CompTIA Security+ SY0-401 (Practice Test)

CompTIA Security+ certification covers network security, compliance and operation security, threats and vulnerabilities as well as application, data and host security. Also included are access control, identity management, and cryptography. The official exam objectives are 1.0 Network Security, 2.0 Compliance and Operational Security, 3.0 Threats and Vulnerabilities, 4.0 Application Data and Host Security, 5.0 Access Control and Identity Management and 6.0 Cryptography.

  • Questions: 20
  • Time: 60 seconds per question (0 hours, 20 minutes, 0 seconds)
  • Included Objectives:
    • Compliance and Operational Security
    • Network Security
    • Threats and Vulnerabilities
    • Application, Data and Host Security
    • Access Control and Identity Management
    • Cryptography

The Chief Information Officer (CIO) of your employer has mandated that the internal payroll software be replaced by a cloud based application. The new software is a web based industry standard and will be licensed for use by the company. Which of the following best describes this situation?

  • Infrastructure as a Service
  • Platform as a Service
  • Software as a Service
  • Hosted virtualization service

An internal auditor is concerned with privilege creep that is associated with transfers inside the company. Which mitigation measure would detect and correct this?

  • Job rotations
  • Change control
  • User rights reviews
  • Change management

Which of the following is the MOST secure protocol to transfer files?

  • FTPS
  • SSH
  • FTP

Which of the following describes the most secure firewall configuration?

  • Deny all protocols, allow TCP/IP
  • Deny all UPD, allow all TCP
  • Allow all, deny malicious applications and ports
  • Deny all, with exceptions for required applications and ports

Rachael, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Rachael configure?

  • NAT
  • NACL
  • PACL
  • DNS

Select the answer that properly describes IPSec in tunnel mode:

  • IPSec encrypts packets using SSL, similar to SSH
  • IPSec is incompatible with OSPF WAN encryptions
  • Entire packet is encrypted and wrapped with new IP headers
  • Packet contents are encrypted, headers are not

After a user performed a war driving attack, the network administrator noticed several similar markings where WiFi was available throughout the enterprise. Which of the following is the term used to describe these markings?

  • War dialing
  • War chalking
  • IV attack
  • Rogue access points

An administrator notices that former temporary employees' accounts are still active on a domain. Which of the following can be implemented to increase security and prevent this from happening?

  • Implement time of day restrictions for all temporary employees
  • Implement a password expiration policy
  • Implement an account expiration date for temporary employees
  • Run a last logon script to look for inactive accounts

Several high level executives at a business have been targeted by phishing attacks. Which of the following terms describes this type of phishing?

  • Phreaking
  • Pharming
  • Tailgaiting
  • Whaling

Which authentication protocol periodically verifies a client with a 3-way handshake?

  • PAP
  • CHAP
  • SSO
  • Kerberos

What will best help you if you need to prevent cross-site scripting on your companies intranet webpage?

  • Anomaly HIDS
  • Input Validation
  • NIDS

Which of the following is a Denial of Service attack using a succession of TCP Handshake requests?

  • Smurf Attack
  • Phishing
  • Xmas Attack
  • SYN Flood

Which of the following ACL rules will deny DHCP traffic?


Which of the following is an example of a physical security measure?

  • Honeypot
  • NIPS
  • HIDS
  • Mantrap

Your supervisor asked you to open the necessary ports for a 'secure telnet' What ports should you open?

  • TCP 22
  • TCP 21
  • TCP 69
  • UDP 23

An investigator recently discovered that an attacker placed a remotely accessible CCTV camera in a public area overlooking several Automatic Teller Machines (ATMs). It is also believed that user accounts belonging to ATM operators may have been compromised. Which of the following attacks has MOST likely taken place?

  • Whaling attack
  • Shoulder surfing
  • Dumpster diving
  • Vishing attack

As a security administrator, you decide to force expiration of all user passwords. Which of the following best supports this reasoning?

  • Recently several passwords were cracked
  • Identify which users are actively logging into the network
  • Ensures everyone meets password complexity requirements
  • Regular security measure to ensure a secure network

Which port is used by telnet?

  • 21
  • 20
  • 23
  • 22

Which of the following can allow Emily, a security analyst, to encrypt individual files on a system?

  • JFS
  • EFS
  • Single Sign-on
  • TLS

Which of the following types of application attacks would be used to specifically gain unauthorized information from databases that did not have any input validation implemented?

  • Session hijacking and XML injection
  • Cookies and attachments
  • Buffer overflow and XSS
  • SQL injection