Security + Test

Security Plus Test

This is an Security+ preparation test for those interested in checking how good their knowledge is in Computer Security and other aspects tested by COMPTIA for those who want to become IT Specialists and Technicians. The test contains multiple choice questions. It should take you less than 30 min to finish the exam. This test should be taken only for fun, the score that will be shown later doesn't necessarily show your real level. Have fun!

Security Plus Test

  1. Which of the following is specifically designed as a decoy to attract hacker activity?
    2. | NIDS | Firewall | Honey pot | HIDS |

  2. These provide confidentiality protection as part of the underlying protocol EXCEPT:
    3. | IPSec | L2TP | SSH | SSL |

  3. What does asymmetric key cryptography provide MOST?
    4. | A pre-shared key | Confidentiality | Kiting | Performance |

  4. One of the following is NOT a symmetric key algorithm:
    5. | RSA | 3DES | RC4 | Rijndael |

  5. Most Antivirus software detect malware by comparing the characteristics of known instances against Which one of these?
    6. | File size | NIDS signature | Signature | Text |

  6. Which fire suppression tools would cause the MOST damage to electrical equipment?
    7. | Carbon Dioxide | Foam | Halon | Water |

  7. You need to make changes to existing files and folders as well as create new files and folders within a specific folder. What kind of access control list (ACL) permission should you be granted while following least privilege practices?
    8. | Modify | Read | Read & Execute | Write |

  8. Which of the following is responsible for defining protocols that control access to network resources?
    9. | DMZ | NAC | NAT | VLAN |

  9. The process of removing PII data from a disk drive before reuse is called:
    10. | Degaussing | Wiping | Reformatting | Sanitization |

  10. Using permissions from another user’s account to access a system or an application is a form of:
    11. | ARP spoofing | War diving | Phishing | Privilege escalation |

  11. A software bundle containing multiple security fixes is called:
    12. | Hotfix | Patch | Patch management | Service pack |

  12. A duplicate of the original site of the organization, with full computer systems as well as complete backups is called:
    13. | Cold site | Freezing site | Hot site | Warm site |

  13. Which one of these allows for notification when a hacking attempt is discovered?
    14. | NAT | Port mapper | NIDS | Protocol analyzer |

  14. Which one of these allows for proof that a certain person sent a particular email?
    15. | Authenticity | Confidentiality | Integrity | Non-repudiation |

  15. Which one of these would use a group of bots to stop a web server from accepting new requests?
    16. | ARP | DDoS | DoS | MAC |

  16. Which one of these uses a sandbox to manage a program’s ability to access system resources?
    17. | ActiveX | Cold Fusion | Java | JavaScript |

  17. Which one of these physical threats can be prevented with mantraps?
    18. | Dumpster diving | Piggybacking | Shoulder surfing | Social engineering |

  18. Which one of these is a problem MOST associated with UTP cable?
    19. | Crosstalk | Fuzzing | Refraction | Vampire tap |

  19. Which one of these allows for a secure connection to be established through a web browser?
    20. | HTTP | L2TP | SSH | SSL |

  20. Which one of these exploits can only be triggered by a specific date or time key?
    21. | Botnet | Logic bomb | Trojan | Worm |

  21. When you log in with a smart card, which one of these keys are you using?
    22. | Cipher Key | Private Key | Public Key | Shared Key |

  22. How many keys are used in symmetric cryptography?
    23. | 1 | 2 | 3 | 4 |

  23. Which one of these is a way to logically separate various internal networks from each other?
    24. | HIDS | NAT | NIDS | VLAN |

  24. Which one of these is an example of detecting employees’ fraud?
    25. Implicit deny
    Job rotation
    Least privilege
    Separation of duties

  25. Penetration testing should only be used once one of these items is in place:
    26. Acceptable use policy
    Disclosure policy
    Service level agreement
    Written permission

  26. Validating the users claimed identity is called:
    27. | Authentication | Identification | Validation | Verification |

  27. Which one of these techniques is used to send unsolicited messages over Bluetooth to Bluetooth-enabled devices?
    28. | Bluesnarfing | War diving | War dialing | Bluejacking |

  28. Which one of these would be MOST effective in stopping phishing attempts?
    29. | Antivirus | DMZ | NIDS | User education |

  29. Which one of these could be used to capture website GET requests?
    30. Network mapper
    Port scanner
    Protocol analyzer
    Vulnerability scanner

  30. Many of the workstations on the network are flooding the servers. What’s the likely cause?
    31. | Logic bomb | Spam | Virus | Worm |

  31. Which one of these is a reason to use a Faraday cage?
    32. Repeat weak signals
    Find rogue access points
    Amplify weak signals
    Mitigate data emanation

  32. What should be implemented to mitigate the chances of a successful attack against the wireless network?
    33. Implement a biometric system and WEP
    Implement an authentication system and WEP
    Implement an authentication system and WPA
    Implement an identification system and WPA2

  33. Which one of these programming measures should be used to prevent buffer overflow attacks?
    34. Anti-spyware
    Input validation
    Nested loops
    Signed applets

  34. Which type of backup does not clear the archive bit?
    35. | Differential | Full | Incremental | Normal |

  35. Which one of these can be used to build a map of a system's open ports and operating system versions?
    36. Drive mapping
    Network mappers
    Password cracker
    Port scanner

  36. Which of the following can be used to restrict access to files based on the identity of the user or group and security classification of the information?
    37. | DAC | MAC | NTFS | RBAC |

  37. Which of the following sends a a large number of TCP synchronization requests to a host?
    38. | Smurfing | Spoofing | SYN flood | Teardrop |

  38. Which of the following command-line tool may be used for patch management?
    39. | ChkDsk | HFNetChk | Netdiag | RegView |

  39. An antivirus server keeps flagging an approved application as a threat. This is an example of:
    40. False negative
    False positive
    True negative
    True positive

  40. Which of the following is a tool that enables you to centrally conduct audits on system security setting?
    41. Microsoft Management Console
    Nessus
    Network diagnostic tool
    Reliability and Performance Monitor

  41. Which of these allows someone to secretly embed hidden files by using the least significant bit(s)?
    42. | Steganography | Trojan horse | Virus | Worm |

  42. Which of these allows an attacker to capture HTTP requests and send back a spoofed page?
    43. | Phishing | Replay | TCP/IP hijacking | Teardrop |

  43. The following are steps in the incident response process EXCEPT:
    44. | Containment | Eradication | Recovery | Authentication |

  44. Which of these NIDS configurations is solely based on specific network traffic?
    45. Anomaly-based
    Behavior-based
    Host-based
    Signature-based




Please visit our StudyMaster website for more free study guides.

Copyright © 2016 STUDYMASTER.ORG. All rights reserved.