Try our new practice tests feature: configure your own test including the number of questions, objectives and time limits

CompTIA Security Plus SY0 501 Test 3

This free CompTIA Security+ practice exam covers basic knowledge in the field of Information Systems Security. To pass the CompTIA Security+ exam, a candidate will need knowledge in Network Security, Compliance and operational security, threats and vulnerabilities, access control and identity management, cryptography, and application, data, and host security. This free practice test will test your knowledge and readiness for the CompTIA Security+ Examination.

  • Questions: 20
  • Time: 60 seconds per question (0 hours, 20 minutes, 0 seconds)

You are responsible for network security within your employer's network architecture team. Your team is implementing a new network that can allow unauthenticated WiFi users access to the internet without allowing them access to any internal systems. What type of WiFi network is this?

  • DMZ
  • Extranet
  • NAT
  • Guest

Which of the following acronyms refers to a cryptographic hardware component capable of securely storing data like passwords and keys?

  • NAT
  • DMZ
  • TPM
  • DLP

What improvements does a VLAN offer for network security?

  • Allows for session dropping in the event of an anomaly detection
  • Logically separates network segments
  • Physically restricts unauthorized devices from network access
  • Provides layer 4 filtering (TCP/UDP)

What is the name of the process used to digitally sign executables?

  • Executable Signature Signing
  • Code validation signature
  • Code pinning
  • Code signing

Out of the following algorithms, which is a symmetric-key algorithm?

  • PGP/GPG
  • DES
  • DSA
  • RSA

Your employer has always been very security conscious and to date does not use an company owned mobile or wireless devices like laptops and smart phones. A new project aims to evaluate options on the market for security implementing laptops within the company. One requirement is that all data stored on the laptop's drive must be encrypted. What type of drive could fulfill this requirement?

  • RAID 0
  • VPN
  • SED
  • PKI-SSD

What type of public certificate can be used with multiple sub-domains?

  • Domain validated certificate
  • Multipurpose
  • Wildcard
  • Self-signed

You have joined a new enterprise as a member of the IT Security team. During on boarding you receive two computers, one with access to highly confidential systems and one with access to less critical data and the internet. You cannot send data or documents from one network to the other and have to manage separate credentials for each. What concept best defines this approach?

  • Physical de-segmentation
  • Air gap
  • Data aggregated network segmentation (DANS)
  • VPN

What term defines an operating system that has been verified as having a sufficient level of security based on the Common Criteria for Information Technology Security Evaluation?

  • Certified Secure Operating System (CSOS)
  • Trusted Operating System (TOS)
  • SFRs
  • Protection Profiled Operating System (PPOS)

What type of certificate can be used for a list of explicitly given domains, IP addresses or sub domains?

  • Code signed
  • Self signed
  • Wildcard
  • SAN

A new company policy requires hardware encryption for certain highly confidential systems. These existing systems do not already have a hardware component that can provide this functionality. What is the easiest way to implement this new policy?

  • Trusted Platform Module
  • PKI
  • Hardware Security Module
  • RADIUS

Which term best applies to the following statement: Plain text data is converted to an unreadable format that cannot be converted back into it's original format

  • Asymmetric Encryption
  • Codebook
  • Encryption
  • Hashing

What term refers to a holistic approach to IT security including diversification of vendors, controls (both administrative and technical) and user training?

  • Holistic IA
  • Regulatory standard framework
  • Defense-in-depth
  • DMZ

How many rounds does 3DES perform when encrypting data?

  • 8
  • 48
  • 16
  • 32

You work as a freelance security consultant. You are now working for a large government and have been contracted to create a stand-alone system that should attract malicious activity. The system should mimic an existing productive system but with fake non-sensitive data. The activity in this new system should be recorded so security analysts can review and identify patterns in the malicious activity. What best defines this type of system?

  • Honeynet
  • DMZ
  • Ad hoc target
  • DDoS Mitigator

James is sending an email to Bob. To ensure confidentially James needs to send the email in an encrypted format using PKI. What will James use to encrypt the email so Bob can decrypt it?

  • Bob's public key
  • Bob's private key
  • James' public key
  • James' private key

Which of the following options is a protocol used to check if a certificate has been revoked?

  • OCSP
  • PKI
  • CSR
  • MD5

A junior security professional on your team is trying to export a public certificate and share it with a colleague outside of the IT department. They ask you if they should use a CER or PFX format. Which format should be used?

  • CER
  • PFX
  • Both are acceptable
  • Neither are acceptable

Which of the following is used in PKI for key agreement?

  • CTR
  • ECDH
  • RSA
  • HMAC

Your employer has asked your team to define and implement a new network area that will be accessible to authorized 3rd party companies through a dedicated WAN connection. A critical requirement is that access to this new network area should not also allow network access to the companies internal network and systems. What type of network best defines this setup?

  • Extranet
  • VLAN
  • Intranet
  • Guess WiFi