Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You are designing a secure application environment. You need to ensure that data is kept as secure as possible. You need to select the strictest access control model. What access control model should you use?






2. Which of the following malware types is MOST commonly installed through the use of thumb drives to compromise systems and provide unauthorized access?






3. Which of the following is an unauthorized wireless router that allows access to a secure network?






4. Users in your company use a smart card and fingerprint scan to authenticate to the network. Which of the following authentication methods is used in your company?






5. You are looking for ways to protect data on a network. Your solution should: Provide for easy backup of all user data.






6. Which of the following is used when performing a qualitative risk analysis?






7. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?






8. Which of the following risks may result from improper use of social networking and P2P software?






9. Which of the following devices is used to optimize and distribute data workloads across multiple computers or networks?






10. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?






11. What asymmetric key is used to encrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


12. Which of the following is a security control that is lost when using cloud computing?






13. Which solution should you use?






14. Which of the following authentication protocols utilizes the MD4 hashing algorithm?






15. The security administrator notices a number of TCP connections from the development department to the test network segregation. Large volumes of data are being transmitted between the two networks only on port 22. Which of the following is MOST likel






16. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?






17. You have several computers that use the NTLM authentication protocol for client authentication. Network policy requires user passwords with at least 16 characters. What hash algorithm is used for password authentication?






18. Users in your network are able to assign permissions to their own shared resources. Which of the following access control models is used in your network?






19. A set of instructions normally implemented on a computer system as a procedure to manipulate data is called a(n)?






20. Which of the following environmental variables reduces the potential for static discharges?






21. By default which of the following stops network traffic when the traffic is not identified in the firewall ruleset?






22. Instead of giving a security administrator full the administrator is given rights only to review logs and update security related network devices. Additional rights are handed out to network administrators for the areas that fall within their job des






23. Which of the following would be implemented to allow access to services while segmenting access to the internal network?






24. Which of the following is a technique designed to obtain information from a specific person?






25. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?






26. A security administrator performs several war driving routes each month and recently has noticed a certain area with a large number of unauthorized devices. Which of the following attack types is MOST likely occurring?






27. Which of the following is true concerning email message encryption by using S/MIME?






28. A system administrator could have a user level account and an administrator account to prevent:...






29. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?






30. Which of the following is used for exchanging secret keys over an insecure public network?






31. Which of the following will educate employees about malicious attempts from an attacker to obtain bank account information?






32. Which of the following uses TCP port 22 by default?






33. Due to sensitive data concerns a security administrator has enacted a policy preventing the use of flash drives. Additionally - which of the following can the administrator implement to reduce the risk of data leakage?






34. Which of the following is true regarding the WTLS protocol?






35. Which of the following devices BEST allows a security administrator to identify malicious activity after it has occurred?






36. Which of the following attacks is NOT aimed at fragmentation vulnerabilities of the IP stack?






37. Which of the following is the primary difference between a virus and a worm?






38. Which of the following is a reason to perform user awareness and training?






39. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?






40. Performing routine security audits is a form of which of the following controls?






41. Which of the following describes the purpose of chain of custody as applied to forensic image retention?






42. Which of the following is the default rule found in a corporate firewall's access control list?






43. A user is no longer able to transfer files to the FTP server. The security administrator has verified the ports are open on the network firewall. Which of the following should the security administrator check?






44. Two systems are being designed. System A has a high availability requirement. System B has a high security requirement with less emphasis on system uptime. Which of the following configurations BEST fits the need for each system?






45. Network users whose computers are running Windows7 complain that the extra windows that appear when they browse the Internet are becoming a nuisance. You need to minimize how often these windows appear. What should you do?






46. Which of the following facilitates computing for heavily utilized systems and networks?






47. A programmer allocates 16 bytes for a string but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?






48. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?






49. An IT administrator wants to provide 250 staff with secure remote access to the corporate network. Which of the following BEST achieves this requirement?






50. Which of the following would allow traffic to be redirected through a malicious machine by sending false hardware address updates to a switch?