CompTIA Security+ Practice Exam (3)

100 Questions | By Mastermind1100 | Updated: Mar 17, 2022 | Attempts: 1111

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

Comptia Security+ Practice Exam (3) Full length Comptia Security+ Practice Exam. Take this exam like the real exam to see if you are completely prepared for the real exam. Time yourself to 90 minutes to get a feel of the pressures of the real exam. The practice test is designed to reflect the final exam.

Questions and Answers

1.

What does the security administrator wants to prevent by ensuring that the users' password cannot be seen by passersby?
- A.
  
  The security administrator wants to stop a man-in-the-middle attack.
- B.
  
  The security administrator wants to stop shoulder surfing.
- C.
  
  The security administrator wants to stop dumpster diving.
- D.
  
  The security administrator wants to stop phishing.
2.

Identify an efficient social engineering defensive strategy?
- A.
  
  You should implement training and awareness strategy.
- B.
  
  You should implement escorting of guests strategy.
- C.
  
  You should implement badge security system strategy.
- D.
  
  You should implement marking of documents strategy.
3.

Identify how the risks of social engineering can be reduced? (Choose TWO)
- A.
  
  You should implement operating system patching instructions.
- B.
  
  You should implement security awareness training.
- C.
  
  You should implement risk assessment policies.
- D.
  
  You should implement vulnerability testing techniques.
- E.
  
  You should implement identity verification methods.
4.

Where would a social engineering attack be most efficient? (Choose TWO)
- A.
  
  It will be efficient in an environment with a help desk whose personnel have a little training.
- B.
  
  It will be efficient in an environment with committed information technology (IT) security staff.
- C.
  
  It will be efficient in a public building that contains shared office space.
- D.
  
  It will be efficient in a military facility with computer equipment containing biometrics.
- E.
  
  It will be efficient in a locked, windowless building.
5.

What do you call the action when a person masquerades as a reputable hardware technician in order to pick up a server for repairs?
- A.
  
  This is known as a Trojan horse.
- B.
  
  This is known as a man-in-the-middle attack.
- C.
  
  This is known as a phishing attack.
- D.
  
  This is known as social engineering.
6.

What is the scenario called that an attacker uses to persuade a user to execute an action to be successful?
- A.
  
  This is known as a back door.
- B.
  
  This is known as password guessing.
- C.
  
  This is known as man-in-the-middle.
- D.
  
  This is known as social engineering.
7.

A stranger enters the head offices of Certkiller .com pretending to be a communications technician. A packet sniffer is then connected to the network switch in the wiring closet and hidden behind the switch against a wall. This process is known as?
- A.
  
  It is an example of social engineering
- B.
  
  It is an example of a vulnerability scan.
- C.
  
  It is an example of a man in the middle attack.
- D.
  
  It is an example of a penetration test.
8.

Which of the following network mapping tools uses ICMP (Internet Control Message Protocol)?
- A.
  
  Port scanner.
- B.
  
  Map scanner.
- C.
  
  Ping scanner.
- D.
  
  Share scanner.
9.

What can an attacker can determine which network services are enabled on a target system?
- A.
  
  Installing a rootkit on the target system.
- B.
  
  Checking the services file.
- C.
  
  Enabling logging on the target system.
- D.
  
  Running a port scan against the target system.
10.

What type of port scan is used to determine which ports are in a listening state and then performs a two way handshake?
- A.
  
  TCP (transmission Control Protocol) SYN (Synchronize) scan
- B.
  
  TCP (transmission Control Protocol) connect scan
- C.
  
  TCP (transmission Control Protocol) fin scan
- D.
  
  TCP (transmission Control Protocol) null scan
11.

You are in the process of auditing the security position of the company and detect that users are able to access the accounting data of the company. How can this be solved?
- A.
  
  You have to implement a host based intrusion detection system to address this problem.
- B.
  
  You have to ensure that the user rights and security groups are changed.
- C.
  
  You have to implement a host based intrusion prevention system to address this problem.
- D.
  
  You have to ensure that the file level audit settings are changed.
12.

What is the function of an auditing record on an information system? (Choose TWO)
- A.
  
  You should identify printing as the function of the auditing record.
- B.
  
  You should identify troubleshooting as the function of the auditing record.
- C.
  
  You should identify investigations as the function of the auditing record.
- D.
  
  You should identify performance as the function of the auditing record.
- E.
  
  You should identify installing as the function of the auditing record.
13.

Evaluating cryptographic hash functions of system executables, configuration files and log files illustrates which process?
- A.
  
  You should identify stateful packet filtering.
- B.
  
  You should identify host based intrusion detection.
- C.
  
  You should identify network based intrusion detection.
- D.
  
  You should identify file integrity auditing.
14.

Identify the logs that will illustrate the unapproved usage attempts after the implementation of a file audit?
- A.
  
  The Application will show the usage attempts that are not approved.
- B.
  
  The Performance will show the usage attempts that are not approved.
- C.
  
  The System will show the usage attempts that are not approved.
- D.
  
  The Security will show the usage attempts that are not approved.
15.

Identify the step that is often disregarded during an auditing process?
- A.
  
  Auditing all system events is frequently disregarded.
- B.
  
  Permitting auditing on the system is frequently disregarded.
- C.
  
  Deciding the events that need to be audit is frequently disregarded.
- D.
  
  Regularly reviewing event logs is frequently disregarded.
16.

Identify the series of steps in the auditing process?
- A.
  
  You should consider enabling auditing. Then you can set auditing to record the events.
- B.
  
  You should consider enabling auditing. Then you can set auditing on the object and respond as alerts are generated.
- C.
  
  You should consider setting auditing on the object and respond as alerts are produced.
- D.
  
  You should consider enabling auditing. Then you can set auditing on objects and review event logs.
17.

Which of the following is a VPN (Virtual Private Network) protocol that operates at the Network Layer (Layer 3) of the OSI (Open Systems Interconnect) model?
- A.
  
  PPP (Point-to-Point Protocol)
- B.
  
  SSL (Secure Sockets Layer)
- C.
  
  L2TP (Layer Two Tunneling Protocol)
- D.
  
  IPSec (Internet Protocol Security)
18.

Which of the following is a tunneling protocol that only works on IP networks?
- A.
  
  IPX
- B.
  
  L2TP
- C.
  
  PPTP
- D.
  
  SSH
19.

On a firewall, which ports must be open in order to support L2TP (Layer Two Tunneling Protocol) and PPTP (Point-to-Point Tunneling Protocol) connections respectively?
- A.
  
  TCP (Transmission Control Protocol) port 635 and UDP (User Datagram Protocol) port 654
- B.
  
  TCP (Transmission Control Protocol) port 749 and UDP (User Datagram Protocol) port 781
- C.
  
  UDP (User Datagram Protocol) port 1701 and TCP (transmission Control Protocol) port 1723
- D.
  
  TCP (Transmission Control Protocol) port 1812 and UDP (User Datagram Protocol) port 1813
20.

Which of the following are VPN (Virtual Private Network) tunneling protocols? (Choose two)
- A.
  
  PPP (Point-to-Point Protocol).
- B.
  
  SLIP (Serial Line Internet Protocol).
- C.
  
  L2TP (Layer Two Tunneling Protocol).
- D.
  
  SMTP (Simple Mail Transfer Protocol).
- E.
  
  PPTP (Point-to-Point Tunneling Protocol).
21.

In addition to opening the appropriate L2TP (Layer Two Tunneling Protocol) and IKE (Internet Key Exchange) transport layer ports on the perimeter router and firewall, what steps must be performed on the perimeter router and firewall to allow AH (Authentication Header) and ESP (Encapsulating Security Payload) tunnel-encapsulated IPSec (Internet Protocol Security) traffic to flow between a client and the firewall?
- A.
  
  The perimeter router and firewall must allow inbound protocol number 51 for ESP (Encapsulating Security Payload) encapsulated IPSec (Internet Protocol Security) traffic
- B.
  
  The perimeter router and firewall must allow inbound protocol number 49 for ESP (Encapsulating Security Payload) encapsulated IPSec (Internet Protocol Security) traffic
- C.
  
  The perimeter router and firewall must allow inbound protocol numbers 50 and 51 for ESP (Encapsulating Security Payload) and All (Authentication Header) encapsulated IPSec (Internet Protocol Security) traffic
- D.
  
  The perimeter router and firewall must allow inbound protocol numbers 52 and 53 for AH (Authentication Header) and ESP (Encapsulating Security Payload) encapsulated IPSec (Internet Protocol Security) traffic
22.

Which of the following can be used to authenticate and encrypt IP (Internet Protocol) traffic?
- A.
  
  ESP (Encapsulating Security Payload)
- B.
  
  S/MIME (Secure Multipurpose Internet Mail Extensions)
- C.
  
  IPSec (Internet Protocol Security)
- D.
  
  IPv2 (Internet Protocol version 2)
23.

Which of the following can be used to create a VPN (Virtual Private Network)?
- A.
  
  PPP (Point-to-Point Protocol).
- B.
  
  PPTP (Point-to-Point Tunneling Protocol).
- C.
  
  SLIP (Serial Line Internet Protocol).
- D.
  
  ESLIP (Encrypted Serial Line Internet Protocol).
24.

Which of the following are VPN (Virtual Private Network) tunneling protocols?
- A.
  
  IPSec (Internet Protocol Security), L2TP (Layer Two Tunneling Protocol), and SSL (Secure Sockets Layer)
- B.
  
  IPSec (Internet Protocol Security), L2TP (Layer Two Tunneling Protocol), and PPP (Point-to-Point Protocol)
- C.
  
  L2TP (Layer Two Tunneling Protocol), PPTP (Point-to-Point Tunneling Protocol), and SSL (Secure Sockets Layer)
- D.
  
  PPTP (Point-to-Point Tunneling Protocol), L2TP (Layer Two Tunneling Protocol), and IPSec (Internet Protocol Security)
25.

What is the biggest benefit to using RADIUS (Remote Authentication Dial-in User Service) for a multi-site VPN (Virtual Private Network) that supports a large number of remote users?
- A.
  
  RADIUS (Remote Authentication Dial-in User Service) provides for a centralized user database.
- B.
  
  RADIUS (Remote Authentication Dial-in User Service) provides for a decentralized user database.
- C.
  
  No user database is required with RADIUS (Remote Authentication Dial-in User Service).
- D.
  
  User database is replicated and stored locally on all remote systems.