Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You are performing risk assessment for an organization. What should you do during impact assessment?






2. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?






3. Which solution should you use?






4. Applying detailed instructions to manage the including allowing or denying traffic based on port - protocol - address - or direction is an implementation of which of the following?






5. Risk can be managed in the following ways...






6. An administrator is taking an image of a server and converting it to a virtual instance. Which of the following BEST describes the information security requirements of a virtualized server?






7. A user receives an automated call which appears to be from their bank. The automated recording provides details about the bank's privacy policy security policy and requests that the user clearly state their name - birthday and enter the banking detai






8. What port does the Domain Name Service (DNS) use by default?






9. A set of instructions normally implemented on a computer system as a procedure to manipulate data is called a(n)?






10. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?






11. What can you prevent when you deploy wireless devices inside a TEMPEST-certified building?






12. Which of the following manages peer authentication and key exchange for an IPSec connection?






13. The detection of a NOOP sled is an indication of which of the following attacks?






14. Which of the following allows a security administrator to set device traps?






15. Which of the following is a reason to perform user awareness and training?






16. Network users whose computers are running Windows7 complain that the extra windows that appear when they browse the Internet are becoming a nuisance. You need to minimize how often these windows appear. What should you do?






17. You are the network admin for a large LAN with a single - firewall-protected - Internet connection. You want to analyze all network traffic in your local network for suspicious activities and receive a notification when a possible attack is in proces






18. For which of the following is centralized key management most complicated?






19. What are typical elements of authentication as part of physical access controls?






20. Which of the following should be considered when trying to prevent somebody from capturing network traffic?






21. Which of the following threats corresponds with an attacker targeting specific employees of a company?






22. A security administrator is in charge of a a hot site and a cold site. Due to a recent disaster - the administrator needs to ensure that their cold site is ready to go in case of a disaster. Which of the following does the administrator need to ensur






23. A security firm has been engaged to assess a software application. A production-like test environment login details - production documentation and source code have been provided. Which of the following types of testing is being described?






24. Which of the following is used for exchanging secret keys over an insecure public network?






25. In order to ensure high availability of all critical backups of the main data center are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in






26. Your daily bandwidth monitoring report of your Internet connection shows an excessive amount of outgoing traffic on port 25. You have seen peaks in the reports before but this report shows many peaks outside office times. What should you do?






27. Which of the following malware types is an antivirus scanner MOST unlikely to discover?






28. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?






29. Based on logs from file servers remote access systems - and IDS - a malicious insider was stealing data using a personal laptop while connected by VPN. The affected company wants access to the laptop to determine loss - but the insider's lawyer insis






30. Which of the following identifies some of the running services on a system?






31. A visitor plugs their laptop into the network and receives a warning about their antivirus being out of-date along with various patches that are missing. The visitor is unable to access the Internet or any network resources. Which of the following is






32. Which of the following describes a passive attempt to identify weaknesses?






33. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?






34. While browsing the Internet an administrator notices their browser behaves erratically - appears to download something - and then crashes. Upon restarting the PC - the administrator notices performance is extremely slow and there are hundreds of outb






35. You have several computers that use the NTLM authentication protocol for client authentication. Network policy requires user passwords with at least 16 characters. What hash algorithm is used for password authentication?






36. Users in your company use a smart card and fingerprint scan to authenticate to the network. Which of the following authentication methods is used in your company?






37. Which of the following ports would a security administrator block if the administrator wanted to stop users from accessing outside SMTP services?






38. Which of the following assists in identifying if a system was properly handled during transport?






39. The security administrator is getting reports from users that they are accessing certain websites and are unable to download anything off of those sites. The security administrator is also receiving several alarms from the IDS about suspicious traffi






40. Which of the following is the primary difference between a virus and a worm?






41. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?






42. An administrator is updating firmware on routers throughout the company. Where should the administrator document this work?






43. A security administrator is tasked with revoking the access of a terminated employee. Which of the following account policies MUST be enacted to ensure the employee no longer has access to the network?






44. Which of the following BEST explains the security benefit of a standardized server image?






45. NIDS can also be used to help identify...






46. Which type of virus is able to alter its own code to avoid being detected by anti-virus software?






47. Which of the following concepts ensures that the data is only viewable to authorized users?






48. What principle dictates that a user is given no more privilege necessary than that required to preform his/her job?






49. A system administrator could have a user level account and an administrator account to prevent:...






50. Webmail is classified under which of the following cloud-based technologies?






Can you answer 50 questions in 15 minutes?



Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests