SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An application log shows that the text 'test; rm -rf /etc/passwd' was entered into an HTML form. Which of the following describes the type of attack that was attempted?
Fraud
Gas
Command injection
AES and TKIP
2. A visitor plugs their laptop into the network and receives a warning about their antivirus being out of-date along with various patches that are missing. The visitor is unable to access the Internet or any network resources. Which of the following is
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
The server is missing the default gateway.
Evil twin
By masking the IP address of internal computers from the Internet
3. Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?
AC filtering - Disabled SSID broadcast
Hot and cold aisles
IPSec
Evil twin
4. Which of the following are the default ports for HTTP and HTTPS protocols?
Vishing
Principle of least privilege
80 - 443
NOOP instructions
5. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?
Gas
Availability
The web site's public key.
IPSec
6. A user reports that their 802.11n capable interface connects and disconnects frequently to an access point that was recently installed. The user has a Bluetooth enabled laptop. A company in the next building had their wireless network breached last m
The new access point was mis-configured and is interfering with another nearby access point.
VPN concentrator
Enact a policy banning users from bringing in personal music devices.
ARP poisoning
7. Which of the following BEST describes the proper method and reason to implement port security?
Provider cloud
SSH
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
Smurf attack
8. Which of the following is true concerning email message encryption by using S/MIME?
The PC has become part of a botnet.
Algorithm
Only the message data is encrypted
Hardware RAID 5 - Software RAID 1
9. Which of the following encryption algorithms can be used in PGP for data encryption?
IDEA and TripleDes
Birthday - Full name
Algorithm
Baseline reporting
10. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?
Baseline reporting
TLS
Segmentation of each wireless user from other wireless users
Buffer overflow
11. Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems the users are still reporting issues of data being corrupt. Which of the following assessment techniques need to be performed to
Vulnerability scan
Mandatory vacation
Forward to different RDP listening ports.
DoS
12. What is the term used to describe the type of FTP access in which the user does not have permissions to list the content of directories but can access the contents if he knows the path and file name?
Least privilege
Integrity and Authentication
Humidity
Blind FTP
13. In order to ensure high availability of all critical backups of the main data center are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in
mitigation - acceptance - transference
Having the offsite location of tapes also be the hot siteservers
Rogue access point
Vulnerability scanner
14. Network users whose computers are running Windows7 complain that the extra windows that appear when they browse the Internet are becoming a nuisance. You need to minimize how often these windows appear. What should you do?
Integrity and Authentication
Pharming - Logic bomb
Configure the IE popup blockers
Smurf attack
15. The security administrator notices a number of TCP connections from the development department to the test network segregation. Large volumes of data are being transmitted between the two networks only on port 22. Which of the following is MOST likel
53
The development team is transferring data to test systems using SFTP and SCP.
Principle of least privilege
WPA2
16. Which of the following is the primary difference between a virus and a worm?
MS-CHAP
Use SSH to connect to the Linux shell
Physical control of the data
A worm is self-replicating
17. A programmer allocates 16 bytes for a string but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?
Memory - network processes - and system processesserver. If the computer is powered off
Deny all
Install a network-based IDS
Buffer overflow
18. For which of the following is centralized key management most complicated?
Symmetric Key
Enact a policy banning users from bringing in personal music devices.
Configure the IE popup blockers
Smurf attack
19. What is the advantage of using application virtualization?
Confidentiality
Lets you minimize the attack surface relating to the application
To minimize the organizational risk posed by users
WPA2-PSK
20. User in your department complain about a slow Internet connection. You monitor the external interface of your company's border router and notice a huge mount of half-open TCP connections. What type of attack is your company currently a victim of?
WPA Enterprise
Protocol analyzer
TCP SYN flood attack
EMI shielding
21. You are designing a secure application environment. You need to ensure that data is kept as secure as possible. You need to select the strictest access control model. What access control model should you use?
MAC
CAC
Polymorphic
Forward to different RDP listening ports.
22. Which of the following security threats does shredding mitigate?
Software as a Service (SaaS)
SNMP (also use to monitor the parameters of network devices)
Dumpster diving - Shoulder surfing
Dumpster diving
23. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?
Ensure a proper chain of custody
SSL
Security guard - Proximity reader
System A fails open. System B fails closed.
24. Which of the following threats corresponds with an attacker targeting specific employees of a company?
Vulnerability scanner
Trojans
Fiber optic
Spear phishing
25. An administrator who wishes to block all database ports at the firewall should include which of the following ports in the block list?
Virtual servers have the same information security requirements as physical servers.
Polymorphic
1433
To provide documentation as to who has handled the evidence
26. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?
Mantrap
Social Engineering attack
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
Footprinting
27. What allows for all activities on a network or system to be traced to the user who performed them?
Software as a Service
The web site's public key.
Social Engineering attack
Accountability
28. A small company needs to invest in a new expensive database. The company's budget does not include the purchase of additional servers or personnel. Which of the following solutions would allow the small company to save money on hiring additional pers
Account disablement
Protocol analyzer
NIPS is blocking activities from those specific websites.
Software as a Service
29. A security administrator is in charge of a a hot site and a cold site. Due to a recent disaster - the administrator needs to ensure that their cold site is ready to go in case of a disaster. Which of the following does the administrator need to ensur
S/MIME PGP
TCP SYN flood attack
Location that meets power and connectivity requirementsdatacenter
SSL
30. An attacker forces a Windows service that uses the Local System account as its service account to crash. The attacker is able to access administrator-level resources as a result. What kind of attack is this?
Loop protection
Lets you minimize the attack surface relating to the application
Hierarchical list of critical systems
Privilege escalation
31. Which of the following includes a photo and can be used for identification?
User rights and permissions reviews
CAC
Buffer overflow
VLAN segregation
32. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?
Least privilege
S/MIME PGP
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
Buffer overflow
33. With which of the following is RAID MOST concerned?
Confidentiality - Availability
Availability
Implicit deny
ICMP
34. Which of the following is an unauthorized wireless router that allows access to a secure network?
Vishing
Rogue access point
Availability
Configure the IE popup blockers
35. Which of the following should be considered when trying to prevent somebody from capturing network traffic?
EMI shielding
Off-site backup
Change Management System
IPv6
36. Data can potentially be stolen from a disk screen-lock protected - smartphone by which of the following?
Bluesnarfing
NOOP instructions
Baseline reporting
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
37. Risk can be managed in the following ways...
Validate input to remove hypertext
Polymorphic
Availability
mitigation - acceptance - transference
38. An IT administrator wants to provide 250 staff with secure remote access to the corporate network. Which of the following BEST achieves this requirement?
80 - 443
Algorithm
HSM
VPN concentrator
39. Used in conjunction which of the following are PII?
IPv6
Organize data based on severity and asset value.
Birthday - Full name
Baseline reporting
40. Which of the following should be enabled to ensure only certain wireless clients can access the network?
MAC filtering
MAC address
Power levels
Decrease the power levels on the WAP
41. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?
AES and TKIP
25
Security guard - Proximity reader
Confidentiality - Availability
42. By default which of the following stops network traffic when the traffic is not identified in the firewall ruleset?
MAC address
Implicit deny
The development team is transferring data to test systems using SFTP and SCP.
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
43. Separating of duties is valuable in deterring?
Fraud
Rogue access points
Proxies
The development team is transferring data to test systems using SFTP and SCP.
44. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?
War driving
Disable unused services - Update HIPS signatures
Block port 23 on the network firewall.
Spam filters
45. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin
DES
IPSec
Social Engineering attack
Cognitive passwords
46. Which of the following is the MOST secure method of utilizing FTP?
Confidentiality - Availability
FTPS
Lets you minimize the attack surface relating to the application
CAC
47. Which of the following is another name for a malicious attacker?
Organize data based on severity and asset value.
Black hat
Firewall - VPN
Software as a Service (SaaS)
48. Which of the following is the MOST likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network?
Spear phishing
Mantraps
Botnet
The user's PC is missing the authentication agent.
49. Which of the following is specific to a buffer overflow attack?
Initial vector
Power levels
DMZ
Social Engineering attack
50. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?
Principle of least privilege
Forward to different RDP listening ports.
Change Management System
Data Encryption Standard (DES)
