Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What fire suppression method should be used to extinguish an electrical fire in one of the racks in the server room?






2. A security administrator needs to separate two departments. Which of the following would the administrator implement to perform this?






3. You are performing risk assessment for an organization. What should you do during impact assessment?






4. Actively monitoring data streams in search of malicious code or behavior is an example of..






5. Which of the following attacks would password masking help mitigate?






6. Which of the following is NOT an application layer security protocol?






7. Webmail is classified under which of the following cloud-based technologies?






8. Which of the following will educate employees about malicious attempts from an attacker to obtain bank account information?






9. Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems the users are still reporting issues of data being corrupt. Which of the following assessment techniques need to be performed to






10. A small company needs to invest in a new expensive database. The company's budget does not include the purchase of additional servers or personnel. Which of the following solutions would allow the small company to save money on hiring additional pers






11. What can you prevent when you deploy wireless devices inside a TEMPEST-certified building?






12. Which of the following is the BEST choice for encryption on a wireless network?






13. Which of the following logical controls does a flood guard protect against?






14. Which of the following are important physical security considerations when choosing a location for a new remote branch office?






15. A remote office is reporting they are unable to access any of the network resources from the main office. The security administrator realizes the error and corrects it. The administrator then tries to ping the router at the remote office and receives






16. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?






17. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin






18. An attacker forces a Windows service that uses the Local System account as its service account to crash. The attacker is able to access administrator-level resources as a result. What kind of attack is this?






19. Data can potentially be stolen from a disk screen-lock protected - smartphone by which of the following?






20. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?






21. A system administrator could have a user level account and an administrator account to prevent:...






22. Your company wants a new web server that can be accessed both by users on your internal network and by users on the Internet. You advice the company to locate the server behind the corporate firewall so it can enjoy similar protection as the internal






23. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?






24. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?






25. Which of the following authentication protocols utilizes the MD4 hashing algorithm?






26. NIDS can also be used to help identify...






27. You want to improve security for remote administration to several Linux web servers on the Internet. The data as well as the authentication process needs to be encrypted. Which of the following should you do?






28. A security administrator with full administrative rights on the network is forced to temporarily take time off of their duties. Which of the following describes this form of access control?






29. Which of the following is true regarding the WTLS protocol?






30. A company that purchases insurance to reduce risk is an example of which of the following?






31. Which of the following would be implemented to allow access to services while segmenting access to the internal network?






32. Which of the following is not an asymmetric system?






33. Which of the following describes a passive attempt to identify weaknesses?






34. A user is no longer able to transfer files to the FTP server. The security administrator has verified the ports are open on the network firewall. Which of the following should the security administrator check?






35. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?






36. An existing application has never been assessed from a security perspective. Which of the following is the BEST assessment technique in order to identify the application's security posture?






37. Which of the following attacks is NOT aimed at fragmentation vulnerabilities of the IP stack?






38. Which of the following is the primary difference between a virus and a worm?






39. Users in your company use a smart card and fingerprint scan to authenticate to the network. Which of the following authentication methods is used in your company?






40. A rogue access point with the same SSID as the production wireless network is found. Which of the following BEST describes this attack?






41. Which of the following BEST describes the proper method and reason to implement port security?






42. A set of instructions normally implemented on a computer system as a procedure to manipulate data is called a(n)?






43. Which of the following security threats does shredding mitigate?






44. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?






45. The 802.11i standard specifies support for which encryption algorithms?






46. Which of the following BEST describes an intrusion prevention system?






47. Which of the following is a best practice when securing a switch from physical access?






48. A security administrator is in charge of a a hot site and a cold site. Due to a recent disaster - the administrator needs to ensure that their cold site is ready to go in case of a disaster. Which of the following does the administrator need to ensur






49. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?






50. Which of the following is a management control type?