Patience folks, I'm still building this one. Should have it finished this afternoon.
CompTIA Security+ (SY0-201) Practice Exam #2
There will be four tests total (as the method of producing these tests seems to die after about 170 questions are loaded). Goal is four separate test with randomly selected questions so each attempt has a different set of 50 questions per See moreattempt.
There will be roughly 700 questions between all four practice exams. . .
Disclaimer: I have been told from those that have gone to take the actual test that these questions are dissimilar. However, the basic disciplines are covered and should help considerably to pick out key associations between questions and answers
An incorrect VLAN
SSID broadcasting
A repeater
A vampire tap
Rate this question:
A vulnerability scanner
Security baselines
A port scanner
Group policy
Rate this question:
Steganography
Integrity
Trusted Platform Module
Non-repudiation
Rate this question:
AES
DES
PGP
RSA
Rate this question:
Single sign-on
Two-factor authentication
One-factor authentication
NTLMv2
Rate this question:
Disaster planning
Change management
Acceptable use policies
User education and awareness training
Rate this question:
TCP/IP hijacking
DNS poisoning
Kiting
DoS
Rate this question:
DoS
DDoS
MAC
ARP
Rate this question:
Low humidity and high temperature
High humidity and low temperature
Low humidity and low temperature
High humidity and high temperature
Rate this question:
A certificate authority
IETF
A key escrow service
A recovery agent
Rate this question:
Unshielded twisted pair cable
Coaxial cable
Fiber optic cable
Shielded twisted pair cable
Rate this question:
Weak encryption
8021x
SSID broadcast
Data emanation
Rate this question:
Mandatory Access Control (MAC)
Role-Based Access Control (RBAC)
Discretionary Access Control (DAC)
Rule-Based Access Control (RBAC)
Rate this question:
Firewall
Man-in-the-middle
Proxy server
Honeypot
Rate this question:
Least privilege
Implicit deny
Separation of duties
Job rotation
Rate this question:
That the printer has the correct size of paper in each of the trays
That the toner should be changed in the printer
That the user has sufficient rights to print to the printer
That the user is attempting to print to the correct printer tray
Rate this question:
Java
ActiveX
JavaScript
Cold Fusion
Rate this question:
The access control list
The security baseline
The data emanation
The local security template
Rate this question:
Deny the users request and forward to the human resources department.
Reboot the system.
Verify that the users permissions are correct.
Grant access to the file.
Rate this question:
The IDS logs
The security application logs
The local security logs
The firewall logs
Rate this question:
That the software based firewall application trusts this site
That the pop-up blocker application trusts this site
That the anti-virus application trusts this site
That the anti-spam application trusts this site
Rate this question:
The firewall logs
The DNS logs
The access logs
The performance logs
Rate this question:
Compare the final MD5 hash with the original
Download the patch file over an AES encrypted VPN connection
Compare the final LANMAN hash with the original
Download the patch file through a SSL connection
Rate this question:
The NIDS log file
A protocol analyzer
The local security log file
The local firewall log file
Rate this question:
Explain how easy it is for a hacker to crack weak passwords
Show the user a domain overview, including a list of weak passwords.
Refer the user to a strong password demonstrator
Ask the user to review the corporate policies and procedures manual
Rate this question:
Install multiple high end servers, sharing a clustered network operating system
Install a single low end server, running multiple virtual servers
Install a single high end server, running multiple virtual servers
Install multiple low end servers, each running a network operating system
Rate this question:
Java input error
Cross-site scripting
Buffer overflow
SQL injection
Rate this question:
Viruses
Worms
Botnets
Trojans
Rate this question:
Logic bomb
Rootkit
Botnet
Privilege escalation
Rate this question:
Replay
Spoofing
TCP/IP hijacking
Man-in-the-middle
Rate this question:
Accept the risk
Mitigate the risk
Reject the risk
Run a new risk assessment
Rate this question:
$2,700
$4,500
$5,000
$7,290
Rate this question:
Many HIDS require frequent patches and updates.
Many HIDS are not able to detect network attacks
Many HIDS have a negative impact on system performance.
Many HIDS only offer a low level of detection granularity.
Many HIDS are not good at detecting attacks on database servers.
Rate this question:
Remote access user connecting via SSL VPN
Office laptop connected to the enterprise LAN
Remote access user connecting via corporate dial-in server
Office laptop connected to a home users network
Rate this question:
Malware installation from suspects Internet sites
Man-in-the-middle attacks
Phishing and spam attacks
DDoS attacks against the underlying OS
Rate this question:
Users assigned to roles, permissions are assigned to groups, controls applied to groups and permissions acquired by controls
Users assigned permissions, roles assigned to groups and users acquire additional permissions by being a member of a group
Roles applied to groups, users assigned to groups and users acquire permissions by being a member of the group
Users assigned to roles, permissions are assigned to roles and users acquire permissions by being a member of the role
Rate this question:
Mantrap
Security badges
Hardware locks
Token access
Rate this question:
Trojan
Adware
Worm
Rootkit
Rate this question:
To ensure that email is encrypted by users of PGP
To ensure that PKI will work properly within the company's trust model
To ensure that performance is standardized across all servers
To ensure that all servers start from a common security configuration
To ensure that servers are in compliance with the corporate security policy
Rate this question:
Antivirus
PGP
Firewall
PKI
IDS
Rate this question:
The frequency of signature updates
The ability to scan encrypted files
The availability of application programming interface
The number of emails that can be scanned
The number of viruses the software can detect
Rate this question:
Updating the firewall configuration to include the patches
Running a NIDS report to list the remaining vulnerabilities
Auditing for the successful application of the patches
Backing up the patch file executable to a network share
Rate this question:
A patch in a service pack fixes the issue, but too many extra patches are included.
A patch is not available and workarounds do not correct the problem.
A patch is available, but has not yet been tested in a production environment
A patch is too large to be distributed via a remote deployment tool
Rate this question:
Vulnerability assessment
Fingerprinting
Penetration testing
Fuzzing
Rate this question:
Protocol analyzer
Penetration testing tool
Network mapper
Vulnerability scanner
Rate this question:
Before initial configuration
Before loading the OS
After a user logs in
After initial configuration
Rate this question:
Log on only as the administrator
Install only needed software
Check the logs regularly
Report all security incidents
Rate this question:
Install a repeater
Uninterruptible power supply (UPS)
Faraday cage
Disable SSID broadcast
Rate this question:
Quiz Review Timeline (Updated): Mar 21, 2023 +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
Wait!
Here's an interesting quiz for you.