⚡️Lightning Sale: 50% off Lifetime Membership!⚡️

Try our new practice tests feature: configure your own test including the number of questions, objectives and time limits

CompTIA security plus SY0 401 test 5

This free CompTIA Security+ practice exam covers basic knowledge in the field of Information Systems Security. To pass the CompTIA Security+ exam, a candidate will need knowledge in Network Security, Compliance and operational security, threats and vulnerabilities, access control and identity management, cryptography, and application, data, and host security. This free practice test will test your knowledge and readiness for the CompTIA Security+ Examination.

  • Questions: 20
  • Time: 60 seconds per question (0 hours, 20 minutes, 0 seconds)

The CEO of the company you work for has been receiving emails that appear to be from the local IT department. The emails address her user account, and instruct her to click a link in order to verify her password. Which type of attack is this?

  • Phishing
  • Bluesnarfing
  • Whaling
  • Vishing

Select the answer that properly describes IPSec in tunnel mode:

  • IPSec is incompatible with OSPF WAN encryptions
  • Entire packet is encrypted and wrapped with new IP headers
  • IPSec encrypts packets using SSL, similar to SSH
  • Packet contents are encrypted, headers are not

Your supervisor asks you to implement a new KDC. Which of the following protocols is your supervisor planning to implement?

  • Kerberos
  • Radius
  • TACACS
  • LDAP

What sort of attack uses information gained from social media to obtain access to a users login?

  • MD5 Hash Attack
  • Cognitive Password Attack
  • Birthday Attack
  • Brute Force Attack

Your supervisor asked you to open the necessary ports for a 'secure telnet' What ports should you open?

  • TCP 21
  • TCP 22
  • UDP 23
  • TCP 69

Which of the following is an example of a physical security measure?

  • Honeypot
  • HIDS
  • Mantrap
  • NIPS

A malicious program that disguises itself as a legitimate program is known as a?

  • Trojan Horse
  • Injection
  • Spyware
  • Virus

Which of the following ACL rules will deny DHCP traffic?

  • DENY TCP ANY SERVER LOG
  • DENY UDP ANY SERVER EQ 67
  • ALLOW ALL BUT TCP 67
  • DENY ANY SERVER LOG

Which answer properly describes the purpose of the CA role in Public Key Infrastructure?

  • To issue and signs all root certs
  • To issue a certificate
  • To verify keys for authenticity
  • To sign key escrow lists to CRLs

What will best help you if you need to prevent cross-site scripting on your companies intranet webpage?

  • SSL/HTTPS
  • NIDS
  • Anomaly HIDS
  • Input Validation

You are a network administrator for a large business. Recently, you've noticed a large amount of unusual traffic and you suspect they are SYN attacks. What choice will help you defend against these attacks?

  • Implicit Deny
  • Flood guards
  • VLAN
  • Spanning Tree Protocol

A software test that does not examine the software's code is known as what?

  • White Box
  • White Hat
  • Black Box
  • Grey Box

After a power outage, which of the following documents contains detailed information on the order in which the system should be restored?

  • Succession planning
  • Relief Planning
  • Disaster recovery Plan
  • Information Security Plan

Which of the following is the default port and protocol for HTTPS?

  • TCP 25
  • UDP 443
  • UDP 25
  • TCP 443
  • TCP 80

You're the admin of a large corporation's production computer system, with many users. How often should you review and audit your users rights?

  • Weekly
  • 5 years
  • Annually
  • After an employee is terminiated

What device will work best for servers that need to store private keys?

  • Hardware Security Module
  • Network firewall
  • host firewall
  • SSD hard drive

Which of the following options correctly describes SSO?

  • Will protect credit card information while surfing the web
  • Allows a user to sign in to a subsystem, which grants access to multiple systems without logging in again
  • Requires a user to login to every system separately
  • A protocol that safely encrypts plain text protocols

Your organization has a web server that must be accessible by external users. Which of the following options is the best location for the server?

  • Inside of a DMZ
  • Behind the internal firewall
  • Inside of a VLAN
  • Inside of a VPN

As a security administrator, you decide to force expiration of all user passwords. Which of the following best supports this reasoning?

  • Identify which users are actively logging into the network
  • Regular security measure to ensure a secure network
  • Recently several passwords were cracked
  • Ensures everyone meets password complexity requirements

Which of the following options describes a zero-day attack?

  • A commonly known attack, which is still unpatched
  • A type of social attack, in which the attacker targets high level executives.
  • A known attack, which has been patched and is no longer a threat
  • An attack that exploits an new or unknown vulnerability

Remaining Time:
00:20:00