SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following is true concerning email message encryption by using S/MIME?
Implement a change management strategy
Only the message data is encrypted
ACLs
Accountability
2. Which solution should you use?
SSL
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
MD5
se file servers attached to an NAS system.
3. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?
Cognitive passwords
Rogue access points
Logic Bomb
The user's PC is missing the authentication agent.
4. Which of the following includes a photo and can be used for identification?
smurf attacks
CAC
Software as a Service (SaaS)
IPSec
5. Which of the following are accomplished when a message is digitally signed?
Vulnerability scan
Integrity and Authentication
Account disablement
Software as a Service (SaaS)
6. Webmail is classified under which of the following cloud-based technologies?
Proxies
Footprinting
Gas
Software as a Service (SaaS)
7. Which of the following tools provides the ability to determine if an application is transmitting a password in clear-text?
Video surveillance
IDEA and TripleDes
Protocol analyzer
Cross-site scripting
8. Which of the following protocols requires the use of a CA based authentication process?
Baseline reporting
Buffer overflow
quantitative risk assessment
PEAP-TLS
9. You are designing a secure application environment. You need to ensure that data is kept as secure as possible. You need to select the strictest access control model. What access control model should you use?
Symmetric
CAC
Protocol analyzer
MAC
10. What asymmetric key is used to encrypt when using HTTPS?
11. What is the term used to describe the type of FTP access in which the user does not have permissions to list the content of directories but can access the contents if he knows the path and file name?
The new access point was mis-configured and is interfering with another nearby access point.
Blind FTP
Segmentation of each wireless user from other wireless users
Mantraps
12. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?
The development team is transferring data to test systems using SFTP and SCP.
Business impact analysis
Load balancer
Deny all
13. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?
The web site's public key.
Ensure a proper chain of custody
mitigation - acceptance - transference
Rogue access points
14. Which of the following facilitates computing for heavily utilized systems and networks?
Before and after the imaging process and then hash the forensic image
Vishing
Only the message data is encrypted
Provider cloud
15. A new enterprise solution is currently being evaluated due to its potential to increase the company's profit margins. The security administrator has been asked to review its security implications. While evaluating the various vulnerability scans were
SSH
Dumpster diving
Risk assessmentproduct Answer: D
AES and TKIP
16. You are designing a Web-based application. You design the application so that it runs under a security context that allows only those privileges required for the application to run to minimize risk in the event of an attack. This is an example of whi
Protocol analyzer
Physical control of the data
Baseline reporting
Principle of least privilege
17. The security administrator is getting reports from users that they are accessing certain websites and are unable to download anything off of those sites. The security administrator is also receiving several alarms from the IDS about suspicious traffi
Cognitive passwords
NIPS is blocking activities from those specific websites.
Vishing
MAC
18. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?
Network Access Control
Organize data based on severity and asset value.
Protocol analyzer
ICMP
19. Which of the following concepts ensures that the data is only viewable to authorized users?
Confidentiality
Fiber optic
Platform as a Service
Privacy policy
20. The 802.11i standard specifies support for which encryption algorithms?
AES and TKIP
Vulnerability scan
Dumpster diving - Shoulder surfing
Virtual servers have the same information security requirements as physical servers.
21. Which of the following cloud computing concepts is BEST described as providing an easy-to configure OS and on-demand computing for customers?
Software as a Service (SaaS)
Network Access Control
The user's PC is missing the authentication agent.
Platform as a Service
22. In an 802.11n network which of the following provides the MOST secure method of both encryption and authorization?
WPA Enterprise
Asset value
Data Encryption Standard (DES)
Proxies
23. A programmer allocates 16 bytes for a string but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?
Buffer overflow
War driving
Humidity
Judgment
24. A critical system in the datacenter is not connected to a UPS. The security administrator has coordinated an authorized service interruption to resolve this issue. This is an example of which of the following?
Asset value
Fault tolerance
Humidity
Logic Bomb
25. Which of the following devices would allow a technician to view IP headers on a data packet?
Risk assessmentproduct Answer: D
Firewall - VPN
Risk transference
Protocol analyzer
26. On-going annual awareness security training should be coupled with:..
Block port 23 on the network firewall.
Principle of least privilege
signing of a user agreement.
Initial vector
27. Which of the following can prevent an unauthorized employee from entering a data center?
CAC
NOOP instructions
Security guard - Proximity reader
Platform as a Service
28. For which of the following is centralized key management most complicated?
Logic Bomb
Block port 23 on the network firewall.
Symmetric Key
CCTV
29. Which of the following would allow traffic to be redirected through a malicious machine by sending false hardware address updates to a switch?
Confidentiality - Availability
Add input validation to forms.
ARP poisoning
Vulnerability scanner
30. What principle dictates that a user is given no more privilege necessary than that required to preform his/her job?
Implicit deny
Principle of least privilege
1433
Clustering
31. Which of the following is a best practice to identify fraud from an employee in a sensitive position?
Decrease the power levels on the WAP
Mandatory vacations
DNS spoofing
Least privilege
32. Which of the following is the MOST secure method of utilizing FTP?
FTPS
MAC
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
Command injection
33. In order to provide flexible working conditions a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access?
Firewall - VPN
To provide documentation as to who has handled the evidence
Add input validation to forms.
TLS
34. Which of the following describes the purpose of chain of custody as applied to forensic image retention?
To provide documentation as to who has handled the evidence
The web site's public key.
Firewall - VPN
DES
35. How does a NAT server help protect your network?
By masking the IP address of internal computers from the Internet
Mandatory vacations
Disable unused ports
Off-site backup
36. Which of the following is used when performing a quantitative risk analysis?
Asset value
Clean desk policy
TCP SYN flood attack
SNMP (also use to monitor the parameters of network devices)
37. Which of the following is MOST relevant to a buffer overflow attack?
S/MIME PGP
Asymmetric and Hashing
NOOP instructions
MAC address
38. Which of the following BEST describes an intrusion prevention system?
A system that stops an attack in progress.
Asset value
Video surveillance
The development team is transferring data to test systems using SFTP and SCP.
39. Which of the following is a detective security control?
The PC has become part of a botnet.
Rogue access points
CCTV
Black hat
40. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?
Data Encryption Standard (DES)
Shoulder surfing
Ensure a proper chain of custody
DAC
41. You are performing risk assessment for an organization. What should you do during impact assessment?
The server is missing the default gateway.
Shoulder surfing
Off-site backup
Determine the potential monetary costs related to a threat
42. Which of the following functions is MOST likely performed by a web security gateway?
Content filtering
Implicit deny
Symmetric
Vulnerability scanning
43. Which of the following security threats does shredding mitigate?
Dumpster diving
To provide documentation as to who has handled the evidence
Initial vector
Principle of least privilege
44. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?
Man-in-the-middle
Network Access Control
Vulnerability scanning
Vulnerability scan
45. With which of the following is RAID MOST concerned?
Hardware RAID 5 - Software RAID 1
Location that meets power and connectivity requirementsdatacenter
escalation of privileges.
Availability
46. Which of the following should NOT be used with username/password authentication?
SNMP (also use to monitor the parameters of network devices)
Cognitive passwords
IPSec
DMZ
47. Applying detailed instructions to manage the including allowing or denying traffic based on port - protocol - address - or direction is an implementation of which of the following?
quantitative risk assessment
mitigation - acceptance - transference
Firewall rulesflow of network traffic at the edge of the network
22
48. An administrator identifies a security issue on but does not attempt to exploit it. Which of the following describes what the administrator has done?
Asymmetric and Hashing
Vulnerability scan
SSH
Vulnerability scanner
49. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?
Determine the potential monetary costs related to a threat
Block port 23 on the network firewall.
Only the message data is encrypted
Vulnerability scanner
50. You are the network admin for a large LAN with a single - firewall-protected - Internet connection. You want to analyze all network traffic in your local network for suspicious activities and receive a notification when a possible attack is in proces
Install a network-based IDS
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
Spam filters
Information disclosure
