SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?
content inspection.
Logic Bomb
Memory - network processes - and system processesserver. If the computer is powered off
WPA2-PSK
2. Which of the following is the BEST way to secure data for the purpose of retention?
MAC address
Disable unused ports
Fault tolerance
Off-site backup
3. Which of the following assists in identifying if a system was properly handled during transport?
Dumpster diving - Shoulder surfing
Mantrap
Chain of custody
Cross-site scripting
4. Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?
Fault tolerance
Off-site backup
Power levels
Risk transference
5. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?
Vulnerability scanning
ID badges
Ensure a proper chain of custody
Principle of least privilege
6. Performing routine security audits is a form of which of the following controls?
Smurf attack
Detective
BIOS
Buffer overflow
7. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?
Cross-site scripting
Clean desk policy
Block port 23 on the network firewall.
Accountability
8. Which of the following environmental variables reduces the potential for static discharges?
Check if relaying is denied for unauthorized domains
Video surveillance
Humidity
Initial vector
9. What are typical elements of authentication as part of physical access controls?
MAC filtering
HSM
To ensure that staff understands what data they are handling and processing
ID badges
10. Which of the following is the MOST likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network?
DMZ
Lets you minimize the attack surface relating to the application
Memory - network processes - and system processesserver. If the computer is powered off
Botnet
11. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?
Block port 23 on the network firewall.
Protocol analyzer
Disable unused services - Update HIPS signatures
Pharming - Logic bomb
12. While browsing the Internet an administrator notices their browser behaves erratically - appears to download something - and then crashes. Upon restarting the PC - the administrator notices performance is extremely slow and there are hundreds of outb
Rogue access points
DMZ
The PC has become part of a botnet.
Symmetric
13. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?
Confidentiality - Availability
Validate input to remove hypertext
Separation of duties
IPSec
14. Which of the following is BEST used to prevent ARP poisoning attacks across a network?
22
Multi-factor authentication.
War driving
VLAN segregation
15. Which of the following authentication protocols utilizes the MD4 hashing algorithm?
SNMP (also use to monitor the parameters of network devices)
Determine open ports
WPA2-PSK
MS-CHAP
16. A company that purchases insurance to reduce risk is an example of which of the following?
White box
ACLs
Software as a Service (SaaS)
Risk transference
17. Which of the following may cause a user connected to a NAC-enabled network - to not be prompted for credentials?
18. Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?
AC filtering - Disabled SSID broadcast
Separation of duties
Dumpster diving - Shoulder surfing
25
19. You discover that company confidential information is being encoded into graphics files and sent to a destination outside of the company. This is an example of what kind of cryptography?
Spear phishing
Least privilege
Steganography
The user's PC is missing the authentication agent.
20. User in your department complain about a slow Internet connection. You monitor the external interface of your company's border router and notice a huge mount of half-open TCP connections. What type of attack is your company currently a victim of?
Firewall - VPN
TCP SYN flood attack
Man-in-the-middle
DAC
21. You are looking for ways to protect data on a network. Your solution should: Provide for easy backup of all user data.
Principle of least privilege
A worm is self-replicating
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
Mandated security configurations have been made to the operating system.
22. Which of the following would provide the MOST reliable proof that a data center was accessed at a certain time of day?
DES
Video surveillance
ARP poisoning
Risk assessmentproduct Answer: D
23. Which of the following is another name for a malicious attacker?
IPv6
S/MIME PGP
Fault tolerance
Black hat
24. What principle requires that for a particular set of transactions - no one individual is solely responsible or allowed to execute the complete set?
Polymorphic
Disable unused ports
Rogue access points
Separation of duties
25. An application log shows that the text 'test; rm -rf /etc/passwd' was entered into an HTML form. Which of the following describes the type of attack that was attempted?
Command injection
Data Encryption Standard (DES)
The PC has become part of a botnet.
SSH
26. A network administrator is implementing a network addressing scheme that uses a long string of both numbers and alphanumeric characters to create addressing options and avoid duplicates. Which of the following describes a protocol built for this purp
Before and after the imaging process and then hash the forensic image
IPv6
SSH
80 - 443
27. Which of the following is the default rule found in a corporate firewall's access control list?
Security guard - Proximity reader
Memory - network processes - and system processesserver. If the computer is powered off
Before and after the imaging process and then hash the forensic image
Deny all
28. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?
Symmetric Key
War driving
TLS
Birthday - Full name
29. Which of the following should a security administrator implement to prevent users from disrupting network connectivity if a user connects both ends of a network cable to different switch ports?
Least privilege
escalation of privileges.
Loop protection
The web site's public key.
30. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?
Blind FTP
Vulnerability scanning
User rights and permissions reviews
DoS
31. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of
Privilege escalation
smurf attacks
Protocol analyzer
SSL
32. You need to advise a new wiring system for a company with several locations partly open to the public. A primary requirement is to make tapping into the network as difficult as possible. Which of the following cable types should you advice?
Location that meets power and connectivity requirementsdatacenter
User rights
Fiber optic
ARP poisoning
33. What asymmetric key is used to decrypt when using HTTPS?
34. What port does the Domain Name Service (DNS) use by default?
Clean desk policy
Check if relaying is denied for unauthorized domains
Birthday - Full name
53
35. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin
Loop protection
Firewall rulesflow of network traffic at the edge of the network
Social Engineering attack
VLAN
36. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?
Risk assessmentproduct Answer: D
Spear phishing
Business impact analysis
User rights
37. Which of the following attacks would password masking help mitigate?
IPSec
Shoulder surfing
TPM
The remote router has ICMP blocked.
38. Users in your network are able to assign permissions to their own shared resources. Which of the following access control models is used in your network?
Evil twin
DAC
Rogue access point
Organize data based on severity and asset value.
39. How a Trojan works: A user downloads a keygen to install pirated software. After running the keygen - system performance is ________________ are displayed.
extremely slow and numerous antivirus alerts
Cognitive passwords
DES
The server is missing the default gateway.
40. Which of the following ports would a security administrator block if the administrator wanted to stop users from accessing outside SMTP services?
25
Information disclosure
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
Footprinting
41. Risk can be managed in the following ways...
Evil twin
mitigation - acceptance - transference
TLS
Diffie-Hellman
42. Which of the following is not an asymmetric system?
Smurf attack
The PC has become part of a botnet.
DES
SNMP (also use to monitor the parameters of network devices)
43. Which of the following is an unauthorized wireless router that allows access to a secure network?
Principle of least privilege
Diffie-Hellman
Rogue access point
WPA2
44. Which of the following should be enabled to ensure only certain wireless clients can access the network?
Virtual servers have the same information security requirements as physical servers.
MAC filtering
Check if relaying is denied for unauthorized domains
Steganography
45. A security administrator performs several war driving routes each month and recently has noticed a certain area with a large number of unauthorized devices. Which of the following attack types is MOST likely occurring?
FTPS
Rogue access points
mitigation - acceptance - transference
By masking the IP address of internal computers from the Internet
46. MAC filtering is a form of which of the following?
TCP SYN flood attack
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
Network Access Control
Hardware RAID 5 - Software RAID 1
47. Which solution should you use?
se file servers attached to an NAS system.
MAC address
Buffer overflow
Vulnerability scan
48. Which of the following describes when forensic hashing should occur on a drive?
Before and after the imaging process and then hash the forensic image
HSM
Hardware RAID 5 - Software RAID 1
Virtual servers have the same information security requirements as physical servers.
49. Which of the following should NOT be used with username/password authentication?
PEAP-TLS
Hardware RAID 5 - Software RAID 1
Cognitive passwords
Logic Bomb
50. Actively monitoring data streams in search of malicious code or behavior is an example of..
content inspection.
The web site's private key.
The remote router has ICMP blocked.
53