CompTIA Security+ Practice Exam (1)
Comptia Security+ Practice Exam- 1Full length Comptia Security+ Practice Exam. Take this exam like the real exam to see if you are completely prepared for the real exam. Time yourself to 90 minutes to get a feel of the pressures of the real exam. The practice test is designed to reflect the final exam.
- 1.Covert channel is a communication channel that can be used for:
- A.
Violating the security
- B.
Strengthening the security policy
- C.
Hardening the system
- D.
Protecting the DMZ
- 2.Enforcing minimum privileges for general system users can be easily achieved through the use of:
- A.
IPSEC
- B.
TSTEC
- C.
PRVMIN
- D.
RBAC
- 3.Which of the following services should be logged for security purpose?
- A.
Bootp
- B.
Tftp
- C.
Sunrpc
- D.
All of the Above
- E.
No Answer is Correct
- 4.All logs are kept on archive for a period of time. What determines this period of time?
- A.
Retention policies
- B.
Administrator preferences
- C.
MTTF
- D.
MTTR
- E.
All of the Above
- 5.With _______________, access decisions are based on the roles that individual users have as part of an organization.
- A.
Server based access control
- B.
Rule based access control
- C.
Token based access control
- D.
Role based access control
- E.
All of the Above
- 6.Which of the following is a feature of the Rule based access control?
- A.
The use of tokens
- B.
The use of profiles
- C.
The use of information flow labels
- D.
The use of data flow diagrams
- 7.A firewall can be classified as a:
- A.
Rule based access control
- B.
Lattice based access control
- C.
Directory based access control
- D.
ID based access control
- E.
All of the Above
- 8.In the Lattice Based Access Control model, controls are applied to:
- A.
Objects
- B.
Scripts
- C.
Factors
- D.
Models
- E.
Both A and B
- 9.Under MAC, which of the following is true?
- A.
All that is expressly permitted is forbidden
- B.
All that is not expressly permitted is not forbidden
- C.
All that is not expressly permitted is forbidden
- D.
Both A and B
- E.
No Answer is Correct
- 10.Under MAC, a clearance is a
- A.
Privilege
- B.
Subject
- C.
Sensitivity
- D.
Object
- 11.Access controls that are not based on the policy are characterized as:
- A.
Mandatory controls
- B.
Discretionary controls
- C.
Secret controls
- D.
Corrective controls
- E.
Non of the Above
- 12.DAC are characterized by many organizations as:
- A.
Preventive controls
- B.
Need-to-know controls
- C.
Mandatory adjustable controls
- D.
All of the Above
- E.
None of the Above
- 13.A password represents:
- A.
Something you have
- B.
Something you know
- C.
Something you are
- D.
All of the Above
- E.
None of the Above
- 14.A smartcard represents:
- A.
Something you are
- B.
Something you know
- C.
Something you have
- D.
All of the Above
- E.
None of the Above
- 15.Which of the following is NOT a good password deployment guideline?
- A.
Passwords must be changed at least once every 60 days, depending on your environment.
- B.
Passwords must not be the same as user id or login id.
- C.
Password aging must be enforced on all systems.
- D.
Password must be easy to memorize.
- E.
All of the Above
- 16.Which of the following is an effective measure against a certain type of brute force password attack?
- A.
Password history is used.
- B.
Password reuse is not allowed.
- C.
Any password used must not be word found in a dictionary.
- D.
All of the Above
- E.
None of the Above
- 17.What type of attacks occurs when a rogue application has been planted on an unsuspecting user's workstation?
- A.
Social Engineering attacks
- B.
Logical attacks
- C.
Physical attacks
- D.
Trojan Horse attacks
- E.
None of the Above
- 18.Which of the following attacks could be the most successful when the security technology is properly implemented and configured?
- A.
Logical attacks
- B.
Physical attacks
- C.
Trojan Horse attacks
- D.
Social Engineering attacks
- E.
None of the Above
- 19.What is a protocol used for carrying authentication, authorization, and configuration information between a Network Access Server and a shared Authentication Server?
- A.
RADIUS
- B.
PPTP
- C.
L2TP
- D.
IPSec
- E.
None of the Above
- 20.In a RADIUS architecture, which of the following acts as a client?
- A.
A Network Access Server
- B.
The end user
- C.
The authentication server
- D.
All of the Above
- E.
None of the Above
- 21.The majority of commercial intrusion detection systems are:
- A.
Host-based
- B.
Identity-based
- C.
Signature-based
- D.
Network-based
- 22.Which of the following is a drawback of Network-based IDSs?
- A.
It is very costly to set up.
- B.
It is not effective.
- C.
It cannot analyze encrypted information.
- D.
It is very costly to manage.
- E.
All of the Above
- 23.Which of the following will you consider as clear-text protocols?
- A.
Telnet
- B.
POP
- C.
FTP
- D.
SSH
- E.
All of the Above
- 24.Microsoft supports the _______________ and ______standards for use in extranet.
- A.
CORBA
- B.
IPSec
- C.
PPTP
- D.
DCOM
- E.
Both A & D
- 25.Which of the following protocols did Microsoft develop for use in VPNs?
- A.
PPTP
- B.
IPSEC
- C.
OSPF
- D.
L2TP
- E.
None of the Above
Questions: 100 | Attempts: 62888 | Last updated: Mar 22, 2022
-
Sample QuestionYou are the system administrator for your organization. You are responsible for access privilege for which of the following control systems?
Questions: 81 | Attempts: 14462 | Last updated: Mar 22, 2022
-
Sample QuestionYou have created a folder on your server that will be holding confidential data. You wish to assign privilege access to the same. You will be choosing which of the following control systems?
Questions: 97 | Attempts: 11212 | Last updated: Mar 22, 2022
-
Sample QuestionWhich port is used by Kerberos by default?
Back to top