Can You Pass This Difficult CompTIA Security+ Exam?

100 Questions | Total Attempts: 60034

SettingsSettingsSettings
Security Plus Quizzes & Trivia

This quiz has been made to see whether you are completely prepared for the real exam. This practice test will help you pass by familiarizing you with the material and the ensuring that you know the structure of the CompTIA Security+ test. Time yourself to 90 minutes to get a feel of the pressures of the real exam. The practice test is designed to reflect the final exam. So, let's try out this challenging quiz. All the best!


Questions and Answers
  • 1. 
    • A. 

      Worms

    • B. 

      Trojan horse

    • C. 

      Boot Record virus

    • D. 

      EXE file virus

  • 2. 
    • A. 

      Mandatory Access Control

    • B. 

      Discretionary Access Control

    • C. 

      Role Based Access Control

    • D. 

      Any of the above

  • 3. 
    While assigning access privilege using the DAC, which of the following will you be needing?
    • A. 

      User database

    • B. 

      Access Control list

    • C. 

      Resource list

    • D. 

      None of the above

  • 4. 
    Which of the following statements relating to the MAC model is true? Choose two.
    • A. 

      MAC uses static mapping or predefined access privileges

    • B. 

      MAC cannot allow dynamic sharing of resources

    • C. 

      MAC uses ACL to assign privileges

    • D. 

      MAC allows dynamic sharing of resources

  • 5. 
    Certificates are best used in which of the following scenarios? Choose all that apply.
    • A. 

      LAN authentication

    • B. 

      Accessing Web sites

    • C. 

      Dial-Up connections

    • D. 

      Intranet login

  • 6. 
    Which of the following does NOT happen during a CHAP authentication? Choose all that apply
    • A. 

      The server issues password to any body requesting for it.

    • B. 

      The server poses the challenge for the password request.

    • C. 

      The server requests for the password.

    • D. 

      The server expects a clear text password initially.

  • 7. 
    • A. 

      A token is generated when a user has been successfully authenticated

    • B. 

      This token is attached to the users session and will be destroyed once the session is terminated

    • C. 

      This token is attached to the users session and will be destroyed after the user has logged out

  • 8. 
    • A. 

      The Kerberos system requires a Key Distribution Center (KDC) which is responsible for authenticating any network user, Computer or Service.

    • B. 

      None

  • 9. 
    Which of the following does the Biometrics use to establish user identity? Choose two
    • A. 

      Finger prints

    • B. 

      Retinal scan

    • C. 

      Some times the DNA structure too to establish user Id

  • 10. 
    To allow access to a campus you would use Kerberos. T/F?
    • A. 

      True

    • B. 

      False

  • 11. 
    • A. 

      Advantage is that it is easy to remember passwords

    • B. 

      Advantage is that it is easy to implement

    • C. 

      Disadvantage is that it is difficult to implement

    • D. 

      Disadvantage is that it is not secure

  • 12. 
    If you had to implement a foolproof method of establishing a User ID in your organization, which of the following would you choose? Choose the best answer.
    • A. 

      Smart Card

    • B. 

      Username/Password

    • C. 

      Biometric

    • D. 

      Credit Card

  • 13. 
    RADIUS is abbreviation for Remote Access Data Inspection User Service. T/F?
    • A. 

      True

    • B. 

      False

  • 14. 
    If you were implementing an Enterprise network that requires remote users connecting to the Intranet, which of the following services would be most important?
    • A. 

      DNS

    • B. 

      DHCP

    • C. 

      RAS

    • D. 

      None of the above

  • 15. 
    Which of the following services when placed on the edge of the network, will provide security to the entire network?
    • A. 

      Firewall

    • B. 

      Router

    • C. 

      Antivirus

    • D. 

      None of the above

  • 16. 
    Which of the following is a Wireless LAN susceptible to?
    • A. 

      Loss of signal strength

    • B. 

      Eavesdropping

    • C. 

      Blackout

    • D. 

      EMI

  • 17. 
    Which of the following can be termed as the Denial of Service Attack?
    • A. 

      A computer on your network has crashed

    • B. 

      Your router is unable to find a destination outside of your network

    • C. 

      Your Web server has gone into a loop trying to service a client request.

    • D. 

      You keyboard is no longer responding.

  • 18. 
    • A. 

      Ping to the server

    • B. 

      Simulate a DDoS attack on that server

    • C. 

      Simulate a DoS attack on the server

    • D. 

      Check if all the patches and required antivirus software has been loaded o the server.

  • 19. 
    When debugging an Operating system, a programmer would make use of a front door. T/F?
    • A. 

      True

    • B. 

      False

  • 20. 
    Which of the following protocols help to gain MAC address of a PC on the network?
    • A. 

      ARP

    • B. 

      FTP

    • C. 

      TFTP

    • D. 

      DHCP

  • 21. 
    To transfer emails between email servers of different domains you would require POP3 service. T/F?
    • A. 

      True

    • B. 

      False

  • 22. 
    Which of the following is the most popular protocol that is used in dial-up connections?
    • A. 

      SLIP

    • B. 

      PPTP

    • C. 

      POP3

    • D. 

      PPP

  • 23. 
    Which of the following protocols could a VPN make use of? Choose two.
    • A. 

      PPTP

    • B. 

      L2TP

    • C. 

      HTTP

    • D. 

      NNTP

  • 24. 
    When a remote user is dialling-in to the network, which of the following servers would be challenging his request for authentication first?
    • A. 

      RADIUS server would be challenging the users request first, the rest of the servers on the network

    • B. 

      RADIUS server at a later stage when they receive a request for resource access from this dial-in or remote user

    • C. 

      None

  • 25. 
    You are configuring a VPN whose tunnel passes through the public network. You are concerned for the security as your VPN may be connecting across the globe to several networks operating on different platforms. Which of the following would be ideal to secure your VPN? Choose the best answer.
    • A. 

      PPTP

    • B. 

      IPSec

    • C. 

      Kerberos

    • D. 

      Certificate

  • 26. 
    Which of the following would help with dedicated authentication to dial-in clients?
    • A. 

      TACACS (Terminal Access Controller Access Control System)

    • B. 

      RADIUS

    • C. 

      IAS (Internet Authentication Server)

  • 27. 
    L2TP can work over which of the following networks? Choose all appropriate answers.
    • A. 

      IP

    • B. 

      IPX

    • C. 

      SNA

    • D. 

      None of the above

  • 28. 
    • A. 

      There are web sites that keep updating vulnerability information for different platforms.

    • B. 

      It is ideal to constantly browse these sites and keep checking if it applicable for the platform and applications housed in your web server.

    • C. 

      Update virus definition files regularly.

    • D. 

      None

  • 29. 
    When configuring antivirus for email, which of the following configurations must be applied? Choose two.
    • A. 

      Scan before downloading

    • B. 

      Scan before sending

    • C. 

      Scan before opening

    • D. 

      Scan after receiving

  • 30. 
    Which of the following port numbers is used by SMTP?
    • A. 

      25

    • B. 

      26

    • C. 

      27

  • 31. 
    Which of the following statements about an email server is/are true? Choose only answer(s) that apply
    • A. 

      Verifies if destination domain is self or not before transmitting a mail

    • B. 

      Verifies if recipient is from local domain or not before receiving an email

    • C. 

      Verifies if email is infected or not

    • D. 

      None of the above

  • 32. 
    Which of the following statements regarding Infrared communication is true? Choose three.
    • A. 

      It requires line of sight

    • B. 

      It requires the same radio frequency at the transmitting and receiving end.

    • C. 

      It is least secure.

    • D. 

      Interception is possible if the tapping devices is also in the line of sight

    • E. 

      Interception is possible if the tapping device is also tuned to the same radio frequency as the main communicating devices.

  • 33. 
    Which of the following statements about a Modem are true? Choose two.
    • A. 

      It steps us AC voltage

    • B. 

      It steps down DC voltage

    • C. 

      It modulates and demodulates signals for the Computer and the telephone line.

    • D. 

      It converts Analog signals to digital and vice versa.

  • 34. 
    To which layer do the following communicating devices belong? Switch, Ethernet Card.
    • A. 

      Physical layer

    • B. 

      Datalink layer

    • C. 

      Network Layer

    • D. 

      None of the above

  • 35. 
    Which of the following communications use the 2.4 GHz frequency? Choose three.
    • A. 

      The microwave operates

    • B. 

      Blue-tooth

    • C. 

      Wireless

  • 36. 
    If you wish to block FTP access to your Web server, which of the following Firewall types should you consider?
    • A. 

      Stateful Inspection

    • B. 

      Port filtering

    • C. 

      Packet filtering

    • D. 

      Application filtering

  • 37. 
    Which of the following are capable of functioning as a Firewall? Choose two
    • A. 

      Proxy

    • B. 

      Router

    • C. 

      PC

    • D. 

      Switch

  • 38. 
    Which of the following about the Stateful inspection firewall is true? Choose two.
    • A. 

      It maintains a state table

    • B. 

      It maintains a routing table

    • C. 

      It functions on the network layer

    • D. 

      It functions on the application layer.

  • 39. 
    Stateful inspection firewall will operate on all the 7 layers of the OSI reference model. T/F?
    • A. 

      True

    • B. 

      False

  • 40. 
    Which of the following will relates to how the external world can access internal network resources?
    • A. 

      Network policy

    • B. 

      Firewall policy

    • C. 

      Access policy

    • D. 

      None of the above

  • 41. 
    Which of the following firewall policies is most restrictive?
    • A. 

      Any any

    • B. 

      Deny all

    • C. 

      Permit all

    • D. 

      None of the above

  • 42. 
    When faced with an outgoing packet, which of the following header components would a firewall look at first?
    • A. 

      Protocol information

    • B. 

      Source address

    • C. 

      Destination address

    • D. 

      No of bytes in the header

  • 43. 
    If you have implemented a DHCP in your network and you would wish to secure this service so that no external user will be able to become a DHCP client, which of the following would you ensure?
    • A. 

      Block port numbers 20 and 21 on the external interface for incoming connections

    • B. 

      Block port numbers 20 and 21 on the internal interface.

    • C. 

      Block port numbers 67 and 68 on the external interface for incoming connections

    • D. 

      Block port numbers 67 and 68 on the internal interface

  • 44. 
    If you wish to allow the external users access your Web server you must block port number 110. T/F?
    • A. 

      True

    • B. 

      False

  • 45. 
    Which of the following can secure your internal server best, against external attacks? Choose all that apply.
    • A. 

      Perform OS hardening by blocking all access to this server

    • B. 

      Perform OS hardening by verify and terminating all un used service

    • C. 

      Regularly check for unused usernames and disable or delete them.

    • D. 

      Ensure you are running a vulnerability check on this server at regular intervals.

  • 46. 
    Which of the following is true about providing security to database servers? Choose two.
    • A. 

      Do not host a database server on the same server as your web server.

    • B. 

      Do not host a database server on a server based system

    • C. 

      Employ a three-tier model

    • D. 

      Employ a centralized administration model.

  • 47. 
    Which of the following is an ideal practice to ensure network resources safety? Choose three.
    • A. 

      Rename guest accounts

    • B. 

      Rename administrator accounts.

    • C. 

      Ensure there is just one administrator account present.

    • D. 

      Ensure the administrator account does not have a blank password

    • E. 

      None of the above

  • 48. 
    To prevent internal Web servers from being accessed you must block TCP port 20. T/F?
    • A. 

      True

    • B. 

      False

  • 49. 
    An authorized update is one way of securing the DNS server. T/F?
    • A. 

      True

    • B. 

      False

  • 50. 
    Does NTFS provide file system security?
    • A. 

      Yes

    • B. 

      No

  • 51. 
    Which of the following statements about the SHA (Security Hash Algorithm) are true? Choose two.
    • A. 

      SHA is a security hash algorithm that is used with encryption protocols

    • B. 

      Its latest version is SHA-1

    • C. 

      None

  • 52. 
    Which of the following are encryption systems? Choose two.
    • A. 

      RC5

    • B. 

      Blowfish

    • C. 

      MAC

    • D. 

      ARP

  • 53. 
    Which of the following is true about Public/Private key pairs? Choose two.
    • A. 

      They form an essential part of Website security

    • B. 

      They are used by Certificate security system

    • C. 

      They are a pair of clear text passwords

    • D. 

      They are obsolete.

  • 54. 
    RSA is the encryption system used in cellular devices. T/F?
    • A. 

      True

    • B. 

      False

  • 55. 
    What is the requirement for cryptography? Choose two.
    • A. 

      To avoid unauthorized access of information being stored

    • B. 

      To avoid unauthorized access of network resources

    • C. 

      To avoid unauthorized access of information being transmitted.

    • D. 

      To avoid unauthorized access of network servers

  • 56. 
    Which of the following is responsible for key issues relating to the security of inter-bank communications?
    • A. 

      IETF

    • B. 

      ISI

    • C. 

      NSA

    • D. 

      ABA

  • 57. 
    Which of the following will be required to perform Cryptanalysis? Choose three.
    • A. 

      Mathematical tools

    • B. 

      Analytical reasoning

    • C. 

      Pattern finding

    • D. 

      Mathematical reasoning

    • E. 

      Advanced calculators

  • 58. 
    In symmetric-key encryption, one key will be used for encryption and another will be used for decryption to provide maximum security. T/F?
    • A. 

      True

    • B. 

      False

  • 59. 
    When employing Caesar�s Cipher key value of 3, which of the following will be the decrypted equivalent of JGOOQ?
    • A. 

      HELLO

    • B. 

      WHAT

    • C. 

      WHEN

    • D. 

      DATE

  • 60. 
    Which of the following is an advantage of using conventional encryption?
    • A. 

      It is the most secure

    • B. 

      It is very fast

    • C. 

      It is economical

    • D. 

      None of the above

  • 61. 
    The concept of public key cryptography was introduced by Diffie-Hellman. T/F?
    • A. 

      True

    • B. 

      False

  • 62. 
    • A. 

      You need to have a security setup configured on both the sending as well as the receiving ends to implement Public Key Cryptography.

    • B. 

      You do not need an existing security setup

    • C. 

      Public key can only encrypt and private key can only decrypt.

    • D. 

      Public key can encrypt as well as decrypt, private key can only decrypt

    • E. 

      None of the above

  • 63. 
    The keys are measured by bytes. T/F?
    • A. 

      True

    • B. 

      False

  • 64. 
    A digital signature is synonymous to which of the following?
    • A. 

      Finger print

    • B. 

      Hand written signature

    • C. 

      Blood sample

    • D. 

      None of the above

  • 65. 
    When employing message digest, if data does get modified, which of the following will be the result of that modification?�
    • A. 

      The receiving end and the sending end will receive an alert notification

    • B. 

      The resulting digest after data modification will contain a completely different value.

    • C. 

      The messages will be dropped and retransmitted.

    • D. 

      None of the above

  • 66. 
    Which of the following are the two key-based algorithms?
    • A. 

      Symmetric algorithm

    • B. 

      Asymmetric algorithm

    • C. 

      128-bit key algorithm

    • D. 

      1024-bit key algorithm

  • 67. 
    Which of the following can be termed as brute force attack?
    • A. 

      Trying all combinations to break a code

    • B. 

      Breaking into strong cryptography

    • C. 

      Forcibly capturing all data being transmitted

    • D. 

      None of the above

  • 68. 
    Which of the following types of cryptography is possible? Choose two.
    • A. 

      Cryptography with keys

    • B. 

      Cryptography without keys

    • C. 

      Cryptography before encryption

    • D. 

      Cryptography without encryption

  • 69. 
    Cryptography without keys is more secure than cryptography with keys. T/F?
    • A. 

      True

    • B. 

      False

  • 70. 
    Which of the following is required by the cipher when it is important to maintain a message as a secret?
    • A. 

      Generate one cipher text for that message

    • B. 

      Generate at least 5 cipher text for that message

    • C. 

      Generate several cipher text.

    • D. 

      None of the above.

  • 71. 
    Which of the following is the most common attack faced by the DES algorithm?
    • A. 

      DoS

    • B. 

      Brute force attack

    • C. 

      Code attack

    • D. 

      None of the above

  • 72. 
    Differential cryptanalysis is nothing but pattern studying. T/F?
    • A. 

      True

    • B. 

      False

  • 73. 
    Which of the following is provided by IDEA? Choose two.
    • A. 

      High level security

    • B. 

      Complex implementation

    • C. 

      Ease of implementation

    • D. 

      Average security level

  • 74. 
    Which of the following best describes Ron's Code 2?
    • A. 

      RC2 or Ron's code 2 is a 64-bit block cipher.

    • B. 

      It was devised by Ron Rivest.

    • C. 

      None

  • 75. 
    The block size in RC5 can range from 0 to 255. Y/N?
    • A. 

      Yes

    • B. 

      No

  • 76. 
    As per a company policy, which of the following personnel should be considered as insiders? Choose two.
    • A. 

      Key employees

    • B. 

      Contractors

    • C. 

      Ex-employees

    • D. 

      Vendors

  • 77. 
    Which of the following statements are true about the way data classification can be made? Choose two
    • A. 

      It must be adhoc or informal

    • B. 

      It may be adhoc or informal

    • C. 

      The strategy usually involves a scheme that splits into different levels

    • D. 

      The strategy usually involves a ten level scheme.

  • 78. 
    Which of the following can be referred to as highly confidential data?
    • A. 

      Intranet web site

    • B. 

      Customer information

    • C. 

      Budget related information

    • D. 

      None of the above

  • 79. 
    Which of the following will allow you to take stock of sensitive data in the organization?
    • A. 

      Scanning all floppies that are allowed into the network

    • B. 

      Running scan disk on all drives

    • C. 

      Auditing all servers for stored data

    • D. 

      None of the above

  • 80. 
    Which of the following provide protection to the enterprise premises against attackers? Choose two
    • A. 

      Burglar alarms

    • B. 

      Bullet proof jackets

    • C. 

      Surveillance systems

    • D. 

      Public address systems

  • 81. 
    Cyphertext can be used for punch system locks. T/F?
    • A. 

      True

    • B. 

      False

  • 82. 
    Which of the following is essential for backing up burglar alarms and surveillance systems? Choose two
    • A. 

      Burglar alarms are connected to the local police or security organization through telephone lines

    • B. 

      Burglar alarms are connected to the local police or security organization being powered by an electric supply

    • C. 

      None

  • 83. 
    Surge protectors are meant to provide backup to electrical and electronic devices. T/F?
    • A. 

      True

    • B. 

      False

  • 84. 
    In case of fire, which o the following needs to be programmed to be put off instantly?
    • A. 

      Electric supply

    • B. 

      Air conditioner

    • C. 

      Fire

    • D. 

      None of the above

  • 85. 
    Backup is required only for electric power and not electronic data. T/F?
    • A. 

      True

    • B. 

      False

  • 86. 
    Which of the following enhances the server available on the network? Choose the best answer
    • A. 

      Server mirroring

    • B. 

      Server clustering

    • C. 

      PDC

    • D. 

      None of the above

  • 87. 
    Which of the following is an ideal location for storing the backup?
    • A. 

      Offsite location

    • B. 

      Within the main site

    • C. 

      In the same city as head office

    • D. 

      None of the above

  • 88. 
    Which of the following backup is the most time consuming to restore during a server crash?
    • A. 

      Differential backup

    • B. 

      Incremental backup

    • C. 

      Full backup

    • D. 

      None of the above

  • 89. 
    If you cannot afford a hot site, which of the following would be an alternate solution?
    • A. 

      Warm site

    • B. 

      Cold site

    • C. 

      Luke warm site

    • D. 

      None of the above

  • 90. 
    Which of the following will not be available on a cold site?
    • A. 

      Electricity

    • B. 

      Networking

    • C. 

      Space

    • D. 

      None of the above

  • 91. 
    Which part of the security policies must a user be aware of?
    • A. 

      The applicable policies themselves and the effect caused by security breach

    • B. 

      The person responsible for creating the policies.

    • C. 

      The total number of policies that are there.

    • D. 

      None of the above

  • 92. 
    Which of the following is necessary even after an employee has attended a security awareness program?
    • A. 

      Ensure security update bulletins are distributed to all employees at regular intervals.

    • B. 

      Assign a test score to the employee for the training attended

    • C. 

      Ensure the employee goes through one more such training

    • D. 

      None of the above

  • 93. 
    Which of the following processes will allow you to ascertain organizational assets?
    • A. 

      Auditing

    • B. 

      Monitoring

    • C. 

      Troubleshooting

    • D. 

      None of the above

  • 94. 
    Which of the following vulnerabilities could be a common error on the servers?
    • A. 

      Virus database not being updated as per schedule

    • B. 

      Forgetting to restart the server

    • C. 

      Installing an incorrect version of an application

    • D. 

      None of the above

  • 95. 
    Which of the following is necessary when analyzing threats?
    • A. 

      View the data in the history to analyze the pattern and frequency of an occurrence

    • B. 

      Analyze if the threat is external or internal

    • C. 

      Isolate people in the organization from whom you fear a threat

    • D. 

      None of the above

  • 96. 
    Which of the following can affect productivity? Choose two
    • A. 

      A sick employee on leave

    • B. 

      Network resources being unavailable to users

    • C. 

      Server crashes and no disaster recovery plan is in place

    • D. 

      A whole department has been assigned to training

  • 97. 
    Which of the following is the best way to ensure that contact employees no longer use the network resources once their contract with the organization is over? Choose two
    • A. 

      Ensure you create a separate group for contractors.

    • B. 

      Ensure that you disable the account of the contractor who has completed contract

    • C. 

      Ensure you assign permissions to individual contractor each time

    • D. 

      Ensure you monitor the logged in users to forcibly log out a contract employee who has completed contract.

  • 98. 
    Which of the following is an essential configuration for email messages?
    • A. 

      Content sensitivity action

    • B. 

      Sender specific action

    • C. 

      Receipt date specific action

    • D. 

      None of the above

  • 99. 
    It is ideal that a network supports a specific encryption standard only. T/F?
    • A. 

      True

    • B. 

      False

  • 100. 
    It is ideal for any organization to employ an encryption scheme that can address its entire organizations data security either stores or transmitted. T/F?
    • A. 

      True

    • B. 

      False