SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Users in your company use a smart card and fingerprint scan to authenticate to the network. Which of the following authentication methods is used in your company?
Multi-factor authentication.
Smurf attack
escalation of privileges.
Disable unused services - Update HIPS signatures
2. Webmail is classified under which of the following cloud-based technologies?
Software as a Service (SaaS)
Birthday - Full name
SSL
IPv6
3. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?
Check if relaying is denied for unauthorized domains
TLS
Integrity and Authentication
Disable unused services - Update HIPS signatures
4. Which of the following BEST describes the proper method and reason to implement port security?
Rogue access points
Privacy policy
Dumpster diving
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
5. Which of the following is BEST used to prevent ARP poisoning attacks across a network?
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
VLAN segregation
Vishing
extremely slow and numerous antivirus alerts
6. Which of the following concepts ensures that the data is only viewable to authorized users?
Confidentiality
EMI shielding
SNMP (also use to monitor the parameters of network devices)
Integrity and Authentication
7. Which of the following identifies some of the running services on a system?
Determine open ports
Integrity and Authentication
Vulnerability scanner
Disable unused ports
8. A web application has been found to be vulnerable to a SQL injection attack. Which of the following BEST describes the required remediation action?
Add input validation to forms.
The development team is transferring data to test systems using SFTP and SCP.
Implicit deny
Black hat
9. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?
CAC
DMZ
Business impact analysis
Vishing
10. Which of the following malware types is an antivirus scanner MOST unlikely to discover?
Implicit deny
DMZ
Pharming - Logic bomb
Clean desk policy
11. You are performing risk assessment for an organization. What should you do during impact assessment?
The server is missing the default gateway.
Determine the potential monetary costs related to a threat
Initial vector
IDS
12. Which of the following should be installed to prevent employees from receiving unsolicited emails?
SSH
IPSec
Spam filters
25
13. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin
Footprinting
Confidentiality - Availability
Account disablement
Social Engineering attack
14. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?
HSM
Fault tolerance
IPSec
Steganography
15. A programmer allocates 16 bytes for a string but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?
Buffer overflow
Software as a Service
Mandatory vacations
Fraud
16. Which of the following protocols requires the use of a CA based authentication process?
PEAP-TLS
WPA Enterprise
Before and after the imaging process and then hash the forensic image
Principle of least privilege
17. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?
Protocol analyzer
Buffer overflow
Add input validation to forms.
Clean desk policy
18. A set of instructions normally implemented on a computer system as a procedure to manipulate data is called a(n)?
The server is missing the default gateway.
Business impact analysis
Change Management System
Algorithm
19. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?
Initial vector
Hardware RAID 5 - Software RAID 1
DMZ
DMZ
20. Which of the following is NOT an application layer security protocol?
A worm is self-replicating
S/MIME PGP
Spam filters
IPSec
21. An attacker forces a Windows service that uses the Local System account as its service account to crash. The attacker is able to access administrator-level resources as a result. What kind of attack is this?
Judgment
Data Encryption Standard (DES)
Privilege escalation
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
22. Which of the following should be enabled to ensure only certain wireless clients can access the network?
Install a network-based IDS
Power levels
The user's PC is missing the authentication agent.
MAC filtering
23. Which environmental control is part of TEMPEST compliance?
Privilege escalation
Data Encryption Standard (DES)
Shielding
User rights
24. What principle dictates that a user is given no more privilege necessary than that required to preform his/her job?
To minimize the organizational risk posed by users
Dumpster diving
Principle of least privilege
Software as a Service
25. Which of the following threats corresponds with an attacker targeting specific employees of a company?
Confidentiality
Spear phishing
BIOS
Mandated security configurations have been made to the operating system.
26. Which of the following reduces the likelihood of a single point of failure when a server fails?
Clustering
The user's PC is missing the authentication agent.
MAC
ICMP
27. While browsing the Internet an administrator notices their browser behaves erratically - appears to download something - and then crashes. Upon restarting the PC - the administrator notices performance is extremely slow and there are hundreds of outb
WPA2-PSK
Data Encryption Standard (DES)
Having the offsite location of tapes also be the hot siteservers
The PC has become part of a botnet.
28. Which of the following would provide the MOST reliable proof that a data center was accessed at a certain time of day?
Video surveillance
Judgment
War driving
ACLs
29. In an 802.11n network which of the following provides the MOST secure method of both encryption and authorization?
WPA Enterprise
Integrity and Authentication
Firewall rulesflow of network traffic at the edge of the network
Cross-site scripting
30. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?
Logic Bomb
Buffer overflow
IDEA and TripleDes
Cognitive passwords
31. Which of the following MUST a programmer implement to prevent cross-site scripting?
Validate input to remove hypertext
Birthday - Full name
Black hat
Load balancer
32. Which of the following is the MOST secure method of utilizing FTP?
FTPS
White box
BIOS
Botnet
33. What port does the Domain Name Service (DNS) use by default?
53
The development team is transferring data to test systems using SFTP and SCP.
Protocol analyzer
Load balancer
34. Which of the following risks may result from improper use of social networking and P2P software?
IPSec
escalation of privileges.
Information disclosure
Risk transference
35. Which of the following allows a security administrator to set device traps?
Deny all
Use SSH to connect to the Linux shell
Rogue access points
SNMP (also use to monitor the parameters of network devices)
36. Risk can be managed in the following ways...
War driving
mitigation - acceptance - transference
Bluesnarfing
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
37. What key is used to encrypt an HTTPS session?
Physical control of the data
SSH
Black hat
Symmetric
38. A remote office is reporting they are unable to access any of the network resources from the main office. The security administrator realizes the error and corrects it. The administrator then tries to ping the router at the remote office and receives
Confidentiality - Availability
The remote router has ICMP blocked.
Mantraps
Enact a policy banning users from bringing in personal music devices.
39. Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?
Physical control of the data
A worm is self-replicating
AC filtering - Disabled SSID broadcast
Firewall rulesflow of network traffic at the edge of the network
40. You are the network admin for a large LAN with a single - firewall-protected - Internet connection. You want to analyze all network traffic in your local network for suspicious activities and receive a notification when a possible attack is in proces
Video surveillance
Install a network-based IDS
VLAN segregation
CAC
41. A security administrator wants to know which systems are more susceptible to an attack compared to other systems on the network. Which of the following assessment tools would be MOST effective?
The server is missing the default gateway.
A worm is self-replicating
Vulnerability scanner
BIOS
42. A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?
Load balancer
DMZ
Enact a policy banning users from bringing in personal music devices.
Run the image through SHA256. Answer: D
43. Which of the following is used for exchanging secret keys over an insecure public network?
Diffie-Hellman
80 - 443
The web site's private key.
DAC
44. User in your department complain about a slow Internet connection. You monitor the external interface of your company's border router and notice a huge mount of half-open TCP connections. What type of attack is your company currently a victim of?
TCP SYN flood attack
Only the message data is encrypted
Black hat
The user's PC is missing the authentication agent.
45. Which of the following manages peer authentication and key exchange for an IPSec connection?
IKE
Pharming - Logic bomb
Baseline reporting
Security guard - Proximity reader
46. Which of the following secure protocols is MOST commonly used to remotely administer Unix/Linux systems?
Spam filters
SSH
The development team is transferring data to test systems using SFTP and SCP.
Clustering
47. Which of the following includes a photo and can be used for identification?
Mandated security configurations have been made to the operating system.
CAC
Provider cloud
Visibility - Accessibility - Neighborhood crime rate
48. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?
Dumpster diving - Shoulder surfing
Use SSH to connect to the Linux shell
CCTV
EMI shielding
49. A user is no longer able to transfer files to the FTP server. The security administrator has verified the ports are open on the network firewall. Which of the following should the security administrator check?
ACLs
Lets you minimize the attack surface relating to the application
DMZ
ICMP
50. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?
MAC filtering
Clean desk policy
VLAN
HSM