This practice test for CompTIA Security+ assesses knowledge on eavesdropping, access control models like RBAC, spam threats, email ports, and media for security logs. It prepares learners for certification, enhancing skills in network security management.
MAC
DAC
RBAC
None of the above
Rate this question:
Viruses
Adware
Spam
Spyware
Rate this question:
3389
194
143
110
49
Rate this question:
Tape
CD-R
Hard disk
USB drive
Rate this question:
The system administrator.
The owner of the resource.
The system administrator and the owner of the resource.
The user requiring access to the resource.
Rate this question:
Predefined access privileges.
The role or responsibilities users have in the organization
Access Control Lists
None of the above.
Rate this question:
A program that can locate and read a password file.
A program that provides software registration passwords or keys.
A program that performs comparative analysis.
A program that obtains privileged access to the system.
Rate this question:
Honey pot
VLAN
Quarantine
Sandbox
Rate this question:
By reviewing the written procedures
By conducting another backup
By restoring part of the backup
By using software to recover deleted files
Rate this question:
Digital rights management
Time stamps
Randomizing
Algorithms
Rate this question:
Guidelines and enforcement.
Maintenance
Monitoring and administration
Implementation
Rate this question:
Shared
Private
Hash
Public
Rate this question:
MAC
DAC
RBAC
None of the above
Rate this question:
The malware may be implementing a proxy server for command and control.
A portion of the malware may have been removed by the IDS.
The malware may be using a Trojan to infect the system.
The malware may be running at a more privileged level than the antivirus software.
Rate this question:
A locked, windowless building
A military facility with computer equipment containing biometrics.
A public building that has shared office space.
A company with a dedicated information technology (IT) security staff.
A company with a help desk whose personnel have minimal training.
Rate this question:
Temporary Internet files
CPU performance
System files
NIC performance
Rate this question:
Dual control.
Need to know.
Separation of duties
Acceptable use.
Rate this question:
Smurfer
Sniffer
Fragmenter
Spoofer
Rate this question:
Application
Performance
Security
System
Rate this question:
An absolute measurement of threats
A qualitative measurement of risk and impact
A quantitative measurement of risk, impact and asset value
A survey of annual loss, potential threats and asset value
Rate this question:
Zombie
Adware
Worm
Virus
S/MIME allows users to send both encrypted and digitally signed e-mail messages.
S/MIME allows users to send anonymous e-mail messages.
S/MIME allows users to send e-mail messages with a return receipt.
S/MIME expedites the delivery of e-mail messages.
Rate this question:
$900
$2,290
$2,700
$5,000
Rate this question:
To monitor unauthorized zone transfers
To control unauthorized DNSDoS
To measure the DNS server performance
To perform penetration testing on the DNS server
Rate this question:
$2,700
$4,500
$5,000
$7,290
Rate this question:
Collect system temporary files
Apply retention policies on the log files.
Perform CRC checks.
Perform hashing of the log files.
Rate this question:
Buffer Overflows.
Cookies
Cgi
SMTP Relay
Rate this question:
It is a programming language that allows access to system resources of the system running the script
The client browser must have the ability to run Java applets in a virtual machine on the client
It can also include a digital signature to verify authenticity
It allows customized controls, icons, and other features to increase the usability of web enabled systems
Rate this question:
Hoaxes can create as much damage as a real virus.
Hoaxes are harmless pranks and should be ignored.
Hoaxes can help educate users about a virus.
Hoaxes carry a malicious payload and can be destructive.
Rate this question:
It receives more data than it is programmed to accept.
It is used to provide a persistent, customized web experience for each visit.
It's an older form of scripting that was used extensively in early web systems
It has a feature designed into many e-mail servers that allows them to forward e-mail to other email servers
Rate this question:
Carbon Dioxide
Deluge sprinkler
Hydrogen Peroxide
Wet pipe sprinkler
Rate this question:
Backup generator
Warm site
Redundant power supplies
Uninterruptible power supplies (UPSs)
Rate this question:
Change management
Secure disposal
Password complexity
Chain of custody
Rate this question:
Authentication verifies the identity of a user requesting credentials while identification verifies a set of credentials.
Authentication verifies a user ID belongs to a specific user while identification verifies the identity of a user group.
Authentication verifies a set of credentials while identification verifies the identity of a user requesting credentials.
Authentication verifies the identity of a user requesting credentials while identification verifies a set of credentials.
Rate this question:
Where the ALE is lower than the SLE.
Where the ARO equals the SLE.
The organization will mitigate.
The organization will accept.
Rate this question:
Identifying the use case
Installing software patches
Vulnerability testing.
Creating a security policy
Rate this question:
Security
DHCP
Acces
System
Rate this question:
DHCP
Security
Access
System
Rate this question:
Buffer overflow
Rootkit
Logic bomb
Privilege escalation
Rate this question:
TCP/IP Hijacking
UDP Attack
ICMP Attacks
Smurf Attacks
Rate this question:
Smurfer
Sniffer
Fragmenter
Spoofer
Rate this question:
Buffer Overflow attack
SYN attack
Smurf attack
Birthday attack
Rate this question:
A hash can be reversed, a cipher cannot.
A hash produces a variable output for any input size, a cipher does not
A cipher can be reversed, a hash cannot.
A cipher produces the same size output for any input size, a hash does not.
Rate this question:
Licensing
Cookies
Data leakage
Multiple streams
Rate this question:
Operating system scanning.
Reverse engineering.
Fingerprinting
Host hijacking.
Rate this question:
Man in the middle attack
Smurf attack
Teardrop attack
SYN (Synchronize) attack
Rate this question:
Use Java virtual machines to reduce impact
Disable unauthorized ActiveX controls
Implement a policy to minimize the problem
Install a NIDS
Rate this question:
Many malformed or fragmented packets
Passive sniffing of local network traffic
Decryption of encrypted network traffic
Disabled network interface on a server
Rate this question:
Quiz Review Timeline (Updated): Mar 21, 2023 +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
Wait!
Here's an interesting quiz for you.