SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following tools provides the ability to determine if an application is transmitting a password in clear-text?
The remote router has ICMP blocked.
White box
Protocol analyzer
Ensure a proper chain of custody
2. Which of the following is an example of allowing another user physical access to a secured area without validation of their credentials?
ICMP
Tailgating
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
Load balancer
3. Which of the following malware types is an antivirus scanner MOST unlikely to discover?
A system that stops an attack in progress.
Firewall rulesflow of network traffic at the edge of the network
Pharming - Logic bomb
VPN concentrator
4. Several staff members working in a datacenter have reported instances of tailgating. Which of the following could be implemented to prevent this security concern?
Principle of least privilege
Load balancer
The web site's public key.
Mantraps
5. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?
Spam filters
The development team is transferring data to test systems using SFTP and SCP.
ACLs
Ensure a proper chain of custody
6. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?
Disable unused ports
IPSec
Trojans
Data Encryption Standard (DES)
7. Which of the following is another name for a malicious attacker?
Black hat
Organize data based on severity and asset value.
CAC
Vulnerability scanning
8. Which of the following facilitates computing for heavily utilized systems and networks?
Provider cloud
Multi-factor authentication.
Disable unused ports
Rogue access point
9. In order to ensure high availability of all critical backups of the main data center are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in
Spear phishing
TLS
Having the offsite location of tapes also be the hot siteservers
IPSec
10. Which of the following is specific to a buffer overflow attack?
Tailgating
Initial vector
ID badges
Only the message data is encrypted
11. You are performing risk assessment for an organization. What should you do during impact assessment?
VPN concentrator
Business impact analysis
Determine the potential monetary costs related to a threat
Implicit deny
12. Which of the following should be installed to prevent employees from receiving unsolicited emails?
ID badges
Mandatory vacation
Spam filters
Provider cloud
13. NIDS can also be used to help identify...
Business impact analysis
smurf attacks
Bluesnarfing
Video surveillance
14. Which of the following is a best practice when securing a switch from physical access?
Disable unused ports
smurf attacks
Determine open ports
Check if relaying is denied for unauthorized domains
15. Which of the following security threats does shredding mitigate?
AES and TKIP
Dumpster diving
Diffie-Hellman
Polymorphic
16. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?
Protocol analyzer
signing of a user agreement.
Cross-site scripting
MAC filtering
17. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?
DoS
IDEA and TripleDes
Validate input to remove hypertext
DMZ
18. Which of the following devices is often used to cache and filter content?
Off-site backup
Proxies
Add input validation to forms.
Decrease the power levels on the WAP
19. Which of the following would provide the MOST reliable proof that a data center was accessed at a certain time of day?
SSH
Video surveillance
Baseline reporting
Power levels
20. Which of the following is used when performing a qualitative risk analysis?
MAC
Mandated security configurations have been made to the operating system.
BIOS
Judgment
21. Which of the following would be implemented to allow access to services while segmenting access to the internal network?
Load balancer
DMZ
Asset value
Privacy policy
22. Logs from an IDS show that a computer has been compromised with a botnet and is actively communicating with a command and control which of the following data types will be unavailable for later investigation?
Check if relaying is denied for unauthorized domains
Memory - network processes - and system processesserver. If the computer is powered off
extremely slow and numerous antivirus alerts
VLAN
23. Which of the following environmental variables reduces the potential for static discharges?
Humidity
Command injection
Spam filters
Off-site backup
24. Which of the following is NOT an application layer security protocol?
Footprinting
Humidity
IPSec
mitigation - acceptance - transference
25. Which of the following are the default ports for HTTP and HTTPS protocols?
80 - 443
Asymmetric and Hashing
Fraud
Platform as a Service
26. An administrator who wishes to block all database ports at the firewall should include which of the following ports in the block list?
Rogue access points
1433
Hardware RAID 5 - Software RAID 1
Social Engineering attack
27. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?
Mantraps
Rootkit
Visibility - Accessibility - Neighborhood crime rate
mitigation - acceptance - transference
28. What principle dictates that a user is given no more privilege necessary than that required to preform his/her job?
Baseline reporting
Buffer overflow
Principle of least privilege
AES and TKIP
29. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?
Change Management System
The development team is transferring data to test systems using SFTP and SCP.
Privacy policy
Hardware RAID 5 - Software RAID 1
30. Which of the following port numbers is used for SCP by default?
Visibility - Accessibility - Neighborhood crime rate
22
IDS
Spear phishing
31. Proper wireless antenna placement and radio power setting reduces the success of which of the following reconnaissance methods?
Visibility - Accessibility - Neighborhood crime rate
Black hat
WPA2-PSK
War driving
32. Which of the following environmental controls would BEST be used to regulate cooling within a datacenter?
Baseline reporting
SSH
Hot and cold aisles
FTPS
33. Which of the following is a management control type?
Decrease the power levels on the WAP
WPA2-PSK
Vulnerability scanning
Power levels
34. Which of the following should be considered when trying to prevent somebody from capturing network traffic?
EMI shielding
Spear phishing
DoS
1433
35. A user is no longer able to transfer files to the FTP server. The security administrator has verified the ports are open on the network firewall. Which of the following should the security administrator check?
Birthday - Full name
ACLs
Clustering
Risk transference
36. Used in conjunction which of the following are PII?
Gas
Birthday - Full name
DES
Before and after the imaging process and then hash the forensic image
37. Your company wants a new web server that can be accessed both by users on your internal network and by users on the Internet. You advice the company to locate the server behind the corporate firewall so it can enjoy similar protection as the internal
Off-site backup
ICMP
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
DMZ
38. A security administrator needs to separate two departments. Which of the following would the administrator implement to perform this?
ICMP
Vulnerability scanning
VLAN
Asymmetric and Hashing
39. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?
Steganography
Principle of least privilege
DAC
NIDS
40. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?
TLS
Content filtering
SSH
MD5
41. Which of the following encryption algorithms can be used in PGP for data encryption?
Account disablement
IDEA and TripleDes
EMI shielding
Birthday - Full name
42. Which of the following will provide the HIGHEST level of wireless network security?
MAC address
Judgment
A system that stops an attack in progress.
WPA2
43. Which of the following can prevent an unauthorized employee from entering a data center?
MAC filtering
Security guard - Proximity reader
Enact a policy banning users from bringing in personal music devices.
DoS
44. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?
Diffie-Hellman
Forward to different RDP listening ports.
Business impact analysis
smurf attacks
45. The detection of a NOOP sled is an indication of which of the following attacks?
Humidity
Disable unused ports
Buffer overflow
Evil twin
46. Which of the following is a technique designed to obtain information from a specific person?
quantitative risk assessment
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
VPN concentrator
Spear phishing
47. Which of the following should be enabled to ensure only certain wireless clients can access the network?
MAC
Hot and cold aisles
DMZ
MAC filtering
48. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?
AES and TKIP
Fiber optic
The server is missing the default gateway.
Data Encryption Standard (DES)
49. A network administrator is implementing a network addressing scheme that uses a long string of both numbers and alphanumeric characters to create addressing options and avoid duplicates. Which of the following describes a protocol built for this purp
By masking the IP address of internal computers from the Internet
VLAN
IPv6
25
50. A user reports that their 802.11n capable interface connects and disconnects frequently to an access point that was recently installed. The user has a Bluetooth enabled laptop. A company in the next building had their wireless network breached last m
The new access point was mis-configured and is interfering with another nearby access point.
Location that meets power and connectivity requirementsdatacenter
BIOS
Decrease the power levels on the WAP