Security + Practice Test Questions

10 Questions | By Wjones5158 | Last updated: Mar 21, 2022 | Total Attempts: 6578

Questions

Settings

Create your own Quiz

Practice Review Questions for CompTIA Security + Exam SY0-201

Questions and Answers

1.

All of the following provide confidentiality protection as part of the underlying protocol EXCEPT:
- A.
  
  SSL.
- B.
  
  SSH.
- C.
  
  L2TP.
- D.
  
  IPSec
2.

Which of the following allows an attacker to manipulate files by using the least significant bit(s) to secretly embed data?
- A.
  
  Steganography
- B.
  
  Worm
- C.
  
  Trojan horse
- D.
  
  Virus
3.

Which of the following type of attacks would allow an attacker to capture HTTP requests and send back a spoofed page?
- A.
  
  Teardrop
- B.
  
  TCP/IP hijacking
- C.
  
  Phishing
- D.
  
  Replay
4.

How should a company test the integrity of its backup data?
- A.
  
  By conducting another backup
- B.
  
  By using software to recover deleted files
- C.
  
  By restoring part of the backup
- D.
  
  By reviewing the written procedures
5.

Which of following can BEST be used to determine the topology of a network and discover unknown devices?
- A.
  
  Vulnerability scanner
- B.
  
  NIPS
- C.
  
  Protocol analyzer
- D.
  
  Network mapper
6.

When should a technician perform penetration testing?
- A.
  
  When the technician suspects that weak passwords exist on the network
- B.
  
  When the technician is trying to guess passwords on a network
- C.
  
  When the technician has permission from the owner of the network
- D.
  
  When the technician is war driving and trying to gain access
7.

An administrator has implemented a new SMTP service on a server. A public IP address translates to the internal SMTP server. The administrator notices many sessions to the server, and gets notification that the server’s public IP address is now reported in a spam real-time block list. Which of the following is wrong with the server?
- A.
  
  SMTP open relaying is enabled.
- B.
  
  It does not have a spam filter.
- C.
  
  The amount of sessions needs to be limited.
- D.
  
  The public IP address is incorrect.
8.

Which of the following is MOST efficient for encrypting large amounts of data?
- A.
  
  Hashing algorithms
- B.
  
  Symmetric key algorithms
- C.
  
  Asymmetric key algorithms
- D.
  
  ECC algorithms
9.

Which of the following is a reason why a company should disable the SSID broadcast of the wireless access points?
- A.
  
  Rogue access points
- B.
  
  Wardriving
- C.
  
  Weak encryption
- D.
  
  Session hijacking
10.

Which of the following BEST describes ARP? Answer: C
- A.
  
  Discovering the IP address of a device from the MAC address
- B.
  
  Discovering the IP address of a device from the DNS name
- C.
  
  Discovering the MAC address of a device from the IP address
- D.
  
  Discovering the DNS name of a device from the IP address