CompTIA Security + Practice Quiz!

79 Questions | Total Attempts: 121

SettingsSettingsSettings
CompTIA Security + Practice Quiz! - Quiz

. What do you know about CompTIA Security? CompTIA Security stands for the Computing Technology Association. It is an American non-profit trade association distributing professional certifications for the information technology industry. CompTIA issues vendor-neutral professional accreditations in well over one hundred countries. The organization publishes around fifty industry studies each year to follow industry developments and changes. This quiz will take you through CompTIA Security and all of its variables. Good luck with this quiz.


Questions and Answers
  • 1. 
    Users from 2 organizations, each with its own PKI need to begin working together on a joint project. Which of the following would allow the users of the separate PKIs to work together without connection errors?
    • A. 

      Trust Model

    • B. 

      Stapling

    • C. 

      Intermediate CA

    • D. 

      Key Escrow

  • 2. 
    Multiple organizations operating in the same vertical want to provide seamless wireless access for their employees as they visit the other organizations. Which of the following should be implemented if all the organizations use the native 802.1x on their mobile devices?
    • A. 

      Shibboleth

    • B. 

      Radius Federation

    • C. 

      SAML

    • D. 

      Oath

    • E. 

      OpenID Connect

  • 3. 
    Which of the following types of embedded systems is required in manufacturing environments with life safety requirements?
    • A. 

      MFD

    • B. 

      RTOS

    • C. 

      SoC

    • D. 

      ICS

  • 4. 
    A network administrator needs to allocate a new network for the R&D group. The network must not be accessible from the internet, regardless of the network firewall or other external misconfigurations. Which of the following settings should the network administrator implement to accomplish this?
    • A. 

      Configure the OS default TTL to 1

    • B. 

      Use NAT on the R&D network

    • C. 

      Implement a router ACL

    • D. 

      Enable protected ports on the switch

  • 5. 
    An organization requires users to provide their fingerprints to access an application. To improve security, the application developers intend to implement multifactor authentication. Which of the following should be implemented?
    • A. 

      Use a camera for facial recognition

    • B. 

      Have users sign their name naturally

    • C. 

      Require a palm geometry scan

    • D. 

      Implement iris recognition

  • 6. 
    A security administrator installed a new network scanner that identifies new host systems on the network. Which of the following did the security administer install?
    • A. 

      Vulnerability scanner

    • B. 

      Network-based IDS

    • C. 

      Rogue system detection

    • D. 

      Configuration compliance scanner

  • 7. 
    Which of the following should be used to create a hash of a source code that can be used to ensure the file was not altered during transmission?
    • A. 

      DES

    • B. 

      RC4

    • C. 

      MD5

    • D. 

      RSA

  • 8. 
    Two users must encrypt and transmit large amounts of data between them. Which of the following should they use to encrypt and transmit data?
    • A. 

      Symmetric algorithm

    • B. 

      Hash function

    • C. 

      Digital signature

    • D. 

      Obfuscation

  • 9. 
    An audit takes place after company-wide restructuring, in which several employees changed roles. The following deficiencies are found during the audit regarding access to confidential data. Which of the following would be the BEST method to prevent similar audit findings in the future?
    • A. 

      Implement separation of duties for payroll department

    • B. 

      Implement a DLP solution on the payroll and human resources servers

    • C. 

      Implement rule-based access controls on the human resources server

    • D. 

      Implement regular permission auditing and reviews

  • 10. 
    In determining when it may be necessary to perform a credentialed scan against a system instead of a non-credentialed scan, which of the following requirements is MOST likely to influence this decision?
    • A. 

      The scanner must be able to enumerate the host OS of devices scanned

    • B. 

      The scanner must be able to footprint the network

    • C. 

      The scanner must be able to check for open ports with listening services

    • D. 

      The scanner must be able to audit file system permissions

  • 11. 
    A systems administrator wants to provide for and enforce wireless access accountability during events where external speakers are incited to make presentations to a mixed audience of employees and non-employees. Which of the following should the administrator implement?
    • A. 

      Shared accounts

    • B. 

      Pre-shared passwords

    • C. 

      Least privilege

    • D. 

      Sponsored guest

  • 12. 
    An organization has implemented IPSec VPN access to remote users. Which of the following IPSec modes would be the MOST secure for this organization to implement?
    • A. 

      Tunnel mode

    • B. 

      Transport mode

    • C. 

      AH-only mode

    • D. 

      ESP-only mode

  • 13. 
    Which of the following threat actors is MOST likely to steal a company's proprietary information to gain a market edge and reduce time to market?
    • A. 

      Competitor

    • B. 

      Hacktivist

    • C. 

      Insider

    • D. 

      Organized crime

  • 14. 
    A security analyst observes the following events in the logs of an employee workstation (Table). The security analyst reviews the file system and observes the following (File System Commands). Given the information provided, which of the following MOST likely occurred on the workstation?
    • A. 

      Application whitelisting controls blocked an exploit payload from executing

    • B. 

      Antivirus software found and quarantined three malware files

    • C. 

      Automatic updates were initiated but failed because they had not been approved

    • D. 

      The SIEM log agent was not tuned properly and reported a false positive

  • 15. 
    Which of the following differentiates a collision attack from a rainbow table attack?
    • A. 

      A rainbow table attack performs a hash lookup

    • B. 

      A rainbow table attack uses the hash as a password

    • C. 

      In a collision attack, the hash and the input data are equivalent

    • D. 

      In a collision attack, the same input results in different hashes

  • 16. 
    A security administrator is developing controls for creating audit trails and tracking if a PHI data breach is to occur. The administrator has been given the following requirements. Which of the following should the administrator implement to meet the below requirements? (Select THREE)
    • A. 

      Eliminate shared accounts

    • B. 

      Create a standard naming convention for accounts

    • C. 

      Implement usage auditing and review

    • D. 

      Enable account lockout thresholds

    • E. 

      Copy logs in real time to a secured WORM drive

    • F. 

      Implement time-of-day restrictions

    • G. 

      Perform regular permissions audits an reviews

  • 17. 
    Which of the following specifically describes the exploitation of an interactive process to access otherwise restricted areas of the OS?
    • A. 

      Privilege escalation

    • B. 

      Pivoting

    • C. 

      Process affinity

    • D. 

      Buffer overflow

  • 18. 
    A user typically works remotely over the holidays, using a web-based VPN to access corporate resources. The user reports getting untrusted host errors and being unable to connect. Which of the following is MOST likely the cause?
    • A. 

      The certificate has expired

    • B. 

      The browser does not support SSL

    • C. 

      The user's account is locked out

    • D. 

      The VPN software has reached the seat license maximum

  • 19. 
    Which of the following attack types BEST describes a client-side attack that is used to manipulate an HTML iframe with JAVAScript code via a web browser?
    • A. 

      Buffer overflow

    • B. 

      MITM

    • C. 

      XSS

    • D. 

      SQLI

  • 20. 
    A cyber-security analyst is looking into the payload of a random packet capture file that was selected for analysis. The analyst notices that an internal host had a socket established with another internal host over a non-standard port. Upon investigation, the origin host that initiated the socket shows the output below.  Given the below output, which of the following commands would have established the questionable socket?  
    • A. 

       Traceroute 8.8.8.8

    • B. 

      Ping -1 30 8.8.8.8 -s 600

    • C. 

      Nc -1 192.168.5.1 -p 9856

    • D. 

      Pskill pid 9487

  • 21. 
    A security analyst is reviewing patches on servers. One of the servers is reporting the following error message in the WSUS management console. "This computer has not reported status in 30 days" Given the scenario, which of the following statements BEST represents the issue with the output above?
    • A. 

      The computer in question has not pulled the latest ACL policies for the firewall

    • B. 

      The computer in question has not pulled the latest GPO policies from the management server

    • C. 

      The computer in question has not pulled the latest antivirus definitions from the antivirus program

    • D. 

      The computer in question has not pulled the latest application software updates. 

  • 22. 
    A company has noticed instances of proprietary information on public websites. It has also observed an increase in the number of email messages sent to random employees containing malicious links and PDFs. Which of the following changes should the company make to reduce the risks associated with phishing attacks? (Select TWO)
    • A. 

      Install and additional firewall

    • B. 

      Implement a redundant email server

    • C. 

      Block access to personal email on corporate systems

    • D. 

      Update the X.509 certificates on the corporate email server

    • E. 

      Update corporate policy to prohibit access to social media websites

    • F. 

      Review access violations on the file server

  • 23. 
    After a user reports slow computer performance, a systems administrator detects a suspicious file, which was installed as a part of a freeware software package. The systems administrator reviews the output below. Based on the information below, which of the following types of malware was installed on the user's computer?
    • A. 

      RAT

    • B. 

      Keylogger

    • C. 

      Spyware

    • D. 

      Worm

    • E. 

      Bot

  • 24. 
    A security administrator receives an alert from a third-party vendor that indicates a certificate that was installed in the browser has been hijacked at the root of a small public CA. The security administrator knows there are at least four different browsers in use on more than a thousand computers in the domain worldwide. Which of the following solutions would be BEST for the security administrators to implement to most efficiently assist with these issues?
    • A. 

      SSL

    • B. 

      CRL

    • C. 

      PKI

    • D. 

      ACL

  • 25. 
    A technician is investigating a potentially compromised device with the following symptoms below. Which of the following types of malware has infected the system?
    • A. 

      Man-in-the-browser

    • B. 

      Spoofer

    • C. 

      Spyware

    • D. 

      Adware

Back to Top Back to top