Try our new practice tests feature: configure your own test including the number of questions, objectives and time limits

CompTIA Security Plus SY0 501 Test 3

This free CompTIA Security+ practice exam covers basic knowledge in the field of Information Systems Security. To pass the CompTIA Security+ exam, a candidate will need knowledge in Network Security, Compliance and operational security, threats and vulnerabilities, access control and identity management, cryptography, and application, data, and host security. This free practice test will test your knowledge and readiness for the CompTIA Security+ Examination.

  • Questions: 20
  • Time: 60 seconds per question (0 hours, 20 minutes, 0 seconds)

What term defines an operating system that has been verified as having a sufficient level of security based on the Common Criteria for Information Technology Security Evaluation?

  • Certified Secure Operating System (CSOS)
  • SFRs
  • Protection Profiled Operating System (PPOS)
  • Trusted Operating System (TOS)

Which of the following options is a protocol used to check if a certificate has been revoked?

  • PKI
  • CSR
  • MD5
  • OCSP

James is sending an email to Bob. To ensure confidentially James needs to send the email in an encrypted format using PKI. What will James use to encrypt the email so Bob can decrypt it?

  • James' private key
  • Bob's public key
  • James' public key
  • Bob's private key

What improvements does a VLAN offer for network security?

  • Logically separates network segments
  • Allows for session dropping in the event of an anomaly detection
  • Provides layer 4 filtering (TCP/UDP)
  • Physically restricts unauthorized devices from network access

What type of certificate can be used for a list of explicitly given domains, IP addresses or sub domains?

  • Self signed
  • Code signed
  • SAN
  • Wildcard

Your employer has always been very security conscious and to date does not use an company owned mobile or wireless devices like laptops and smart phones. A new project aims to evaluate options on the market for security implementing laptops within the company. One requirement is that all data stored on the laptop's drive must be encrypted. What type of drive could fulfill this requirement?

  • SED
  • RAID 0
  • VPN

Which of the following acronyms refers to a cryptographic hardware component capable of securely storing data like passwords and keys?

  • DLP
  • TPM
  • NAT
  • DMZ

Out of the following algorithms, which is a symmetric-key algorithm?

  • RSA
  • DES
  • DSA

What is the name of the process used to digitally sign executables?

  • Executable Signature Signing
  • Code pinning
  • Code signing
  • Code validation signature

A new company policy requires hardware encryption for certain highly confidential systems. These existing systems do not already have a hardware component that can provide this functionality. What is the easiest way to implement this new policy?

  • PKI
  • Hardware Security Module
  • Trusted Platform Module

Which of the following is used in PKI for key agreement?

  • HMAC
  • CTR
  • ECDH
  • RSA

You have joined a new enterprise as a member of the IT Security team. During on boarding you receive two computers, one with access to highly confidential systems and one with access to less critical data and the internet. You cannot send data or documents from one network to the other and have to manage separate credentials for each. What concept best defines this approach?

  • Data aggregated network segmentation (DANS)
  • Air gap
  • Physical de-segmentation
  • VPN

Your employer has asked your team to define and implement a new network area that will be accessible to authorized 3rd party companies through a dedicated WAN connection. A critical requirement is that access to this new network area should not also allow network access to the companies internal network and systems. What type of network best defines this setup?

  • Extranet
  • Guess WiFi
  • Intranet
  • VLAN

What term refers to a holistic approach to IT security including diversification of vendors, controls (both administrative and technical) and user training?

  • Holistic IA
  • Defense-in-depth
  • DMZ
  • Regulatory standard framework

Which term best applies to the following statement: Plain text data is converted to an unreadable format that cannot be converted back into it's original format

  • Encryption
  • Hashing
  • Asymmetric Encryption
  • Codebook

You work as a freelance security consultant. You are now working for a large government and have been contracted to create a stand-alone system that should attract malicious activity. The system should mimic an existing productive system but with fake non-sensitive data. The activity in this new system should be recorded so security analysts can review and identify patterns in the malicious activity. What best defines this type of system?

  • DMZ
  • Honeynet
  • Ad hoc target
  • DDoS Mitigator

You are responsible for network security within your employer's network architecture team. Your team is implementing a new network that can allow unauthenticated WiFi users access to the internet without allowing them access to any internal systems. What type of WiFi network is this?

  • DMZ
  • NAT
  • Guest
  • Extranet

What type of public certificate can be used with multiple sub-domains?

  • Domain validated certificate
  • Self-signed
  • Multipurpose
  • Wildcard

How many rounds does 3DES perform when encrypting data?

  • 16
  • 8
  • 32
  • 48

A junior security professional on your team is trying to export a public certificate and share it with a colleague outside of the IT department. They ask you if they should use a CER or PFX format. Which format should be used?

  • CER
  • Neither are acceptable
  • PFX
  • Both are acceptable