This free CompTIA Security+ practice exam covers basic knowledge in the field of Information Systems Security. To pass the CompTIA Security+ exam, a candidate will need knowledge in Network Security, Compliance and operational security, threats and vulnerabilities, access control and identity management, cryptography, and application, data, and host security. This free practice test will test your knowledge and readiness for the CompTIA Security+ Examination.
1) Which of the following is an example of a physical security measure?
2) Which of the following options correctly describes SSO?
3) A software test that does not examine the software's code is known as what?
4) Which answer properly describes the purpose of the CA role in Public Key Infrastructure?
5) Your organization has a web server that must be accessible by external users. Which of the following options is the best location for the server?
6) Select the answer that properly describes IPSec in tunnel mode:
7) What will best help you if you need to prevent cross-site scripting on your companies intranet webpage?
8) The CEO of the company you work for has been receiving emails that appear to be from the local IT department. The emails address her user account, and instruct her to click a link in order to verify her password. Which type of attack is this?
9) Which of the following ACL rules will deny DHCP traffic?
10) You are a network administrator for a large business. Recently, you've noticed a large amount of unusual traffic and you suspect they are SYN attacks. What choice will help you defend against these attacks?
11) Your supervisor asked you to open the necessary ports for a 'secure telnet' What ports should you open?
12) As a security administrator, you decide to force expiration of all user passwords. Which of the following best supports this reasoning?
13) What device will work best for servers that need to store private keys?
14) After a power outage, which of the following documents contains detailed information on the order in which the system should be restored?
15) A malicious program that disguises itself as a legitimate program is known as a?
16) You're the admin of a large corporation's production computer system, with many users. How often should you review and audit your users rights?
17) Which of the following options describes a zero-day attack?
18) Your supervisor asks you to implement a new KDC. Which of the following protocols is your supervisor planning to implement?
19) Which of the following is the default port and protocol for HTTPS?
20) What sort of attack uses information gained from social media to obtain access to a users login?
You can go back and review your answers or grade your test.