Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. By default which of the following stops network traffic when the traffic is not identified in the firewall ruleset?






2. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?






3. Which of the following is MOST relevant to a buffer overflow attack?






4. Which of the following is an example of allowing another user physical access to a secured area without validation of their credentials?






5. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of






6. What asymmetric key is used to decrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


7. A security administrator wants to know which systems are more susceptible to an attack compared to other systems on the network. Which of the following assessment tools would be MOST effective?






8. A remote office is reporting they are unable to access any of the network resources from the main office. The security administrator realizes the error and corrects it. The administrator then tries to ping the router at the remote office and receives






9. You are the network admin for a large LAN with a single - firewall-protected - Internet connection. You want to analyze all network traffic in your local network for suspicious activities and receive a notification when a possible attack is in proces






10. Separating of duties is valuable in deterring?






11. User in your department complain about a slow Internet connection. You monitor the external interface of your company's border router and notice a huge mount of half-open TCP connections. What type of attack is your company currently a victim of?






12. The server log shows 25 SSH login sessions it is a large company and the administrator does not know if this is normal behavior or if the network is under attack. Where should the administrator look to determine if this is normal behavior?






13. Which of the following would need to be configured correctly to allow remote access to the network?






14. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?






15. What is the term used to describe the type of FTP access in which the user does not have permissions to list the content of directories but can access the contents if he knows the path and file name?






16. Upper management decides which risk to mitigate based on cost. This is an example of:






17. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?






18. Which of the following is MOST commonly a part of routine system audits?






19. What types of encryption are used for adding a digital signature to a message?






20. A small company needs to invest in a new expensive database. The company's budget does not include the purchase of additional servers or personnel. Which of the following solutions would allow the small company to save money on hiring additional pers






21. Which of the following should be enabled to ensure only certain wireless clients can access the network?






22. Which of the following port numbers is used for SCP by default?






23. Which of the following BEST describes an intrusion prevention system?






24. What is the advantage of using application virtualization?






25. With which of the following is RAID MOST concerned?






26. Your daily bandwidth monitoring report of your Internet connection shows an excessive amount of outgoing traffic on port 25. You have seen peaks in the reports before but this report shows many peaks outside office times. What should you do?






27. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?






28. Which of the following protocols requires the use of a CA based authentication process?






29. Users in your company use a smart card and fingerprint scan to authenticate to the network. Which of the following authentication methods is used in your company?






30. NIDS can also be used to help identify...






31. Instead of giving a security administrator full the administrator is given rights only to review logs and update security related network devices. Additional rights are handed out to network administrators for the areas that fall within their job des






32. Which of the following describes the purpose of chain of custody as applied to forensic image retention?






33. What fire suppression method should be used to extinguish an electrical fire in one of the racks in the server room?






34. An application log shows that the text 'test; rm -rf /etc/passwd' was entered into an HTML form. Which of the following describes the type of attack that was attempted?






35. DRPs should contain which of the following?






36. Which of the following is a reason to perform user awareness and training?






37. A company that purchases insurance to reduce risk is an example of which of the following?






38. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?






39. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?






40. A new enterprise solution is currently being evaluated due to its potential to increase the company's profit margins. The security administrator has been asked to review its security implications. While evaluating the various vulnerability scans were






41. Which of the following would provide the MOST reliable proof that a data center was accessed at a certain time of day?






42. You need to advise a new wiring system for a company with several locations partly open to the public. A primary requirement is to make tapping into the network as difficult as possible. Which of the following cable types should you advice?






43. Which of the following authentication protocols utilizes the MD4 hashing algorithm?






44. What asymmetric key is used to encrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


45. Which of the following are the default ports for HTTP and HTTPS protocols?






46. Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration?






47. Which of the following should be considered when trying to prevent somebody from capturing network traffic?






48. Which of the following is specific to a buffer overflow attack?






49. A security administrator with full administrative rights on the network is forced to temporarily take time off of their duties. Which of the following describes this form of access control?






50. Which of the following is a best practice when securing a switch from physical access?