SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A security administrator with full administrative rights on the network is forced to temporarily take time off of their duties. Which of the following describes this form of access control?
Dumpster diving - Shoulder surfing
PEAP-TLS
Vulnerability scanning
Mandatory vacation
2. A security administrator needs to separate two departments. Which of the following would the administrator implement to perform this?
VLAN
Determine the potential monetary costs related to a threat
WPA2-PSK
Firewall rulesflow of network traffic at the edge of the network
3. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?
Implement a change management strategy
Dumpster diving - Shoulder surfing
Availability
Accountability
4. Which of the following is used for exchanging secret keys over an insecure public network?
Birthday - Full name
Rootkit
IKE
Diffie-Hellman
5. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?
Principle of least privilege
Enact a policy banning users from bringing in personal music devices.
Organize data based on severity and asset value.
MS-CHAP
6. Separating of duties is valuable in deterring?
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
Gas
Organize data based on severity and asset value.
Fraud
7. Which of the following are accomplished when a message is digitally signed?
Security guard - Proximity reader
White box
Integrity and Authentication
Loop protection
8. You have several computers that use the NTLM authentication protocol for client authentication. Network policy requires user passwords with at least 16 characters. What hash algorithm is used for password authentication?
Baseline reporting
MD5
Vishing
The remote router has ICMP blocked.
9. Which of the following are important physical security considerations when choosing a location for a new remote branch office?
Visibility - Accessibility - Neighborhood crime rate
Rogue access points
Least privilege
Off-site backup
10. Which of the following devices BEST allows a security administrator to identify malicious activity after it has occurred?
IPSec
Determine open ports
ACLs
IDS
11. What are typical elements of authentication as part of physical access controls?
Dumpster diving - Shoulder surfing
quantitative risk assessment
ID badges
The development team is transferring data to test systems using SFTP and SCP.
12. Which of the following includes a photo and can be used for identification?
User rights and permissions reviews
Baseline reporting
Vishing
CAC
13. A company that purchases insurance to reduce risk is an example of which of the following?
ACLs
Spam filters
Power levels
Risk transference
14. Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?
NOOP instructions
Data Encryption Standard (DES)
AC filtering - Disabled SSID broadcast
White box
15. Which of the following will provide the HIGHEST level of wireless network security?
EMI shielding
WPA2
Off-site backup
MAC filtering
16. Which of the following is the MOST likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network?
Segmentation of each wireless user from other wireless users
Botnet
Dumpster diving - Shoulder surfing
Confidentiality
17. In which of the following locations would a forensic analyst look to find a hooked process?
To provide documentation as to who has handled the evidence
Multi-factor authentication.
Shielding
BIOS
18. Which of the following devices would allow a technician to view IP headers on a data packet?
Protocol analyzer
DoS
NOOP instructions
Chain of custody
19. The server log shows 25 SSH login sessions it is a large company and the administrator does not know if this is normal behavior or if the network is under attack. Where should the administrator look to determine if this is normal behavior?
NOOP instructions
Physical control of the data
Baseline reporting
Vulnerability scanning
20. Which of the following BEST describes the proper method and reason to implement port security?
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
VLAN segregation
Business impact analysis
NIPS is blocking activities from those specific websites.
21. A set of instructions normally implemented on a computer system as a procedure to manipulate data is called a(n)?
Location that meets power and connectivity requirementsdatacenter
Botnet
IPSec
Algorithm
22. Which of the following is the primary difference between a virus and a worm?
se file servers attached to an NAS system.
A worm is self-replicating
Cross-site scripting
Determine open ports
23. During the analysis of malicious code a security analyst discovers JavaScript being used to send random data to another service on the same system. This is MOST likely an example of which of the following?
MS-CHAP
Block port 23 on the network firewall.
Protocol analyzer
Buffer overflow
24. Applying detailed instructions to manage the including allowing or denying traffic based on port - protocol - address - or direction is an implementation of which of the following?
Firewall rulesflow of network traffic at the edge of the network
User rights and permissions reviews
DES
Content filtering
25. Which of the following is NOT an application layer security protocol?
Multi-factor authentication.
Off-site backup
User rights
IPSec
26. Which of the following is an example of allowing another user physical access to a secured area without validation of their credentials?
WPA Enterprise
Tailgating
SYN attacks
Pharming - Logic bomb
27. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of
SSL
Vulnerability scanner
WPA2
MS-CHAP
28. Which of the following tools provides the ability to determine if an application is transmitting a password in clear-text?
TLS
Lets you minimize the attack surface relating to the application
Protocol analyzer
Before and after the imaging process and then hash the forensic image
29. Which of the following would allow traffic to be redirected through a malicious machine by sending false hardware address updates to a switch?
ARP poisoning
Run the image through SHA256. Answer: D
Mandated security configurations have been made to the operating system.
Determine open ports
30. Which of the following is a technique designed to obtain information from a specific person?
Use SSH to connect to the Linux shell
WPA Enterprise
Vishing
Spear phishing
31. Which of the following protocols requires the use of a CA based authentication process?
Fraud
Ensure a proper chain of custody
It is used to provide data encryption for WAP connections.
PEAP-TLS
32. Which of the following devices is used to optimize and distribute data workloads across multiple computers or networks?
Pharming - Logic bomb
Loop protection
Fault tolerance
Load balancer
33. A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?
Mandated security configurations have been made to the operating system.
Run the image through SHA256. Answer: D
Logic Bomb
Polymorphic
34. By default which of the following stops network traffic when the traffic is not identified in the firewall ruleset?
Check if relaying is denied for unauthorized domains
Implicit deny
Shielding
White box
35. A security administrator is in charge of a a hot site and a cold site. Due to a recent disaster - the administrator needs to ensure that their cold site is ready to go in case of a disaster. Which of the following does the administrator need to ensur
Location that meets power and connectivity requirementsdatacenter
Shielding
User rights and permissions reviews
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
36. Which of the following should a security administrator implement to prevent users from disrupting network connectivity if a user connects both ends of a network cable to different switch ports?
Loop protection
War driving
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
Run the image through SHA256. Answer: D
37. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?
IDEA and TripleDes
HSM
TLS
80 - 443
38. Which of the following is the MAIN reason to require data labeling?
To ensure that staff understands what data they are handling and processing
Rogue access points
Firewall rulesflow of network traffic at the edge of the network
Multi-factor authentication.
39. Which of the following is true concerning email message encryption by using S/MIME?
The web site's public key.
quantitative risk assessment
se file servers attached to an NAS system.
Only the message data is encrypted
40. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?
Buffer overflow
Logic Bomb
ACLs
Polymorphic
41. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?
Disable unused services - Update HIPS signatures
Clustering
DNS spoofing
22
42. Which of the following is another name for a malicious attacker?
The development team is transferring data to test systems using SFTP and SCP.
escalation of privileges.
Black hat
Baseline reporting
43. Which of the following is MOST likely to be the last rule contained on any firewall?
Vulnerability scan
Clean desk policy
Implicit deny
The web site's public key.
44. Which of the following malware types is an antivirus scanner MOST unlikely to discover?
The web site's private key.
Pharming - Logic bomb
The user's PC is missing the authentication agent.
DES
45. Which of the following devices is often used to cache and filter content?
Clustering
MAC address
Proxies
Separation of duties
46. Which of the following attacks is NOT aimed at fragmentation vulnerabilities of the IP stack?
Smurf attack
Privilege escalation
25
Fault tolerance
47. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?
IPv6
The server is missing the default gateway.
Polymorphic
Cross-site scripting
48. What allows for all activities on a network or system to be traced to the user who performed them?
ID badges
Platform as a Service
Accountability
War driving
49. Which of the following can prevent an unauthorized employee from entering a data center?
Trojans
Security guard - Proximity reader
Baseline reporting
Protocol analyzer
50. Which of the following attacks would password masking help mitigate?
Social Engineering attack
TLS
Shoulder surfing
HSM
