⚡️Lightning Sale: 25% off Lifetime Membership ⚡️

3 hours, 10 minutes remaining!
CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900
Content out of date!

These study materials are for an old exam version. Click here for the up to date study materials!

CompTIA Security Plus SY0 501 Test 3

Free CompTIA Security+ SY0-501 practice test, CompTIA Security Plus SY0 501 Test 3. This free CompTIA Security+ practice exam covers basic knowledge in the field of Information Systems Security. To pass the CompTIA Security+ exam, a candidate will need knowledge in Network Security, Compliance and operational security, threats and vulnerabilities, access control and identity management, cryptography, and application, data, and host security. This free practice test will test your knowledge and readiness for the CompTIA Security+ Examination.

  • Questions: 20
  • Time: 60 seconds per question (0 hours, 15 minutes, 0 seconds)

Which term best applies to the following statement: Plain text data is converted to an unreadable format that cannot be converted back into it's original format

  • Codebook

  • Asymmetric Encryption

  • Encryption

  • Hashing

What type of public certificate can be used with multiple sub-domains?

  • Domain validated certificate

  • Multipurpose

  • Self-signed

  • Wildcard

Which of the following is used in PKI for key agreement?

  • RSA

  • ECDH

  • CTR

  • HMAC

Out of the following algorithms, which is a symmetric-key algorithm?

  • DES

  • PGP/GPG

  • RSA

  • DSA

You work as a freelance security consultant. You are now working for a large government and have been contracted to create a stand-alone system that should attract malicious activity. The system should mimic an existing productive system but with fake non-sensitive data. The activity in this new system should be recorded so security analysts can review and identify patterns in the malicious activity. What best defines this type of system?

  • DDoS Mitigator

  • Ad hoc target

  • DMZ

  • Honeynet

You have joined a new enterprise as a member of the IT Security team. During on boarding you receive two computers, one with access to highly confidential systems and one with access to less critical data and the internet. You cannot send data or documents from one network to the other and have to manage separate credentials for each. What concept best defines this approach?

  • Physical de-segmentation

  • Data aggregated network segmentation (DANS)

  • Air gap

  • VPN

Your employer has always been very security conscious and to date does not use an company owned mobile or wireless devices like laptops and smart phones. A new project aims to evaluate options on the market for security implementing laptops within the company. One requirement is that all data stored on the laptop's drive must be encrypted. What type of drive could fulfill this requirement?

  • VPN

  • PKI-SSD

  • RAID 0

  • SED

James is sending an email to Bob. To ensure confidentially James needs to send the email in an encrypted format using PKI. What will James use to encrypt the email so Bob can decrypt it?

  • Bob's private key

  • Bob's public key

  • James' private key

  • James' public key

What type of certificate can be used for a list of explicitly given domains, IP addresses or sub domains?

  • Wildcard

  • Code signed

  • SAN

  • Self signed

What term defines an operating system that has been verified as having a sufficient level of security based on the Common Criteria for Information Technology Security Evaluation?

  • Trusted Operating System (TOS)

  • SFRs

  • Protection Profiled Operating System (PPOS)

  • Certified Secure Operating System (CSOS)

What term refers to a holistic approach to IT security including diversification of vendors, controls (both administrative and technical) and user training?

  • DMZ

  • Regulatory standard framework

  • Defense-in-depth

  • Holistic IA

What improvements does a VLAN offer for network security?

  • Provides layer 4 filtering (TCP/UDP)

  • Allows for session dropping in the event of an anomaly detection

  • Logically separates network segments

  • Physically restricts unauthorized devices from network access

How many rounds does 3DES perform when encrypting data?

  • 8

  • 32

  • 48

  • 16

What is the name of the process used to digitally sign executables?

  • Code validation signature

  • Code signing

  • Code pinning

  • Executable Signature Signing

A new company policy requires hardware encryption for certain highly confidential systems. These existing systems do not already have a hardware component that can provide this functionality. What is the easiest way to implement this new policy?

  • RADIUS

  • Hardware Security Module

  • Trusted Platform Module

  • PKI

Your employer has asked your team to define and implement a new network area that will be accessible to authorized 3rd party companies through a dedicated WAN connection. A critical requirement is that access to this new network area should not also allow network access to the companies internal network and systems. What type of network best defines this setup?

  • VLAN

  • Extranet

  • Intranet

  • Guess WiFi

Which of the following options is a protocol used to check if a certificate has been revoked?

  • CSR

  • MD5

  • PKI

  • OCSP

Which of the following acronyms refers to a cryptographic hardware component capable of securely storing data like passwords and keys?

  • TPM

  • DMZ

  • DLP

  • NAT

You are responsible for network security within your employer's network architecture team. Your team is implementing a new network that can allow unauthenticated WiFi users access to the internet without allowing them access to any internal systems. What type of WiFi network is this?

  • DMZ

  • Extranet

  • Guest

  • NAT

A junior security professional on your team is trying to export a public certificate and share it with a colleague outside of the IT department. They ask you if they should use a CER or PFX format. Which format should be used?

  • PFX

  • Neither are acceptable

  • CER

  • Both are acceptable



Remaining Time 00:15:00