Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following BEST explains the security benefit of a standardized server image?






2. An administrator identifies a security issue on but does not attempt to exploit it. Which of the following describes what the administrator has done?






3. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?






4. Upper management decides which risk to mitigate based on cost. This is an example of:






5. Logs from an IDS show that a computer has been compromised with a botnet and is actively communicating with a command and control which of the following data types will be unavailable for later investigation?






6. Which of the following is used for exchanging secret keys over an insecure public network?






7. Which of the following is used when performing a qualitative risk analysis?






8. Instead of giving a security administrator full the administrator is given rights only to review logs and update security related network devices. Additional rights are handed out to network administrators for the areas that fall within their job des






9. Which of the following can prevent an unauthorized employee from entering a data center?






10. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?






11. Which of the following are important physical security considerations when choosing a location for a new remote branch office?






12. What is the term used to describe the type of FTP access in which the user does not have permissions to list the content of directories but can access the contents if he knows the path and file name?






13. Which of the following risks may result from improper use of social networking and P2P software?






14. Actively monitoring data streams in search of malicious code or behavior is an example of..






15. Which of the following is a security control that is lost when using cloud computing?






16. Your company wants a new web server that can be accessed both by users on your internal network and by users on the Internet. You advice the company to locate the server behind the corporate firewall so it can enjoy similar protection as the internal






17. Which of the following describes when forensic hashing should occur on a drive?






18. Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?






19. In which of the following locations would a forensic analyst look to find a hooked process?






20. Which of the following is another name for a malicious attacker?






21. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?






22. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?






23. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?






24. A security administrator is tasked with revoking the access of a terminated employee. Which of the following account policies MUST be enacted to ensure the employee no longer has access to the network?






25. Your organization recently purchased several new laptop computers for employees. You're asked to encrypt the laptop's hard drives without purchasing any additional hardware. What would you use?






26. Which of the following should be enabled to ensure only certain wireless clients can access the network?






27. On-going annual awareness security training should be coupled with:..






28. Proper wireless antenna placement and radio power setting reduces the success of which of the following reconnaissance methods?






29. Which of the following is true concerning email message encryption by using S/MIME?






30. Which of the following is a detective security control?






31. Which of the following security threats does shredding mitigate?






32. Which of the following should NOT be used with username/password authentication?






33. A programmer allocates 16 bytes for a string but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?






34. You are designing a secure application environment. You need to ensure that data is kept as secure as possible. You need to select the strictest access control model. What access control model should you use?






35. You want to improve security for remote administration to several Linux web servers on the Internet. The data as well as the authentication process needs to be encrypted. Which of the following should you do?






36. Which of the following is a best practice when securing a switch from physical access?






37. You want to setup a secure method of sending and receiving email. Which two of the following protocols can be used for this purpose?






38. A network administrator is implementing a network addressing scheme that uses a long string of both numbers and alphanumeric characters to create addressing options and avoid duplicates. Which of the following describes a protocol built for this purp






39. Which of the following environmental variables reduces the potential for static discharges?






40. DRPs should contain which of the following?






41. What types of encryption are used for adding a digital signature to a message?






42. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?






43. Which of the following is the MOST secure method of utilizing FTP?






44. Which of the following access control models allows classification and labeling of objects?






45. You need to advise a new wiring system for a company with several locations partly open to the public. A primary requirement is to make tapping into the network as difficult as possible. Which of the following cable types should you advice?






46. A security administrator needs to separate two departments. Which of the following would the administrator implement to perform this?






47. An existing application has never been assessed from a security perspective. Which of the following is the BEST assessment technique in order to identify the application's security posture?






48. Webmail is classified under which of the following cloud-based technologies?






49. Which environmental control is part of TEMPEST compliance?






50. What asymmetric key is used to encrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183



Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests