Can You Pass This Difficult CompTIA Security+ Exam?

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Vaibhav Agarwal
V
Vaibhav Agarwal
Community Contributor
Quizzes Created: 58 | Total Attempts: 622,320
| Attempts: 66,063
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/100 Questions

    Backup is required only for electric power and not electronic data. T/F?

    • True
    • False
Please wait...
About This Quiz

This quiz has been made to see whether you are completely prepared for the real exam. This practice test will help you pass by familiarizing you with the material and the ensuring that you know the structure of the CompTIA Security+ test. Time yourself to 90 minutes to get a feel of the pressures of the real exam. The practice See moretest is designed to reflect the final exam. So, let's try out this challenging quiz. All the best!

Can You Pass This Difficult CompTIA Security+ Exam? - Quiz

Quiz Preview

  • 2. 

    Which of the following firewall policies is most restrictive?

    • Any any

    • Deny all

    • Permit all

    • None of the above

    Correct Answer
    A. Deny all
    Explanation
    The �deny all� is the most restrictive statement that is implicitly defined in the fireall when no other statement is configured. This will get applied to all packets that do not match with the criteria mentioned in the list above the �deny all� statement.

    Rate this question:

  • 3. 

    Which of the following is necessary even after an employee has attended a security awareness program?

    • Ensure security update bulletins are distributed to all employees at regular intervals.

    • Assign a test score to the employee for the training attended

    • Ensure the employee goes through one more such training

    • None of the above

    Correct Answer
    A. Ensure security update bulletins are distributed to all employees at regular intervals.
    Explanation
    The security awareness program attended by the employee may provide security awareness up to that date only. Any improvements and up gradation in security awareness there after must reach all the staff in form of bulletins.

    Rate this question:

  • 4. 

    Which of the following services when placed on the edge of the network, will provide security to the entire network?

    • Firewall

    • Router

    • Antivirus

    • None of the above

    Correct Answer
    A. Firewall
    Explanation
    Router is a gateway and antivirus resides on all systems. Firewall is meant to safe guard the network from external attacks.

    Rate this question:

  • 5. 

    Which of the following provide protection to the enterprise premises against attackers? Choose two

    • Burglar alarms

    • Bullet proof jackets

    • Surveillance systems

    • Public address systems

    Correct Answer(s)
    A. Burglar alarms
    A. Surveillance systems
    Explanation
    Burglar alarms and surveillance systems are an integral part of tracking and alerting authorities against intruders and attackers.

    Rate this question:

  • 6. 

    If you wish to allow the external users access your Web server you must block port number 110. T/F?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    If you wish to allow the external users access your Web server you must unblock port number 80.

    Rate this question:

  • 7. 

    Which part of the security policies must a user be aware of?

    • The applicable policies themselves and the effect caused by security breach

    • The person responsible for creating the policies.

    • The total number of policies that are there.

    • None of the above

    Correct Answer
    A. The applicable policies themselves and the effect caused by security breach
    Explanation
    It is very essential for every employee/user to know the relevant security policies and the effect of security breach.

    Rate this question:

  • 8. 

    Which of the following can be termed as brute force attack?

    • Trying all combinations to break a code

    • Breaking into strong cryptography

    • Forcibly capturing all data being transmitted

    • None of the above

    Correct Answer
    A. Trying all combinations to break a code
    Explanation
    When a particular message has been encrypted using random combinations, a person who is capturing this message will have to try all combinations of deciphering possible to expose the original message. This is known as brute force attack.

    Rate this question:

  • 9. 

    Which of the following is NOT a common type of social engineering attack?

    • Phishing 

    • Pretexting 

    • SQL injection 

    • Baiting

    Correct Answer
    A. SQL injection 
    Explanation
    SQL injection is a code injection technique used to attack data-driven applications. The other options are types of social engineering attacks:
    Phishing uses deceptive emails or websites to trick individuals into revealing sensitive information.
    Pretexting involves creating a false scenario to gain trust and obtain personal data.
    Baiting offers something enticing to lure victims into a trap, like a malicious USB drive.

    Rate this question:

  • 10. 

    Cryptography without keys is more secure than cryptography with keys. T/F?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    Cryptography without keys is not at all secure as the deciphering program will reside on the same media where the data or message is being received. In case of thest, the data can be stolen along with the deciphering program.

    Rate this question:

  • 11. 

    Which of the following can affect productivity? Choose two

    • A sick employee on leave

    • Network resources being unavailable to users

    • Server crashes and no disaster recovery plan is in place

    • A whole department has been assigned to training

    Correct Answer(s)
    A. Network resources being unavailable to users
    A. Server crashes and no disaster recovery plan is in place
    Explanation
    Network resources not being available means the user has to manage with available resource and hence use more time than required to complete a task. Server crashing and no DRP in place means excess of down time and this affecting the work of several employees. Both these situations can hamper productivity.

    Rate this question:

  • 12. 

    Does NTFS provide file system security?

    • Yes

    • No

    Correct Answer
    A. Yes
    Explanation
    NTFS supports EFS (Encrypted File System) which allows data stored on a mass storage device to be saved in encrypted format.

    Rate this question:

  • 13. 

    Which of the following will allow you to take stock of sensitive data in the organization?

    • Scanning all floppies that are allowed into the network

    • Running scan disk on all drives

    • Auditing all servers for stored data

    • None of the above

    Correct Answer
    A. Auditing all servers for stored data
    Explanation
    By auditing all servers in the network for stored data, you can classify data as sensitive or non-sensitive. Auditing is the best process of taking stock of sensitive data in the network.

    Rate this question:

  • 14. 

    Which of the following port numbers is used by SMTP?

    • 25

    • 26

    • 27

    Correct Answer
    A. 25
    Explanation
    SMTP service uses port number 25.

    Rate this question:

  • 15. 

    Which of the following processes will allow you to ascertain organizational assets?

    • Auditing

    • Monitoring

    • Troubleshooting

    • None of the above

    Correct Answer
    A. Auditing
    Explanation
    Auditing is an accounting process where in the organization assets and deficits will be accounted for.

    Rate this question:

  • 16. 

    Which of the following can be termed as the Denial of Service Attack?

    • A computer on your network has crashed

    • Your router is unable to find a destination outside of your network

    • Your Web server has gone into a loop trying to service a client request.

    • You keyboard is no longer responding.

    Correct Answer
    A. Your Web server has gone into a loop trying to service a client request.
    Explanation
    DoS is a way of engaging a Web Server continuously in one specific task by outing it on a loop and ensuring it is unable to respond to any further requests.

    Rate this question:

  • 17. 

    When debugging an Operating system, a programmer would make use of a front door. T/F?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    A programmer makes use of back doors in the program for the purpose of debugging or observing the performance of the program.

    Rate this question:

  • 18. 

    If you had to implement a foolproof method of establishing a User ID in your organization, which of the following would you choose? Choose the best answer.

    • Smart Card

    • Username/Password

    • Biometric

    • Credit Card

    Correct Answer
    A. Biometric
    Explanation
    Biometric will authenticate or establish User ID depending on the physical attribute of the user. For ex: Finger print, hand scan or retina scan. Since these physical attributes are always physically attached to the person, there is no fear of any of these being lost or reaching wrong hands. Hence Biometric is the most secure form of authentication.

    Rate this question:

  • 19. 

    Which of the following are encryption systems? Choose two.

    • RC5

    • Blowfish

    • MAC

    • ARP

    Correct Answer(s)
    A. RC5
    A. Blowfish
    Explanation
    RC5 and Blowfish are encryption systems. MAC is a type of hardware address. ARP is a protocol that resolves MAC address to IP address.

    Rate this question:

  • 20. 

    It is ideal that a network supports a specific encryption standard only. T/F?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    Supporting only a specific encryption standard will make that network a closed network and will make it impossible to communicate with networks that follow flexibility in encryption.

    Rate this question:

  • 21. 

    Which of the following statements about a Modem are true? Choose two.

    • It steps us AC voltage

    • It steps down DC voltage

    • It modulates and demodulates signals for the Computer and the telephone line.

    • It converts Analog signals to digital and vice versa.

    Correct Answer(s)
    A. It modulates and demodulates signals for the Computer and the telephone line.
    A. It converts Analog signals to digital and vice versa.
    Explanation
    As the name suggests the modem mainly modulates and demodulates signals. Seated (logically) between the telephone line and the PC, it is responsible for converting the analog signals of the telephone to the digital signals required by the PC and vice versa.

    Rate this question:

  • 22. 

    Which of the following is true about Public/Private key pairs? Choose two.

    • They form an essential part of Website security

    • They are used by Certificate security system

    • They are a pair of clear text passwords

    • They are obsolete.

    Correct Answer(s)
    A. They form an essential part of Website security
    A. They are used by Certificate security system
    Explanation
    They forma an essential part of Web site security system, as it is the most convenient security system for Web sites considering that clients would be accessing the Web site over the public network. The Certificate security system uses the basic logic of Public/Private key pairs.

    Rate this question:

  • 23. 

    The concept of public key cryptography was introduced by Diffie-Hellman. T/F?

    • True

    • False

    Correct Answer
    A. True
    Explanation
    The issues with key distribution faced by conventional encryption, was overcome by the Public-key cryptography concepts introduced by Diffie-Hellman.

    Rate this question:

  • 24. 

    An authorized update is one way of securing the DNS server. T/F?

    • True

    • False

    Correct Answer
    A. True
    Explanation
    Authorizing the sender of the update and then checking for verification purpose is one way of securing the DNS server database and service availability.

    Rate this question:

  • 25. 

    To prevent internal Web servers from being accessed you must block TCP port 20. T/F?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    The port number 443 must also be blocked.

    Rate this question:

  • 26. 

    Which of the following protocols help to gain MAC address of a PC on the network?

    • ARP

    • FTP

    • TFTP

    • DHCP

    Correct Answer
    A. ARP
    Explanation
    Address Resolution Protocol (ARP) of the IP protocol suite is responsible for obtaining MAC address of the PC whose IP address is available for communication.

    Rate this question:

  • 27. 

    Which of the following are an advantage and a disadvantage with clear text authentication?

    • Advantage is that it is easy to remember passwords

    • Advantage is that it is easy to implement

    • Disadvantage is that it is difficult to implement

    • Disadvantage is that it is not secure

    Correct Answer(s)
    A. Advantage is that it is easy to implement
    A. Disadvantage is that it is not secure
    Explanation
    Clear text authentication is very simple and easy to implement and verify. But a network that has implemented clear text security is not very secure as it is very easy to decipher clear text passwords.

    Rate this question:

  • 28. 

    Which of the following protocols could a VPN make use of? Choose two.

    • PPTP

    • L2TP

    • HTTP

    • NNTP

    Correct Answer(s)
    A. PPTP
    A. L2TP
    Explanation
    A VPN tunnel requires tunneling protocols. L2TP (Layer 2 Tunneling Protocol) and PPTP (Point to Point Tunneling Protocol) are the only two relevant protocols that relate to VPN. HTTP and NNTP are services that are usually configured on a Web Server.

    Rate this question:

  • 29. 

    If you cannot afford a hot site, which of the following would be an alternate solution?

    • Warm site

    • Cold site

    • Luke warm site

    • None of the above

    Correct Answer
    A. Warm site
    Explanation
    A warm site would provide all facilities other than computers. Hence the return time to business is usually more than t hat in hot site.

    Rate this question:

  • 30. 

    Which of the following does the Biometrics use to establish user identity? Choose all that apply. 

    • Finger prints

    • Retinal scan

    • Some times the DNA structure too to establish user Id

    Correct Answer(s)
    A. Finger prints
    A. Retinal scan
    A. Some times the DNA structure too to establish user Id
    Explanation
    Biometrics is a technology used to establish user identity through unique physiological or behavioral characteristics. Fingerprints are one of the most widely recognized biometric identifiers. Each person's fingerprint pattern is unique, and allows for highly accurate and rapid identification. Retinal scans provides a high level of accuracy because the retinal pattern remains stable throughout a person's life. DNA-based identification is typically reserved for situations where the utmost accuracy is required, such as in forensic investigations or specialized security applications.

    Rate this question:

  • 31. 

    In case of fire, which o the following needs to be programmed to be put off instantly?

    • Electric supply

    • Air conditioner

    • Fire

    • None of the above

    Correct Answer
    A. Electric supply
    Explanation
    Leaving the electric supply on during fire can have disastrous effect on the site. T o avoid this, it is ideal that the electric supply be programmed to be put off with the usage of heat sensors.

    Rate this question:

  • 32. 

    Which of the following vulnerabilities could be a common error on the servers?

    • Virus database not being updated as per schedule

    • Forgetting to restart the server

    • Installing an incorrect version of an application

    • None of the above

    Correct Answer
    A. Virus database not being updated as per schedule
    Explanation
    Virus database not being updated as per schedule could be a common but serious error on the servers that gives rise to vulnerabilities.

    Rate this question:

  • 33. 

    Which of the following is essential for backing up burglar alarms and surveillance systems? Choose two

    • Burglar alarms are connected to the local police or security organization through telephone lines

    • Burglar alarms are connected to the local police or security organization being powered by an electric supply

    • None

    Correct Answer(s)
    A. Burglar alarms are connected to the local police or security organization through telephone lines
    A. Burglar alarms are connected to the local police or security organization being powered by an electric supply
    Explanation
    Usually, burglar alarms are connected to the local police or security organization through telephone lines as well as being powered by electric supply. Hence it is important to backup telephone lines as well as power lines.

    Rate this question:

  • 34. 

    Stateful inspection firewall will operate on all the 7 layers of the OSI reference model. T/F?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    Stateful Inspection firewall will not operate on all the & layers of OSI reference mode.

    Rate this question:

  • 35. 

    What is the requirement for cryptography? Choose two.

    • To avoid unauthorized access of information being stored

    • To avoid unauthorized access of network resources

    • To avoid unauthorized access of information being transmitted.

    • To avoid unauthorized access of network servers

    Correct Answer(s)
    A. To avoid unauthorized access of information being stored
    A. To avoid unauthorized access of information being transmitted.
    Explanation
    Network resource access will have to be controlled through access permissions. Server access will have to be controlled through physical security to the server. Unauthorized access prevention of stored information or information being transmitted is the role of cryptography.

    Rate this question:

  • 36. 

    A digital signature is synonymous to which of the following?

    • Finger print

    • Hand written signature

    • Blood sample

    • None of the above

    Correct Answer
    A. Hand written signature
    Explanation
    A digital signature is a mathematical scheme for verifying the authenticity and integrity of digital documents or messages. It is the electronic equivalent of a handwritten signature, providing assurance that the document or message originated from the claimed sender and has not been altered in transit.

    Rate this question:

  • 37. 

    Differential cryptanalysis is nothing but pattern studying. T/F?

    • True

    • False

    Correct Answer
    A. True
    Explanation
    Differential Cryptanalysis is nothing but pattern studying. It chooses a pair of plain text with specific differences.

    Rate this question:

  • 38. 

    If you have implemented a DHCP in your network and you would wish to secure this service so that no external user will be able to become a DHCP client, which of the following would you ensure?

    • Block port numbers 20 and 21 on the external interface for incoming connections

    • Block port numbers 20 and 21 on the internal interface.

    • Block port numbers 67 and 68 on the external interface for incoming connections

    • Block port numbers 67 and 68 on the internal interface

    Correct Answer
    A. Block port numbers 67 and 68 on the external interface for incoming connections
    Explanation
    Blocking port numbers 67 and 68 on the external interface of the firewall for incoming connections will ensure that no external user will be able to access the internal DHCP server.

    Rate this question:

  • 39. 

    When employing message digest, if data does get modified, which of the following will be the result of that modification?�

    • The receiving end and the sending end will receive an alert notification

    • The resulting digest after data modification will contain a completely different value.

    • The messages will be dropped and retransmitted.

    • None of the above

    Correct Answer
    A. The resulting digest after data modification will contain a completely different value.
    Explanation
    When cryptography uses a hash function on plain text, a fixed length of data called the message digest is generated. This message digest helps to preserve the data integrity by generating a digest value when the data was originally transmitted. If during transmission the data gets modified, the message digest value that will be resulting will be a totally different value from the original one. This is usually verified at the receiving end before accepting and confirming the receipt of data.

    Rate this question:

  • 40. 

    RADIUS is abbreviation for Remote Access Data Inspection User Service. T/F?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    RADIUS is abbreviation for Remote Access Dial In User Service.

    Rate this question:

  • 41. 

    RSA is the encryption system used in cellular devices. T/F?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    ECC is the encryption system used in cellular devices.

    Rate this question:

  • 42. 

    Which of the following can be referred to as highly confidential data?

    • Intranet web site

    • Customer information

    • Budget related information

    • None of the above

    Correct Answer
    A. Customer information
    Explanation
    Customer information is usually classified as highly confidential information. Budget related information is classified as confidential information.

    Rate this question:

  • 43. 

    Surge protectors are meant to provide backup to electrical and electronic devices. T/F?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    Power Supply Units provide backup power, whereas surge protectors solely shield devices from transient voltage spikes.

    Rate this question:

  • 44. 

    You are configuring a VPN whose tunnel passes through the public network. You are concerned for the security as your VPN may be connecting across the globe to several networks operating on different platforms. Which of the following would be ideal to secure your VPN? Choose the best answer.

    • PPTP

    • IPSec

    • Kerberos

    • Certificate

    Correct Answer
    A. IPSec
    Explanation
    Since the only protocol that supports cross platform communication is IP, the best way to implement security in this scenario would be through IPSec. PPTP is a tunneling protocol and does not relate to security. Kerberos is a LAN security protocol. Certificates can help in this scenario provided the access limitation is acceptable.

    Rate this question:

  • 45. 

    As per a company policy, which of the following personnel should be considered as insiders? Choose two.

    • Key employees

    • Contractors

    • Ex-employees

    • Vendors

    Correct Answer(s)
    A. Key employees
    A. Contractors
    Explanation
    Although as per certain company policies that provide granular clarity and specific information, even ex-employees are considered as insiders, by and large many corporates consider only key employees and contractors as insiders as they require some kind of an access to the company resources and in specific network resources.

    Rate this question:

  • 46. 

    Cyphertext can be used for punch system locks. T/F?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    Cypher locks can be used in punch lock systems and not Ciphertext. Cyphertext is an encryption scheme.

    Rate this question:

  • 47. 

    To allow access to a campus you would use Kerberos. T/F?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    To allow access to a campus you would use smart cards.

    Rate this question:

  • 48. 

    While assigning access privilege using the DAC, which of the following will you be needing?

    • User database

    • Access Control list

    • Resource list

    • None of the above

    Correct Answer
    A. Access Control list
    Explanation
    The information of mapping users to their permissions for resource access would be available in the ACL.

    Rate this question:

  • 49. 

    In symmetric-key encryption, one key will be used for encryption and another will be used for decryption to provide maximum security. T/F?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    In symmetric-key encryption, one key will be used for encryption as well as decryption.

    Rate this question:

Quiz Review Timeline (Updated): Jan 21, 2025 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Jan 21, 2025
    Quiz Edited by
    ProProfs Editorial Team
  • Dec 05, 2006
    Quiz Created by
    Vaibhav Agarwal

Recent Quizzes

Security Plus Questions: Comptia Quiz! Security Plus Questions: Comptia Quiz!
CompTIA Security+ SY0-501 Practice Test 02 CompTIA Security+ SY0-501 Practice Test 02
CompTIA Security+ SY0-501 Practice Test 01 CompTIA Security+ SY0-501 Practice Test 01
Quiz on CompTIA Security+ Certification! Trivia Questions Quiz on CompTIA Security+ Certification! Trivia Questions
Comptia Security+ Practice Exam Comptia Security+ Practice Exam
Comptia Security PLUS Practice Exam Comptia Security PLUS Practice Exam
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.