CompTIA Security+ (Sy0-201) Quiz 2 Of 4

54 Questions | Total Attempts: 384

SettingsSettingsSettings
Security Plus Quizzes & Trivia

Patience folks, I'm still building this one. Should have it finished this afternoon. CompTIA Security+ (SY0-201) Practice Exam #2There will be four tests total (as the method of producing these tests seems to die after about 170 questions are loaded). Goal is four separate test with randomly selected questions so each attempt has a different set of 50 questions per attempt. There will be roughly 700 questions between all four practice exams. . . Disclaimer: I have been told from those that have gone to take the actual test that these questions are dissimilar. However, the basic disciplines are covered and should help considerably to pick out key associations between questions and answers


Questions and Answers
  • 1. 
    Which of the following allows for notification when a hacking attempt is discovered?
    • A. 

      NAT

    • B. 

      NIDS

    • C. 

      Netflow

    • D. 

      Protocol analyzer

  • 2. 
    When dealing with a 10BASE5 network, which of the following is the MOST likely security risk?
    • A. 

      An incorrect VLAN

    • B. 

      SSID broadcasting

    • C. 

      A repeater

    • D. 

      A vampire tap

  • 3. 
    Which of the following allows a technician to scan for missing patches on a device without actually attempting to exploit the security problem?
    • A. 

      A vulnerability scanner

    • B. 

      Security baselines

    • C. 

      A port scanner

    • D. 

      Group policy

  • 4. 
    Which of the following allows for proof that a certain person sent a particular email?
    • A. 

      Steganography

    • B. 

      Integrity

    • C. 

      Trusted Platform Module

    • D. 

      Non-repudiation

  • 5. 
    Which of the following uses a key ring?
    • A. 

      AES

    • B. 

      DES

    • C. 

      PGP

    • D. 

      RSA

  • 6. 
    Which of the following allows for the highest level of security at time of login?
    • A. 

      Single sign-on

    • B. 

      Two-factor authentication

    • C. 

      One-factor authentication

    • D. 

      NTLMv2

  • 7. 
    Sending a patch through a testing and approval process is an example of which of the following?
    • A. 

      Disaster planning

    • B. 

      Change management

    • C. 

      Acceptable use policies

    • D. 

      User education and awareness training

  • 8. 
    Sending continuous TCP requests to a device and ignoring the return information until the device ceases to accept new connections is an example of which of the following?
    • A. 

      TCP/IP hijacking

    • B. 

      DNS poisoning

    • C. 

      Kiting

    • D. 

      DoS

  • 9. 
    Which of the following would use a group of bots to stop a web server from accepting new requests?
    • A. 

      DoS

    • B. 

      DDoS

    • C. 

      MAC

    • D. 

      ARP

  • 10. 
    Which of the following is the MOST likely to generate static electricity?
    • A. 

      Low humidity and high temperature

    • B. 

      High humidity and low temperature

    • C. 

      Low humidity and low temperature

    • D. 

      High humidity and high temperature

  • 11. 
    Using an asymmetric key cryptography system, where can a technician generate the key pairs?
    • A. 

      A certificate authority

    • B. 

      IETF

    • C. 

      A key escrow service

    • D. 

      A recovery agent

  • 12. 
    Which of the following media is the LEAST likely to be successfully tapped into?
    • A. 

      Unshielded twisted pair cable

    • B. 

      Coaxial cable

    • C. 

      Fiber optic cable

    • D. 

      Shielded twisted pair cable

  • 13. 
    Which of the following allows a person to find public wireless access points?
    • A. 

      Weak encryption

    • B. 

      8021x

    • C. 

      SSID broadcast

    • D. 

      Data emanation

  • 14. 
    Which of the following allows a file to have different security permissions for users that have the same roles or user groups?
    • A. 

      Mandatory Access Control (MAC)

    • B. 

      Role-Based Access Control (RBAC)

    • C. 

      Discretionary Access Control (DAC)

    • D. 

      Rule-Based Access Control (RBAC)

  • 15. 
    A DMZ has a fake network that a hacker is attacking. Which of the following is this an example of?
    • A. 

      Firewall

    • B. 

      Man-in-the-middle

    • C. 

      Proxy server

    • D. 

      Honeypot

  • 16. 
    A company decides that the purchasing agent and the accounts receivable agent should exchange positions in order to allow for more oversight of past transactions. Which of the following is this an example of?
    • A. 

      Least privilege

    • B. 

      Implicit deny

    • C. 

      Separation of duties

    • D. 

      Job rotation

  • 17. 
    A user complains that the color laser printer continuously gives an access denied message while attempting to print a text document. The administrator logs onto the PC and prints successfully. Which of the following should the administrator check FIRST?
    • A. 

      That the printer has the correct size of paper in each of the trays

    • B. 

      That the toner should be changed in the printer

    • C. 

      That the user has sufficient rights to print to the printer

    • D. 

      That the user is attempting to print to the correct printer tray

  • 18. 
    Which of the following uses a sandbox to manage a programs ability to access system resources?
    • A. 

      Java

    • B. 

      ActiveX

    • C. 

      JavaScript

    • D. 

      Cold Fusion

  • 19. 
    Which of the following allows a technician to view the security permissions of a file?
    • A. 

      The access control list

    • B. 

      The security baseline

    • C. 

      The data emanation

    • D. 

      The local security template

  • 20. 
    A user is denied access to a file. The user had access to the file yesterday. Which of the following is the FIRST action for the technician to take?
    • A. 

      Deny the users request and forward to the human resources department.

    • B. 

      Reboot the system.

    • C. 

      Verify that the users permissions are correct.

    • D. 

      Grant access to the file.

  • 21. 
    A user is convinced that someone is attempting to use their user account at night. Which of the following should an administrator check FIRST in order to prove or disprove this claim?
    • A. 

      The IDS logs

    • B. 

      The security application logs

    • C. 

      The local security logs

    • D. 

      The firewall logs

  • 22. 
    A user reports that a web based application is not working after a browser upgrade. Before theupgrade, a login box would appear on the screen and disappear after login. The login box doesnot appear after the upgrade. Which of the following BEST describes what to check FIRST?
    • A. 

      That the software based firewall application trusts this site

    • B. 

      That the pop-up blocker application trusts this site

    • C. 

      That the anti-virus application trusts this site

    • D. 

      That the anti-spam application trusts this site

  • 23. 
    An intrusion has been detected on a company's network from the Internet. Which of the following should be checked FIRST?
    • A. 

      The firewall logs

    • B. 

      The DNS logs

    • C. 

      The access logs

    • D. 

      The performance logs

  • 24. 
    A user needs to verify that a patch file downloaded from a third party has not been modified since the time that the original manufacturer released the patch. Which of the following is the BEST way to verify that the file has not been modified?
    • A. 

      Compare the final MD5 hash with the original

    • B. 

      Download the patch file over an AES encrypted VPN connection

    • C. 

      Compare the final LANMAN hash with the original

    • D. 

      Download the patch file through a SSL connection

  • 25. 
    A technician suspects that one of the network cards on the internal LAN is causing a broadcast storm. Which of the following would BEST diagnose which NIC is causing this problem?
    • A. 

      The NIDS log file

    • B. 

      A protocol analyzer

    • C. 

      The local security log file

    • D. 

      The local firewall log file

Back to Top Back to top