Practice Test For CompTIA Security +

59 Questions | Total Attempts: 675

SettingsSettingsSettings
Security Plus Quizzes & Trivia

Practice test for CompTIA Security +


Questions and Answers
  • 1. 
    Which of the following definitions would be correct regarding Eavesdropping?
    • A. 

      Placing a computer system between the sender and receiver to capture information.

    • B. 

      Someone looking through your files.

    • C. 

      Listening or overhearing parts of a conversation

    • D. 

      Involve someone who routinely monitors network traffic.

  • 2. 
    Which of the following access control models uses roles to determine access permissions?
    • A. 

      MAC

    • B. 

      DAC

    • C. 

      RBAC

    • D. 

      None of the above

  • 3. 
    Given: John is a network administrator. He advises the server administrator of his company to implement whitelisting, blacklisting, closing-open relays and strong authentication techniques. Question: Which threat is being addressed?
    • A. 

      Viruses

    • B. 

      Adware

    • C. 

      Spam

    • D. 

      Spyware

  • 4. 
    Which of the following ports are typically used by email clients? (Select TWO)
    • A. 

      3389

    • B. 

      194

    • C. 

      143

    • D. 

      110

    • E. 

      49

  • 5. 
    Which of the following types of removable media is write-once and appropriate for archiving security logs?
    • A. 

      Tape

    • B. 

      CD-R

    • C. 

      Hard disk

    • D. 

      USB drive

  • 6. 
    Who is responsible for establishing access permissions to network resources in the DAC access control model?
    • A. 

      The system administrator.

    • B. 

      The owner of the resource.

    • C. 

      The system administrator and the owner of the resource.

    • D. 

      The user requiring access to the resource.

  • 7. 
    What does the DAC access control model use to identify the users who have permissions to a resource?
    • A. 

      Predefined access privileges.

    • B. 

      The role or responsibilities users have in the organization

    • C. 

      Access Control Lists

    • D. 

      None of the above.

  • 8. 
    One of the below is a description for a password cracker, which one is it?
    • A. 

      A program that can locate and read a password file.

    • B. 

      A program that provides software registration passwords or keys.

    • C. 

      A program that performs comparative analysis.

    • D. 

      A program that obtains privileged access to the system.

  • 9. 
    The concept that a web script is run in its own environment and cannot interfere with any other process is known as a:
    • A. 

      Honey pot

    • B. 

      VLAN

    • C. 

      Quarantine

    • D. 

      Sandbox

  • 10. 
    How to test the integrity of a company's backup data?
    • A. 

      By reviewing the written procedures

    • B. 

      By conducting another backup

    • C. 

      By restoring part of the backup

    • D. 

      By using software to recover deleted files

  • 11. 
    Most current encryption schemes are based on
    • A. 

      Digital rights management

    • B. 

      Time stamps

    • C. 

      Randomizing

    • D. 

      Algorithms

  • 12. 
    Human resource department personnel should be trained about security policy:
    • A. 

      Guidelines and enforcement.

    • B. 

      Maintenance

    • C. 

      Monitoring and administration

    • D. 

      Implementation

  • 13. 
    PKI to encrypt sensitive emails sent to an assistant. In addition to encrypting the body of the email, the executive wants to encrypt the signature so that the assistant can verify that the email actually came from the executive. Which asymmetric key should be used by the executive to encrypt the signature?
    • A. 

      Shared

    • B. 

      Private

    • C. 

      Hash

    • D. 

      Public

  • 14. 
    Which access control system allows the system administrator to establish access permissions to network resources?
    • A. 

      MAC

    • B. 

      DAC

    • C. 

      RBAC

    • D. 

      None of the above

  • 15. 
    Why malware that uses virtualization techniques is difficult to detect?
    • A. 

      The malware may be implementing a proxy server for command and control.

    • B. 

      A portion of the malware may have been removed by the IDS.

    • C. 

      The malware may be using a Trojan to infect the system.

    • D. 

      The malware may be running at a more privileged level than the antivirus software.

  • 16. 
    Social engineering attacks would be MOST effective in which of the following environments? (Select TWO).
    • A. 

      A locked, windowless building

    • B. 

      A military facility with computer equipment containing biometrics.

    • C. 

      A public building that has shared office space.

    • D. 

      A company with a dedicated information technology (IT) security staff.

    • E. 

      A company with a help desk whose personnel have minimal training.

  • 17. 
    Host intrusion detection systems (HIDS) and network intrusion detection systems (NIDS) are methods of security management for computers and networks. A HIDS is installed to monitor which of following?
    • A. 

      Temporary Internet files

    • B. 

      CPU performance

    • C. 

      System files

    • D. 

      NIC performance

  • 18. 
    In a classified environment, a clearance into a Top Secret compartment only allows access to certain information within that compartment. This is known as
    • A. 

      Dual control.

    • B. 

      Need to know.

    • C. 

      Separation of duties

    • D. 

      Acceptable use.

  • 19. 
    Which of the below options would you consider as a program that constantly observes data traveling over a network?
    • A. 

      Smurfer

    • B. 

      Sniffer

    • C. 

      Fragmenter

    • D. 

      Spoofer

  • 20. 
    After auditing file, which log will show unauthorized usage attempts?
    • A. 

      Application

    • B. 

      Performance

    • C. 

      Security

    • D. 

      System

  • 21. 
    Risk assessment is a common first step in a risk management process. Risk assessment is the determination of quantitative or qualitative value of risk related to a concrete situation and a recognized threat (also called hazard). As a best practice, risk assessments should be based upon which of the following?
    • A. 

      An absolute measurement of threats

    • B. 

      A qualitative measurement of risk and impact

    • C. 

      A quantitative measurement of risk, impact and asset value

    • D. 

      A survey of annual loss, potential threats and asset value

  • 22. 
    Choose the scheme or system used by PGP (Pretty Good Privacy) to encrypt data.
    • A. 

      Zombie

    • B. 

      Adware

    • C. 

      Worm

    • D. 

      Virus

  • 23. 
    Choose the option that details one of the primary benefits of using S/MIME (Secure Multipurpose Internet Mail Extension)?
    • A. 

      S/MIME allows users to send both encrypted and digitally signed e-mail messages.

    • B. 

      S/MIME allows users to send anonymous e-mail messages.

    • C. 

      S/MIME allows users to send e-mail messages with a return receipt.

    • D. 

      S/MIME expedites the delivery of e-mail messages.

  • 24. 
    A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year. The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protected. If workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the call center are paid $90 per hour. If the anti-malware software is purchased, which of the following is the expected net savings?
    • A. 

      $900

    • B. 

      $2,290

    • C. 

      $2,700

    • D. 

      $5,000

  • 25. 
    The purpose of a DNS server is to enable people and applications to lookup records in DNS tables. Why implement security logging on a DNS server?
    • A. 

      To monitor unauthorized zone transfers

    • B. 

      To control unauthorized DNSDoS

    • C. 

      To measure the DNS server performance

    • D. 

      To perform penetration testing on the DNS server

Back to Top Back to top