CompTIA Security+ (sy0-301) Practice Exam

50 Questions
Security Plus Quizzes & Trivia

Practice test for the CompTIA Security+ (SY0-301) Exam

Please wait...
Questions and Answers
  • 1. 
    What feature of a network switch allows the network administrator to capture network traffic when monitoring or troubleshooting the network?
    • A. 

      Port security

    • B. 

      VLAN

    • C. 

      Collision domain

    • D. 

      Port Mirroring

  • 2. 
    Your manager has been reading about hackers capturing network traffic in a switched network environment and is wondering how it is possible that hackers can do this.  How can this be accomplished?  (Select all that apply.)
    • A. 

      ARP Poisioning

    • B. 

      Port mirroring

    • C. 

      Port security

    • D. 

      MAC flooding

    • E. 

      VLANs

  • 3. 
    Your company has a web application that seems to be running slowly.  Your manager is wondering what can be done to improve the performance.  How do you respond?
    • A. 

      Install a proxy server

    • B. 

      Install a load balancer

    • C. 

      Configure the web site in a VLAN

    • D. 

      Configure port security

  • 4. 
    Which of the following devices could be used to limit which web sites users on the network can visit?
    • A. 

      Router

    • B. 

      Load balancer

    • C. 

      Proxy server

    • D. 

      CAT 5e

  • 5. 
    Which TCP/IP protocol is used to convert the IP address to a MAC address?
    • A. 

      ARP

    • B. 

      TCP

    • C. 

      ICMP

    • D. 

      UDP

  • 6. 
    What ICMP type is used to identify echo request messages?
    • A. 

      0

    • B. 

      4

    • C. 

      8

    • D. 

      9

  • 7. 
    Which of the following identifies the stages of the three-way handshake?
    • A. 

      ACK/SYN, ACK, SYN

    • B. 

      SYN, ACK/SYN, ACK

    • C. 

      ACK, SYN, ACK/SYN

    • D. 

      SYN, ACK, ACK/SYN

  • 8. 
    Which of the following represents ports used by secure TCP applications? (Select all that apply.)
    • A. 

      23

    • B. 

      22

    • C. 

      80

    • D. 

      143

    • E. 

      443

  • 9. 
    You are the network administrator for a small company, and you wish to follow security best practices that relate to the switch.  Which of the following should you do? (Select all that apply.)
    • A. 

      Disable unused ports

    • B. 

      Enable all unused ports

    • C. 

      Configure port security

    • D. 

      Disable port security

    • E. 

      Enable console password

    • F. 

      Disable console password

  • 10. 
    What popular feature of a switch allows you to create communication boundaries between systems connected to the switch?
    • A. 

      ARP poisoning

    • B. 

      Port mirroring

    • C. 

      Port security

    • D. 

      MAC flooding

    • E. 

      VLANs

  • 11. 
    As requested by your manager you purchase two servers to participate in a server cluster so that if one server fails, the other server will take over the workload.  Which of the following goals of security has been met?
    • A. 

      Confidentiality

    • B. 

      Accountability

    • C. 

      Integrity

    • D. 

      Availability

  • 12. 
    You have protected the contents of a highly sensitive file by encrypting the data using Windows EFS. Which of the following goals of security has been satisfied?
    • A. 

      Confidentiality

    • B. 

      Accountability

    • C. 

      Integrity

    • D. 

      Availability

  • 13. 
    You have managed the file permissions on a file so that unauthorized persons cannot make modifications to the file. What goal of security has been met?
    • A. 

      Confidentiality

    • B. 

      Accountability

    • C. 

      Integrity

    • D. 

      Availability

  • 14. 
    You have configured your network so that each person on the network must provide a username and password to gain access. Presenting a username is an example of what?
    • A. 

      Authentication

    • B. 

      Identification

    • C. 

      Authorization

    • D. 

      Confidentiality

  • 15. 
    You have configured the permissions on the accounting folder so that the Accounting group can create, modify, and delete content in the folder; the Managers group can read the contents of the folder; and all other users have been denied access. This is an example of which of the following?
    • A. 

      Authentication

    • B. 

      Identification

    • C. 

      Authorization

    • D. 

      Confidentiality

  • 16. 
    Which of the following are considered biometrics? (Select all that apply)
    • A. 

      Username and password

    • B. 

      Smartcard

    • C. 

      PIN number

    • D. 

      Fingerprint

    • E. 

      Retina scan

  • 17. 
    Before an individual is authorized to access resources on the network, they are first ________ with the network.
    • A. 

      Authenticated

    • B. 

      Identified

    • C. 

      Authorized

    • D. 

      Encrypted

  • 18. 
    • A. 

      Due diligence

    • B. 

      Separation of duties

    • C. 

      Least privilege

    • D. 

      Due care

  • 19. 
    All accountants need to be able to modify the accounting data except for Bob. Due to Bob’s job requirements, you have ensured that Bob receives only the read permission to the accounting data. This is an example of which of the following?
    • A. 

      Rotation of duties

    • B. 

      Separation of duties

    • C. 

      Least privilege

    • D. 

      Due care

  • 20. 
    Which of the following represents the reasoning for implementing rotation of duties in your environment?
    • A. 

      To limit fraudulent activities within the organization

    • B. 

      To keep data private to the appropriate individuals

    • C. 

      To make information available

    • D. 

      To ensure the secrecy of the information

  • 21. 
    Within most organizations the person who writes the check is not the person who signs the check. This is an example of which of the following?
    • A. 

      Rotation of duties

    • B. 

      Separation of duties

    • C. 

      Least privilege

    • D. 

      Due care

  • 22. 
    After creating and implementing the company security policy, you verify that policies are being followed on a regular basis by performing regular audits. This is an example of which of the following?
    • A. 

      Due diligence

    • B. 

      Separation of duties

    • C. 

      Least privilege

    • D. 

      Due care

  • 23. 
    What type of hacker learns hacking techniques so that they can better defend against a malicious hacker?
    • A. 

      Black-hat

    • B. 

      Gray-hat

    • C. 

      White-hat

    • D. 

      Yellow-hat

  • 24. 
    The entity that is responsible for deciding the level of protection that is placed on data and that is ultimately responsible for the security of that data is which of the following?
    • A. 

      Custodian

    • B. 

      Owner

    • C. 

      User

    • D. 

      Administrator

  • 25. 
    The entity that is responsible for implementing the appropriate security controls to protect an asset is which of the following?
    • A. 

      Custodian

    • B. 

      Owner

    • C. 

      User

    • D. 

      Administrator

  • 26. 
    Which type of policy is not optional and must be adhered to?
    • A. 

      Procedure

    • B. 

      Standard

    • C. 

      Guideline

    • D. 

      Least privilege

  • 27. 
    Which of the following are considered PII-related information that must be secured at all times?  (Choose all that apply)
    • A. 

      Postal code

    • B. 

      Driver’s license

    • C. 

      City name

    • D. 

      Social Security number

    • E. 

      Street name

  • 28. 
    What is the first step in creating a security policy?
    • A. 

      Obtain management approval and support.

    • B. 

      Create the AUP.

    • C. 

      Download sample templates.

    • D. 

      Review job roles.

  • 29. 
    One of the network administrators in the office has been monitoring the proxy server logs and notices that Bob has visited some inappropriate web sites. What policy is this in violation of?
    • A. 

      Firewall policy

    • B. 

      Proxy server policy

    • C. 

      AUP

    • D. 

      Hiring policy

  • 30. 
    The technical team is putting together the firewall solution and needs to know what type of traffic is to pass through the firewall. What policy can the technical team use to find out what traffic is to pass through the firewall?
    • A. 

      AUP

    • B. 

      Hiring policy

    • C. 

      VPN policy

    • D. 

      Firewall policy

  • 31. 
    The network administrator is configuring the network and wants to put restrictions on user passwords such as the length of the password, password complexity, and password history.  Where can the administrator find out what the values of those settings should be set to?
    • A. 

      VPN policy

    • B. 

      Password policy

    • C. 

      AUP

    • D. 

      Secure disposal of computers

  • 32. 
    Doug is the network administrator for a law firm and has just purchased 20 new systems for the employees.  Doug has collected all of the old computers from the employees and has searched through the hard drives and deleted any DOC and XLS files before handing the computers over to the local school. What policy may Doug be in violation of?
    • A. 

      AUP

    • B. 

      Password policy

    • C. 

      Virus protection policy

    • D. 

      Secure disposal of computers

  • 33. 
    Data classification labels are applied to ______, while clearance levels are applied to ______.
    • A. 

      Employees, information

    • B. 

      Management, employees

    • C. 

      Information, employees

    • D. 

      Employees, management

  • 34. 
    Bob requires the capabilities to change the system time on the computers, but instead of adding Bob to the Administrators group (who can change the time on the computer), you grant Bob the Change System Time right. This is an example of following which security principle?
    • A. 

      Least privilege

    • B. 

      Job rotation

    • C. 

      Separation of duties

    • D. 

      AUP

  • 35. 
    Which of the following is a good reason to ensure all employees take vacation time each year?
    • A. 

      To keep the employee refreshed and energized

    • B. 

      To hold employees accountable for any suspicious activity

    • C. 

      To keep the employee happy

    • D. 

      To raise company morale

  • 36. 
    Management is concerned that an employee may be able to hide fraudulent activity for long durations while working for the company. What would you recommend to help detect an improper activity performed by employees?
    • A. 

      Least privilege

    • B. 

      AUP

    • C. 

      Disabling the employee’s user accounts and access cards

    • D. 

      Job rotation

  • 37. 
    Management has come to you to let you know that John, a longtime employee of the company, has been stealing money from the company.  Management and HR are headed into a meeting with John to let him know he is no longer needed. What should you do while they are in the meeting?
    • A. 

      Review logs

    • B. 

      See if anyone wants his office space

    • C. 

      Disable the employee’s user accounts and access cards

    • D. 

      Format the drive on his workstation

  • 38. 
    Sue comes to you asking if it is okay if she downloads movies to her company laptop with a P2P program so that she can watch the movies while she is away on business. Which of the following is the best response?
    • A. 

      Educate Sue on the fact that those programs are popular ways to spread viruses, so no, the company does not allow P2P software on its systems.

    • B. 

      Tell her no.

    • C. 

      Tell her yes as long as she does not watch the movies during work hours.

    • D. 

      Tell her yes as long as she places the downloaded movies on the server so that you can virus scan them.

  • 39. 
    What is the term used for when someone slips through an open door behind you after you have unlocked the door?
    • A. 

      Horseback riding

    • B. 

      Worming

    • C. 

      Tailgating

    • D. 

      Gliding

  • 40. 
    You are talking with management about ways to limit security threats such as tailgating within the company. Management has said there is no money to spend on controls such as mantraps—what can you do to reduce the risk of tailgating?
    • A. 

      Purchase an additional lock.

    • B. 

      Training and awareness.

    • C. 

      Purchase a revolving door.

    • D. 

      Purchase a mantrap.

  • 41. 
    Your manager has called you into the office and has expressed concerns about a number of news reports on social engineering attacks. Your manager would like to know what can be done to protect the company against social engineering attacks.  What would you recommend to your manager?
    • A. 

      Use a firewall.

    • B. 

      User awareness and training.

    • C. 

      Install antivirus software.

    • D. 

      Implement physical security.

  • 42. 
    Which of the following controls will help protect against tailgating?
    • A. 

      Locked doors

    • B. 

      Electronic keypads

    • C. 

      Swipe cards

    • D. 

      Mantrap

  • 43. 
    What is the term used for a phishing attack that is targeted toward a specific person such as the executive of a company?
    • A. 

      Whaling

    • B. 

      Phishing

    • C. 

      Pharming

    • D. 

      Spim

  • 44. 
    What type of attack results in the victim’s system not being able to perform its job function?
    • A. 

      Man-in-the-middle

    • B. 

      Spoofing

    • C. 

      Denial of service

    • D. 

      Port scanning

  • 45. 
    The hacker has managed to poison everyone’s ARP cache so that all traffic to the Internet is being sent to the hacker’s system before they route it out to the Internet. What type of attack is this?
    • A. 

      DDoS

    • B. 

      DoS

    • C. 

      Phishing

    • D. 

      MiTM

  • 46. 
    What file can the hacker modify after compromising your system that could lead you to the wrong web site?
    • A. 

      Sam

    • B. 

      Hosts

    • C. 

      Lmhosts

    • D. 

      Services

  • 47. 
    What type of attack is a smurf attack?
    • A. 

      DDoS

    • B. 

      DoS

    • C. 

      DNS poison

    • D. 

      MiTM

  • 48. 
    John has been studying hacking techniques used by hackers and decides to send a packet to your system, but ensures that he alters the source IP address of the packet so it looks like it came from someone else. What type of attack is this?
    • A. 

      Phishing

    • B. 

      Pharming

    • C. 

      Spim

    • D. 

      Spoofing

  • 49. 
    Your manager has been reading a lot about popular password attacks such as dictionary attacks and brute-force attacks. Your manager is worried that your company is susceptible to such attacks.  Which of the following controls will help protect against a brute-force attack?
    • A. 

      Password complexity

    • B. 

      Account lockout

    • C. 

      Network firewall

    • D. 

      Intrusion detection system

  • 50. 
    Which of the following methods is a popular method to protect against dictionary attacks?
    • A. 

      Password complexity

    • B. 

      Account lockout

    • C. 

      Network firewall

    • D. 

      Intrusion detection system