Quiz On CompTIA Security+ Certification! Trivia Questions
Are you looking for a quiz to help you in preparation for the CompTIA Security+ Certification? If so, the questionnaire below is precisely what you may need to refresh your understanding before the significant exam is upon us. How about you give it a shot and get to see how well you will do. All the best revising and for your exam too!
Questions and Answers
- 1.
Which of the following access control models enables a person who creates or owns objects to define permissions to access those objects?
- A.
Mandatory access control model
- B.
Rule-based access control model
- C.
Role-based access control model
- D.
Discretionary access control model
Correct Answer
D. Discretionary access control modelExplanation
The correct answer is the Discretionary access control model. This model allows the owner or creator of an object to have control over defining permissions for accessing that object. In this model, the owner can grant or revoke access permissions to other users or entities based on their discretion. This gives the owner the flexibility to determine who can access their objects and what level of access they have.Rate this question:
-
- 2.
During which type of assessment would penetration testers not have any knowledge about the network and network defenders have no knowledge of the test itself?
- A.
Black box test
- B.
Blind test
- C.
Double-blind test
- D.
Gray box test
Correct Answer
C. Double-blind testExplanation
A double-blind test refers to an assessment in which both the penetration testers and the network defenders have no prior knowledge or information about each other. In this type of test, the penetration testers simulate an attack on the network without any prior understanding of its infrastructure or security measures. Similarly, the network defenders are unaware that a test is being conducted, ensuring that their responses and defenses are genuine and not influenced by any knowledge of the test. This type of assessment provides a realistic and unbiased evaluation of the network's security posture.Rate this question:
-
- 3.
Which of the following processes is concerned with validating credentials?
- A.
Authorization
- B.
Authentication
- C.
Auditing
- D.
Accountability
Correct Answer
B. AuthenticationExplanation
Authentication is the process concerned with validating credentials. It verifies the identity of a user or entity by validating the provided credentials, such as usernames and passwords. This process ensures that only authorized individuals or entities are granted access to a system or resource. Authentication is an essential step in ensuring the security and integrity of a system, as it prevents unauthorized access and protects against potential threats or breaches.Rate this question:
-
- 4.
Your organization is concerned that employees might e-mail proprietary information to themselves at their private addresses. Which of the following would be most effective at catching that particular effort?
- A.
Antispam filter
- B.
Content filter
- C.
Caching proxy server
- D.
Firewall
Correct Answer
B. Content filterExplanation
A content filter would be most effective at catching employees who are attempting to email proprietary information to themselves at their private addresses. A content filter can analyze the content of emails and identify any sensitive or proprietary information that is being sent. It can also detect keywords or patterns that are commonly associated with such information. By implementing a content filter, the organization can monitor and prevent the unauthorized transfer of proprietary information through email.Rate this question:
-
- 5.
Which of the following methods of log management involves visiting each individual host to review its log files?
- A.
Centralized
- B.
SIEM
- C.
Decentralized
- D.
Syslog
Correct Answer
C. DecentralizedExplanation
Decentralized log management involves visiting each individual host to review its log files. In this method, log files are stored locally on each host, and administrators need to manually access each host to review and analyze the logs. This approach can be time-consuming and inefficient, especially in large-scale environments with numerous hosts. Centralized log management, on the other hand, involves collecting and storing log files from multiple hosts in a central location, making it easier to search, analyze, and monitor logs from a single interface. SIEM (Security Information and Event Management) is a type of centralized log management system that provides advanced security analytics and threat detection capabilities. Syslog is a protocol used for forwarding log messages across a network, which can be used in both centralized and decentralized log management systems.Rate this question:
-
- 6.
You are trying to determine the appropriate level of high availability for a server. The server must be available on a constant basis, and downtime in a given year cannot exceed 1 hour. It normally takes you about 45 minutes to bring down and restart the server for maintenance. Which of the following reflects the level of availability you require?
- A.
99.999 percent availability
- B.
99.9 percent availability
- C.
99.99 percent availability
- D.
99 percent availability
Correct Answer
C. 99.99 percent availabilityExplanation
The level of availability required is 99.99 percent. This means that the server should be available for 99.99 percent of the time in a year, with a maximum downtime of 52.56 minutes. Since it takes about 45 minutes to bring down and restart the server for maintenance, this level of availability would allow for the required uptime and maintenance time without exceeding the 1-hour downtime limit.Rate this question:
-
- 7.
Which of the following ports would be most likely to allow secure remote access into a system within a data center?
- A.
UDP port 53
- B.
TCP port 1701
- C.
UDP port 123
- D.
TCP port 443
Correct Answer
B. TCP port 1701Explanation
TCP port 1701 would be most likely to allow secure remote access into a system within a data center. TCP (Transmission Control Protocol) is a reliable and connection-oriented protocol, which is commonly used for secure communication. Port 1701 is specifically associated with the Layer 2 Tunneling Protocol (L2TP), which is often used for creating virtual private networks (VPNs) and establishing secure remote access to systems. Therefore, TCP port 1701 is the most appropriate choice for secure remote access into a system within a data center.Rate this question:
-
- 8.
Which of the following secure protocols protects traffic during transmission and uses TCP port 443?
- A.
SCP
- B.
SSH
- C.
TLS
- D.
SSL
- E.
TFTP
Correct Answer(s)
C. TLS
D. SSLExplanation
TLS (Transport Layer Security) and SSL (Secure Sockets Layer) are both secure protocols that provide encryption and authentication for internet communications. They protect traffic during transmission by encrypting the data, making it unreadable to anyone who intercepts it. These protocols are commonly used for secure communication over the internet, such as for secure websites (HTTPS). They use TCP port 443, which is the standard port for secure HTTP connections. SCP, SSH, and TFTP are also secure protocols, but they do not specifically use TCP port 443 for transmission.Rate this question:
-
- 9.
All of the following are valid methods to secure static hosts in an organization, except:
- A.
Layered security
- B.
Network segmentation
- C.
Application level firewalls
- D.
User-dependent security
Correct Answer
D. User-dependent securityExplanation
User-dependent security is not a valid method to secure static hosts in an organization because it relies on the actions and behavior of individual users to ensure security. This approach is not reliable as users may make mistakes, fall victim to social engineering attacks, or intentionally bypass security measures. Instead, organizations should implement measures such as layered security, network segmentation, and application level firewalls to protect static hosts from external threats and unauthorized access. These methods provide more robust and effective security controls that are not dependent on user actions.Rate this question:
-
- 10.
Wissa is updating a printer driver on a Windows system. She downloads the latest driver from the manufacturer's Web site. When installing the driver, Windows warns that the driver is unsigned. To which of the following threats is Wissa exposing her system?
- A.
Man-in-the-middle
- B.
Version control
- C.
Refactoring
- D.
Shimming
Correct Answer
C. RefactoringExplanation
By updating a printer driver on a Windows system with an unsigned driver, Wissa is exposing her system to the threat of refactoring. Refactoring refers to the process of restructuring existing code without changing its external behavior. In this context, it suggests that the unsigned driver may have been modified or tampered with, potentially introducing malicious code or compromising the system's security.Rate this question:
-
- 11.
Which of the following types of factors could be used to describe a fingerprint-based method of logging in and authenticating to a touchscreen device?
- A.
Something you know.
- B.
Something you have.
- C.
Something you are.
- D.
Something you do.
Correct Answer
C. Something you are.Explanation
The correct answer is "Something you are." In a fingerprint-based method of logging in and authenticating to a touchscreen device, the factor being used is the unique physical characteristic of the user's fingerprint, which is a part of who they are. This factor relies on biometric authentication to verify the identity of the user, making it a "something you are" factor rather than "something you know" (such as a password), "something you have" (such as a key or card), or "something you do" (such as a specific action or behavior).Rate this question:
-
- 12.
Which of the following technologies allows devices to communicate with each other at very close range through radio signals by using a special chip implanted in the device, and may be vulnerable to eavesdropping and man-in-the-middle attacks?
- A.
802.11 wireless
- B.
Bluetooth
- C.
Near-field communication (NFC)
- D.
Infrared
Correct Answer
C. Near-field communication (NFC)Explanation
Near-field communication (NFC) is a technology that enables devices to communicate with each other at close range using radio signals. This is achieved through a special chip implanted in the device. NFC is vulnerable to eavesdropping and man-in-the-middle attacks because the communication range is limited to a few centimeters, making it easier for attackers to intercept and manipulate the data being transmitted. Therefore, NFC technology is not considered secure for transmitting sensitive information over longer distances.Rate this question:
-
- 13.
Which of the following is an application designed to create and initiate files on a host to provide a fully functional virtual machine?
- A.
Host operating system
- B.
Hypervisor
- C.
Guest operating system
- D.
Load balancer
Correct Answer
B. HypervisorExplanation
A hypervisor is an application designed to create and initiate files on a host to provide a fully functional virtual machine. It is responsible for managing and controlling the virtualization environment, allowing multiple operating systems to run on a single physical machine. The hypervisor creates and manages virtual machines (guest operating systems) on the host operating system, enabling efficient resource allocation and isolation between different virtual machines. It provides the necessary abstraction layer to enable the virtualization of hardware resources and ensures that each virtual machine operates independently and securely. A load balancer, on the other hand, is responsible for distributing network traffic across multiple servers to optimize performance and availability.Rate this question:
-
- 14.
How many rounds does DES perform when it encrypts plaintext?
- A.
16
- B.
32
- C.
64
- D.
128
Correct Answer
A. 16Explanation
DES (Data Encryption Standard) performs 16 rounds when it encrypts plaintext. Each round involves several operations including substitution, permutation, and key mixing, which collectively contribute to the security and complexity of the encryption process. By repeating these rounds 16 times, DES ensures a high level of encryption strength and resistance against various cryptographic attacks.Rate this question:
-
- 15.
Which of the following secure e-mail protocols is carried over an SSL or TLS connection and uses TCP port 993?
- A.
SMTP
- B.
POP3
- C.
IMAPS
- D.
IMAP4
Correct Answer
C. IMAPSExplanation
IMAPS is the correct answer because it is an email protocol that is carried over an SSL or TLS connection. It uses TCP port 993 for secure communication. SMTP is used for sending email, POP3 is used for retrieving email, and IMAP4 is an older version of IMAP. Therefore, they are not the correct answers for this question.Rate this question:
-
- 16.
Which of the following are true statements regarding the relationships of functionality, security, and available resources?
- A.
As functionality increases, security increases.
- B.
As security increases, functionality decreases.
- C.
As resources increase, security decreases but functionality decreases.
- D.
As resources decrease, both functionality and security decrease.
Correct Answer(s)
B. As security increases, functionality decreases.
D. As resources decrease, both functionality and security decrease.Explanation
As security increases, functionality decreases because implementing more security measures often requires adding restrictions and limitations to the system, which can reduce its overall functionality.
As resources decrease, both functionality and security decrease because when there are fewer resources available, it becomes more challenging to maintain the same level of functionality and security. Limited resources may prevent the implementation of necessary security measures and can also impact the system's performance and functionality.Rate this question:
-
- 17.
During which stage of a secure development model would you normally find steps such as requirements gathering, analysis, and diagram development?
- A.
Security testing
- B.
Secure design
- C.
Security requirements
- D.
Secure implementation
Correct Answer
C. Security requirementsExplanation
During the stage of security requirements in a secure development model, steps such as requirements gathering, analysis, and diagram development are typically found. This stage focuses on identifying and defining the specific security requirements that need to be implemented in the software or system. It involves understanding the security needs, risks, and constraints and translating them into specific requirements. This stage sets the foundation for the secure design and implementation phases by ensuring that the necessary security measures are identified and documented before proceeding further.Rate this question:
-
- 18.
Risk assessment means evaluating which of the following elements?
- A.
Probability
- B.
Threat
- C.
Vulnerability
- D.
Impact
Correct Answer(s)
A. Probability
D. ImpactExplanation
Risk assessment involves evaluating the probability and impact of potential risks. Probability refers to the likelihood of a risk occurring, while impact refers to the potential consequences or severity of the risk. By assessing both probability and impact, organizations can prioritize and manage risks effectively. This allows them to allocate resources and implement appropriate measures to mitigate or control the identified risks.Rate this question:
-
- 19.
Which of the following is a protocol used to obtain the status of digital certificates in public keys?
- A.
DHE
- B.
RSA
- C.
OCSP
- D.
ECC
Correct Answer
C. OCSPExplanation
OCSP (Online Certificate Status Protocol) is a protocol used to obtain the status of digital certificates in public keys. It allows clients to verify the current status of a certificate, such as whether it has been revoked or is still valid. This protocol provides a more efficient and real-time method of checking certificate status compared to traditional Certificate Revocation Lists (CRLs). Therefore, OCSP is the correct answer for the given question.Rate this question:
-
- 20.
All of the following are supporting elements of authorization, except:
- A.
Credential validation
- B.
Principle of least privilege
- C.
Separation of duties
- D.
Rights, permissions, and privileges
Correct Answer
A. Credential validationExplanation
Credential validation is not a supporting element of authorization because it is a part of the authentication process. Authorization is the process of granting or denying access to resources based on the authenticated user's permissions and privileges. Credential validation, on the other hand, involves verifying the authenticity of the credentials provided by the user, such as username and password, to ensure that the user is who they claim to be. While credential validation is important for establishing the identity of the user, it is not directly related to determining the user's level of access to resources, which is the main focus of authorization.Rate this question:
-
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Mar 20, 2023Quiz Edited by
ProProfs Editorial Team -
Mar 13, 2019Quiz Created by
Scott
Back to top