This free CompTIA Security+ practice exam covers basic knowledge in the field of Information Systems Security. To pass the CompTIA Security+ exam, a candidate will need knowledge in Network Security, Compliance and operational security, threats and vulnerabilities, access control and identity management, cryptography, and application, data, and host security. This free practice test will test your knowledge and readiness for the CompTIA Security+ Examination.
1) Which statement is TRUE about the operation of a packet sniffer?
When a NIC is placed in promiscuous mode, it will pass all data it receives onto the CPU. Normally, a NIC will ignore data not intended for it's IP or MAC Addresses.
This question is filed under objective 1, Network Security
In computer networking, promiscuous mode is a mode for a wired network interface controller (NIC) or wireless network interface controller (WNIC) that causes the controller to pass all traffic it receives to the central processing unit (CPU) rather than passing only the frames that the controller is specifically programmed to receive This mode is normally used for packet sniffing that takes place on a router or on a computer connected to a wired network or one being part of a wireless LAN Interfaces are placed into promiscuous mode by software bridges often used with hardware virtualization In IEEE 802 networks such as Ethernet or IEEE 802… Read More
2) A network administrator has recently updated their network devices to ensure redundancy is in place so that:
Redundancy is used to ensure if one device fails, a backup can take its place. Without redundancy, single points of failure can cause system wide outages.
This question is filed under objective 1, Network Security
A single point of failure (SPOF) is a part of a system that, if it fails, will stop the entire system from working SPOFs are undesirable in any system with a goal of high availability or reliability, be it a business practice, software application, or other industrial system … Read More
3) A company storing data on a secure server wants to ensure it is legally able to dismiss and prosecute staff who intentionally access the server via Telnet and illegally tamper with customer data. Which of the following administrative controls should be implemented to BEST achieve this?
Much like a no trespassing sign, warning banners can be used to warn intruders against unauthorized access.
This question is filed under objective 2, Compliance and Operational Security
4) After a user performed a war driving attack, the network administrator noticed several similar markings where WiFi was available throughout the enterprise. Which of the following is the term used to describe these markings?
War chalking is the drawing of sybmols to advertise an open WiFi network.
This question is filed under objective 1, Network Security
Warchalking is the drawing of symbols in public places to advertise an open Wi-Fi network Inspired by hobo symbols, the warchalking marks were conceived by a group of friends in June 2002 and publicised by Matt Jones who designed the set of icons and produced a downloadable document containing them Within days of Jones publishing a blog entry about warchalking, articles appeared in dozens of publications and stories appeared on several major television news programs around the worldThe word is formed by analogy to wardriving, the practice of driving around an area in a car to detect open Wi-Fi nodes… Read More
5) A user ID and password together provide which of the following?
The combination of User ID and password allows an application or system to authenticate the user.
This question is filed under objective 5, Access Control and Identity Management
Authentication (from Greek: αὐθεντικός authentikos, "real, genuine", from αὐθέντης authentes, "author") is the act of proving an assertion, such as the identity of a computer system user In contrast with identification, the act of indicating a person or thing's identity, authentication is the process of verifying that identity It might involve validating personal identity documents, verifying the authenticity of a website with a digital certificate, determining the age of an artifact by carbon dating, or ensuring that a product or document is not counterfeit … Read More
6) Geneson, an administrator, needs to make sure the wireless network is not accessible from the parking area of their office. Which of the following would BEST help Geneson when deploying a new access point?
Antenna placement and signal strength would most affect the range of the wireless signal.
This question is filed under objective 1, Network Security
7) Rachael, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Rachael configure?
Network Address Translation allows a network device (typically a router) to translate IP Addresses. It it most commonly used to hide internal private addresses and instead translates them to a public address. The translation can be one external IP for many internal IPs or a one to one configuration.
This question is filed under objective 1, Network Security
Network address translation (NAT) is a method of remapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device The technique was originally used to avoid the need to assign a new address to every host when a network was moved, or when the upstream Internet service provider was replaced, but could not route the networks address space It has become a popular and essential tool in conserving global address space in the face of IPv4 address exhaustion One Internet-routable IP address of a NAT gateway can be used for an entire private network… Read More
8) Which of the following is a hardware based encryption device?
Trusted Platform Module (TPM) is a secure cryptoprocessor that can store cryptographic keys to protect information.
This question is filed under objective 6, Cryptography
Trusted Platform Module (TPM, also known as ISO/IEC 11889) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys … Read More
9) Which of the following is BEST used as a secure replacement for TELNET?
Secure Shell (SSH) is a cryptographic network protocol used to secure a data stream. It is commonly used as a secure replacement for the Telnet protocol.
This question is filed under objective 4, Application, Data and Host Security
Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network Typical applications include remote command-line, login, and remote command execution, but any network service can be secured with SSH SSH provides a secure channel over an unsecured network by using a client–server architecture, connecting an SSH client application with an SSH server The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2 The standard TCP port for SSH is 22 SSH is generally used to access Unix-like operating systems, but it can also be used on Microsoft Windows Windows 10 uses OpenSSH as its default SSH client and SSH server… Read More
10) Sara, an application developer, has just implemented error and exception handling in an application. Which of the following does this help prevent?
The use of error and exception handling will allow the application to properly handle errors, reducing the chance of buffer overflows from occurring.
This question is filed under objective 3, Threats and Vulnerabilities
In information security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations Buffers are areas of memory set aside to hold data, often while moving it from one section of a program to another, or between programs Buffer overflows can often be triggered by malformed inputs if one assumes all inputs will be smaller than a certain size and the buffer is created to be that size, then an anomalous transaction that produces more data could cause it to write past the end of the buffer… Read More
11) An administrator in the Network Security Department notices that an employee in the Networking Department made unauthorized changes to a firewall over the weekend. Which of the following would be used to mitigate this issue so that only security administrators can make changes to the firewall?
The key phrases here are networking department and network security department. Although firewalls are network devices, they would fall under network security department. Members of the networking department will need some access to the firewall, but changes should be made by the Network Security Department. Giving the network department only needed privileges would solve this.
This question is filed under objective 5, Access Control and Identity Management
In information security, computer science, and other fields, the principle of least privilege (PoLP), also known as the principle of minimal privilege or the principle of least authority, requires that in a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose… Read More
12) Which of the following application security testing techniques is implemented when an automated system generates random input data?
Fuzzing, or Fuzz testing is a software testing technique where random input is generate and given to an application so the results can be studied. It is done to test security, and reliablity of an application.
This question is filed under objective 4, Application, Data and Host Security
Fuzzing or fuzz testing is an automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program The program is then monitored for exceptions such as crashes, failing built-in code assertions, or potential memory leaks Typically, fuzzers are used to test programs that take structured inputs This structure is specified, eg, in a file format or protocol and distinguishes valid from invalid input An effective fuzzer generates semi-valid inputs that are "valid enough" in that they are not directly rejected by the parser, but do create unexpected behaviors deeper in the program and are "invalid enough" to expose corner cases that have not been properly dealt with… Read More
13) Using proximity card readers instead of the traditional key punch doors would help to mitigate:
Shoulder surfing is when an attacker watches a user enter a password or pin number. As a key punch door only requires a pin number which means anyone with the pin number has access and is susceptible to shoulder surfing. By replacing the key punch with a proximity reader shoulder surfing is not an issue as the proximity reader will require the attacker to also have a physical token to gain access. Tailgating is when an attacker enters an open door before it closes (after an authorized user opens). This can only be mitigated by user training and man traps.
This question is filed under objective 3, Threats and Vulnerabilities
In computer security, shoulder surfing is a type of social engineering technique used to obtain information such as personal identification numbers (PINs), passwords and other confidential data by looking over the victim's shoulder, either from keystrokes on a device or sensitive information being spoken and heard, also known as eavesdropping… Read More
14) Which of the following assets is MOST likely considered for DLP?
USB mass storage devices are commonly used in Data Loss Prevention (DLP) as a backup medium.
This question is filed under objective 2, Compliance and Operational Security
15) Which of the following network architecture concepts is used to securely isolate network devices at the boundary between networks?
Demilitarized Zone (DMZ) is an area between two networks, that is accessible from both networks. This is generally where public servers are located. VLANs and Subnets can provide a similar function within a network, but not between two separate networks.
This question is filed under objective 1, Network Security
In computer security, a DMZ or demilitarized zone (sometimes referred to as a perimeter network or screened subnet) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted, usually larger, network such as the Internet The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN): an external network node can access only what is exposed in the DMZ, while the rest of the organization's network is firewalled The DMZ functions as a small, isolated network positioned between the Internet and the private network and, if its design is effective, allows the organization extra time to detect and address breaches before they would further… Read More
16) An IT director is looking to reduce the footprint of their company's server environment. They have decided to move several internally developed software applications to an alternate environment, supported by an external company. They will still maintain the software, operating systems and configurations, but will not manage the physical hardware. Which of the following BEST describes this arrangement?
Infrastructure as a Service (IaaS) is a model where a company outsources the equipment used to support operations to another company. In this case they will be using another company's infrastructure to operate their software applications.
This question is filed under objective 4, Application, Data and Host Security
Software as a service (SaaS ) (also known as subscribeware or rentware) is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted It is sometimes referred to as "on-demand software", and was formerly referred to as "software plus services" by MicrosoftSaaS applications are also known as Web-based software, on-demand software and hosted software The term "software as a service" (SaaS) is considered to be part of the nomenclature of cloud computing, along with infrastructure as a service (IaaS), platform as a service (PaaS), desktop as a service (DaaS), managed software as a service (MSaaS), mobile backend as a service (MBaaS), datacenter as a service (DCaaS), and information… Read More
17) A software development company wants to implement a digital rights management solution to protect its intellectual property. Which of the following should the company implement to enforce software digital rights?
Public Key infrastructure (PKI) can be used to give mutual authentication and encryption, ensuring the companies software is only accessible to authorized users.
This question is filed under objective 6, Cryptography
A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email It is required for activities where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred In cryptography, a PKI is an arrangement that binds public keys with respective identities of entities (like… Read More
18) Sara, a security manager, has decided to force expiration of all company passwords by the close of business day. Which of the following BEST supports this reasoning?
Forcing all users to renew their login credentials is commonly done if there was a recent breach in security.
This question is filed under objective 2, Compliance and Operational Security
19) An administrator is receiving an error in browser stating a website's certificate is invalid. Which of the following is the browser referring to?
Browser load web certificates when a web server uses the HTTPS protocol. The certificate given to the browser will always be the public certificate, which will contain the public key. The private key is kept by the administrator who created the certificate and should never be shared.
This question is filed under objective 6, Cryptography
Public-key cryptography, or asymmetric cryptography, is a cryptographic system that uses pairs of keys: public keys, which may be disseminated widely, and private keys, which are known only to the owner The generation of such keys depends on cryptographic algorithms based on mathematical problems to produce one-way functions Effective security only requires keeping the private key private the public key can be openly distributed without compromising securityIn such a system, any person can encrypt a message using the receiver's public key, but that encrypted message can only be decrypted with the receiver's private key Robust authentication is also possible… Read More
20) The IT department has setup a website with a series of questions to allow end users to reset their own accounts. Which of the following account management practices does this help?
This question is filed under objective 5, Access Control and Identity Management
Self-service password reset (SSPR) is defined as any process or technology that allows users who have either forgotten their password or triggered an intruder lockout to authenticate with an alternate factor, and repair their own problem, without calling the help desk It is a common feature in identity management software and often bundled in the same software package as a password synchronization capability Typically users who have forgotten their password launch a self-service application from an extension to their workstation login prompt, using their own or another user's web browser, or through a telephone call Users establish their identity, without using their forgotten or disabled password, by answering a series of personal… Read More
You can go back and review your answers or grade your test.