would be implemented to allow access to services while segmenting access to the internal network?






26. A security administrator is in charge of a a hot site and a cold site. Due to a recent disaster - the administrator needs to ensure that their cold site is ready to go in case of a disaster. Which of the following does the administrator need to ensur






27. Which of the following uses TCP port 22 by default?






28. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?






29. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?






30. You discover that company confidential information is being encoded into graphics files and sent to a destination outside of the company. This is an example of what kind of cryptography?






31. Which of the following is a management control type?






32. Which of the following should be enabled to ensure only certain wireless clients can access the network?






33. Which of the following is BEST used to prevent ARP poisoning attacks across a network?






34. Several staff members working in a datacenter have reported instances of tailgating. Which of the following could be implemented to prevent this security concern?






35. Which of the following should be considered when trying to prevent somebody from capturing network traffic?






36. Which of the following environmental variables reduces the potential for static discharges?






37. Which of the following are the default ports for HTTP and HTTPS protocols?






38. In which of the following locations would a forensic analyst look to find a hooked process?






39. Which of the following security threats does shredding mitigate?






40. The security administrator is getting reports from users that they are accessing certain websites and are unable to download anything off of those sites. The security administrator is also receiving several alarms from the IDS about suspicious traffi






41. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?






42. You are designing a Web-based application. You design the application so that it runs under a security context that allows only those privileges required for the application to run to minimize risk in the event of an attack. This is an example of whi






43. Users in your company use a smart card and fingerprint scan to authenticate to the network. Which of the following authentication methods is used in your company?






44. Which of the following reduces the likelihood of a single point of failure when a server fails?






45. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?






46. A security administrator needs to separate two departments. Which of the following would the administrator implement to perform this?






47. Which of the following logical controls does a flood guard protect against?






48. Which of the following environmental controls would BEST be used to regulate cooling within a datacenter?






49. Which of the following is a reason to perform user awareness and training?






50. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests