CompTIA Security+ SY0-501 (Practice Test)

CompTIA+ Security+ is a vendor neutral IT industry certification for security. It is an entry level certificate for the subject of IT security and is recommended to be the first security focused certificate an IT professional should learn. Security+ will establish core knowledge that would be required for any cyber-security role by covering essential skills in the areas of Threats, Attacks & Vulnerabilities, Technologies & Tools, Architecture & Design, Identity & Access Management, Risk Management & Cryptography and PKI.

  • Questions: 20
  • Time: 60 seconds per question (0 hours, 20 minutes, 0 seconds)
  • Included Objectives:
    • Technologies and Tools
    • Threats, Attacks and Vulnerabilities
    • Architecture and Design
    • Identity and Access Management
    • Risk Management
    • Cryptography and PKI

During a regular security scan of the network you find that several user laptops are infected with the same malware. After cross-referencing the laptop users with the reverse proxy logs you find that they all accessed a industry news website the day before. You believe your organization may have been specifically targeted for this malware. What type of attack would best describe this theory?

  • Spoofing
  • Watering hole
  • SYN Flood
  • SQL injection

When configuring a wireless access point what configuration change will hide the name of the wireless network and require users who want to connect to the network to know the wireless name?

  • Enable DLP on the access point
  • Enable WPA2's anonymous mode
  • Disable passive network name authentication
  • Disable SSID

You are working as a security consultant for a small company. The owner of the company states they were recently targeted by hackers who gained access to their email account. Since then the attackers have taken control of the companies website and have stated they will only return control to the company after receiving a payment. The hosting provider has stated the web servers are not infected and no unusual logins have occurred. Despite this users are reporting they cannot access the companies website. Based on this information, what type of attack has occurred to the website?

  • MitM
  • Session hijacking
  • Cross-site scripting
  • DNS hijacking

What type of NIDS commonly uses artificial intelligence and data mining to identify malicious network traffic?

  • Anomaly-based NIDS
  • Filter-based NIDS
  • Rule-based NIDS
  • Signature-based NIDS

You are responsible for network security within your employer's network architecture team. Your team is implementing a new network that can allow unauthenticated WiFi users access to the internet without allowing them access to any internal systems. What type of WiFi network is this?

  • Guest
  • DMZ
  • Extranet
  • NAT

Your employer has several thousand internal users all who need to access the internet on a daily basis to complete their work. What technology should be used to mask the internal IP addresses of these users and allow access to the internet through shared public IP addresses?

  • DNS
  • Router
  • DMZ
  • NAT

How many rounds does 3DES perform when encrypting data?

  • 16
  • 48
  • 8
  • 32

What type of DOS attack sends a large number of new TCP requests to a server in order to overwhelm it with unused open sessions?

  • Session hijacking
  • DDoS
  • Spanning tree
  • SYN Flood

You are observing an outage of your employers website. While investigating the cause of the outage you learn that there is a large-scale DDOS attack that has caused network outages for large percentages of the internet. The attack is targeting key infrastructure of major web service providers. According to news sources the attackers are sending huge numbers of requests to open DNS servers with spoofed IP addresses. The responses from the DNS servers are sent to the spoofed IP addresses which have resulted in network outages due to overwhelmed infrastructure. What type of attack is being conducted?

  • DNS amplification
  • DNS jamming
  • DNS poisoning
  • Domain hijacking

What is the name of the process used to digitally sign executables?

  • Code validation signature
  • Code signing
  • Code pinning
  • Executable Signature Signing

What improvements does a VLAN offer for network security?

  • Physically restricts unauthorized devices from network access
  • Provides layer 4 filtering (TCP/UDP)
  • Logically separates network segments
  • Allows for session dropping in the event of an anomaly detection

Which term best applies to the following statement: Plain text data is converted to an unreadable format that cannot be converted back into it's original format

  • Asymmetric Encryption
  • Hashing
  • Codebook
  • Encryption

During routine security checks you discover that a wireless access point is setup on the outside of your employer's office building. The access point has the same SSID as the internal WiFi network but is unsecured to allow anyone access. What type of attack have you discovered?

  • SSID reduplication attack
  • Evil twin
  • Jamming
  • W-DNS Spoofing

Your coworker is out sick due to an illness. In his absence you have received the results of a vulnerability scan he ordered from an external provider. Unfortunately your coworker did not give you any information on what type of scan was conducted or what methods were used. The results show that 3 injection vulnerabilities were identified but are only possible when attempted from an authenticated user account. Based on the information you have, what type of vulnerability scan was most likely completed?

  • Gray box
  • Non-intrusive
  • Intrusive
  • Credentialed

Which regulation in the United States would apply to a healthcare organization and require they protect the confidentially of patient data?

  • GDPR
  • HDPA
  • EU Privacy Shield

Your employer has asked your team to define and implement a new network area that will be accessible to authorized 3rd party companies through a dedicated WAN connection. A critical requirement is that access to this new network area should not also allow network access to the companies internal network and systems. What type of network best defines this setup?

  • Intranet
  • VLAN
  • Guess WiFi
  • Extranet

Which of the following acronyms refers to a cryptographic hardware component capable of securely storing data like passwords and keys?

  • TPM
  • DMZ
  • NAT
  • DLP

A large chemical company will soon be legally required to offer phone support for customers to contact in the event of a chemical spill or other similar issue. The new law requires the company be available 24/7, 365 days a year or large fines will be levied against the company. You have been contracted to ensure a power outage does not prevent the help desk from being available to callers. You have been given the requirement that all electronic equipment (desktops, servers, network equipment, phones, etc.) must operate for up to 24 hours without interruption during a power outage. Which of the following options would best meet requirement?

  • Online UPS
  • Line-Interactive UPS
  • Generator
  • Emergency power supply

Which of the following options is a protocol used to check if a certificate has been revoked?

  • PKI
  • CSR
  • MD5
  • OCSP

What acronym refers to the amount of time between the failure of a device and the device's return to normally functionality?

  • MTBF
  • MTTR
  • MRTR
  • MTTF