SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?
Organize data based on severity and asset value.
IPSec
Mandatory vacations
SSH
2. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?
User rights
Command injection
HSM
Fraud
3. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
Judgment
Having the offsite location of tapes also be the hot siteservers
IPSec
4. What types of encryption are used for adding a digital signature to a message?
Asymmetric and Hashing
WPA2-PSK
Mandatory vacations
se file servers attached to an NAS system.
5. Due to sensitive data concerns a security administrator has enacted a policy preventing the use of flash drives. Additionally - which of the following can the administrator implement to reduce the risk of data leakage?
Steganography
Enact a policy banning users from bringing in personal music devices.
Protocol analyzer
Cognitive passwords
6. Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?
White box
Power levels
Forward to different RDP listening ports.
Before and after the imaging process and then hash the forensic image
7. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?
Trojans
Logic Bomb
Hierarchical list of critical systems
Data Encryption Standard (DES)
8. Which of the following is true regarding the WTLS protocol?
Mandated security configurations have been made to the operating system.
se file servers attached to an NAS system.
Buffer overflow
It is used to provide data encryption for WAP connections.
9. Which of the following should NOT be used with username/password authentication?
Loop protection
To provide documentation as to who has handled the evidence
Cognitive passwords
SYN attacks
10. The security administrator is getting reports from users that they are accessing certain websites and are unable to download anything off of those sites. The security administrator is also receiving several alarms from the IDS about suspicious traffi
Polymorphic
Phishing techniques
IDEA and TripleDes
NIPS is blocking activities from those specific websites.
11. Which of the following is the BEST way to secure data for the purpose of retention?
Content filtering
Deny all
SYN attacks
Off-site backup
12. A security administrator wants to know which systems are more susceptible to an attack compared to other systems on the network. Which of the following assessment tools would be MOST effective?
Whaling
Buffer overflow
Vulnerability scanner
A system that stops an attack in progress.
13. A system administrator could have a user level account and an administrator account to prevent:...
escalation of privileges.
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
To ensure that staff understands what data they are handling and processing
Account disablement
14. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?
Virtual servers have the same information security requirements as physical servers.
Man-in-the-middle
Diffie-Hellman
MD5
15. Which of the following encryption algorithms can be used in PGP for data encryption?
Mantrap
Vulnerability scanning
IDEA and TripleDes
Determine the potential monetary costs related to a threat
16. Applying detailed instructions to manage the including allowing or denying traffic based on port - protocol - address - or direction is an implementation of which of the following?
Hot and cold aisles
Firewall rulesflow of network traffic at the edge of the network
Deny all
NIPS is blocking activities from those specific websites.
17. An administrator is taking an image of a server and converting it to a virtual instance. Which of the following BEST describes the information security requirements of a virtualized server?
Disable unused services - Update HIPS signatures
Security guard - Proximity reader
Vulnerability scanner
Virtual servers have the same information security requirements as physical servers.
18. Based on logs from file servers remote access systems - and IDS - a malicious insider was stealing data using a personal laptop while connected by VPN. The affected company wants access to the laptop to determine loss - but the insider's lawyer insis
Account disablement
IKE
Before and after the imaging process and then hash the forensic image
MAC address
19. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?
DNS spoofing
Change Management System
Logic Bomb
smurf attacks
20. What port does the Domain Name Service (DNS) use by default?
Privilege escalation
IDEA and TripleDes
MAC
53
21. By default which of the following stops network traffic when the traffic is not identified in the firewall ruleset?
Shielding
Mandated security configurations have been made to the operating system.
IPSec
Implicit deny
22. What principle requires that for a particular set of transactions - no one individual is solely responsible or allowed to execute the complete set?
Separation of duties
Add input validation to forms.
MS-CHAP
Loop protection
23. An administrator is updating firmware on routers throughout the company. Where should the administrator document this work?
Change Management System
Birthday - Full name
MAC filtering
Rootkit
24. Which of the following BEST describes an intrusion prevention system?
Polymorphic
Trojans
A system that stops an attack in progress.
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
25. Which of the following is a best practice when securing a switch from physical access?
MAC address
Blind FTP
Visibility - Accessibility - Neighborhood crime rate
Disable unused ports
26. Which of the following is the primary difference between a virus and a worm?
Account disablement
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
A worm is self-replicating
content inspection.
27. Separating of duties is valuable in deterring?
Smurf attack
IPSec
smurf attacks
Fraud
28. Which of the following malware types is MOST commonly installed through the use of thumb drives to compromise systems and provide unauthorized access?
Privacy policy
Trojans
Confidentiality - Availability
Spam filters
29. Which of the following is the default rule found in a corporate firewall's access control list?
Deny all
Buffer overflow
DMZ
Chain of custody
30. Which of the following would need to be configured correctly to allow remote access to the network?
extremely slow and numerous antivirus alerts
ACLs
MD5
DES
31. Which of the following includes a photo and can be used for identification?
Buffer overflow
The user's PC is missing the authentication agent.
Disable unused services - Update HIPS signatures
CAC
32. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
Command injection
Rogue access points
VLAN segregation
33. Which of the following is not an asymmetric system?
Black hat
DMZ
DES
Validate input to remove hypertext
34. Which of the following access control models allows classification and labeling of objects?
MAC
80 - 443
Content filtering
Risk assessmentproduct Answer: D
35. Which of the following are the default ports for HTTP and HTTPS protocols?
Detective
Buffer overflow
Content filtering
80 - 443
36. Which of the following is a technique designed to obtain information from a specific person?
Integrity
Off-site backup
Firewall - VPN
Spear phishing
37. Your daily bandwidth monitoring report of your Internet connection shows an excessive amount of outgoing traffic on port 25. You have seen peaks in the reports before but this report shows many peaks outside office times. What should you do?
Clustering
Confidentiality - Availability
Check if relaying is denied for unauthorized domains
SSH
38. Which of the following should be installed to prevent employees from receiving unsolicited emails?
Command injection
Protocol analyzer
Spam filters
DAC
39. You are designing a Web-based application. You design the application so that it runs under a security context that allows only those privileges required for the application to run to minimize risk in the event of an attack. This is an example of whi
DoS
Principle of least privilege
Baseline reporting
Disable unused ports
40. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?
Video surveillance
Privacy policy
Hardware RAID 5 - Software RAID 1
Network Access Control
41. Which of the following uses TCP port 22 by default?
Footprinting
System A fails open. System B fails closed.
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
Mandated security configurations have been made to the operating system.
42. Which of the following facilitates computing for heavily utilized systems and networks?
ACLs
ICMP
Provider cloud
WPA Enterprise
43. Which of the following protocols requires the use of a CA based authentication process?
SSH
MAC
Validate input to remove hypertext
PEAP-TLS
44. Which of the following MUST a programmer implement to prevent cross-site scripting?
Fiber optic
Validate input to remove hypertext
Whaling
IDEA and TripleDes
45. Which of the following malware types is an antivirus scanner MOST unlikely to discover?
Accountability
Privacy policy
Shoulder surfing
Pharming - Logic bomb
46. What asymmetric key is used to decrypt when using HTTPS?
47. Which of the following BEST explains the security benefit of a standardized server image?
Implicit deny
DMZ
Proxies
Mandated security configurations have been made to the operating system.
48. Which of the following is the MAIN reason to require data labeling?
Botnet
Footprinting
To ensure that staff understands what data they are handling and processing
Initial vector
49. What asymmetric key is used to encrypt when using HTTPS?
50. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?
Confidentiality - Availability
Having the offsite location of tapes also be the hot siteservers
Rogue access point
Proxies
