Security+ – Comprehensive Multiple Choice Exam

/85

Security+ Comprehensive Multiple Choice Exam

With Over 170 questions, you will be given 85 questions to answer with a time limit of 85 minutes.

Questions and answers are RANDOMIZED to encourage better study habits instead of just memorizing them.

Passing Score is set to 85%.

 

 

1 / 85

A private company uses an SSL proxy to examine the contents of an encrypted application during transmission. How could the application developers prevent the use of this proxy examination in the future?

2 / 85

A new malware variant takes advantage of a vulnerability in a popular email client. Once installed, the malware forwards all email attachments containing credit card information to an external email address. Which of the following would limit the scope of this attack?

3 / 85

A company is designing an application that will have a high demand and will require significant computing resources during the summer. During the winter, there will be little to no application use and resource use should be minimal. Which of these characteristics BEST describe this application requirement?

4 / 85

An attacker has discovered a way to disable a server by sending specially crafted packets from many remote devices to the operating system. When the packet is received, the system crashes and must be rebooted to restore normal operations. Which of the following would BEST describe this attack?

5 / 85

A security team has been provided with a non-credentialed vulnerability scan report created by a third-party. Which of the following would they expect to see on this report?

6 / 85

A security administrator has installed a network-based DLP solution to determine if file transfers contain PII. Which of the following describes the data during the file transfer?

7 / 85

A virus scanner has identified a macro virus in a word processing file attached to an email. Which of the following information could be obtained from the metadta of this file?

8 / 85

Daniel, a cybersecurity analyst, has been asked to respond to a denial of service attack against a web server. Daniel first collects information in the arp cache, then a copy of the server's temporary file system, and finally system logs from the web server. What part of the forensics gathering process did Daniel follow?

9 / 85

A security administrator would like to encrypt all telephone communication on the corporate network. Which of the of the following protocols would provide this functionality?

10 / 85

A security administrator has configured a virtual machine in a screened subnet with a guest login account and no password.  Which of the following would be the MOST likely reason for this configuration?

11 / 85

Employees of an organization have received an email offering a cash bonus for completing an internal training course. The link in the email requires users to login with their Windows Domain credentials, but the link appears to be located on an external server. Which of the following would BEST describe this email?

12 / 85

A security administrator has found a keylogger installed alongside an update of accounting software. Which of the followin would prevent the transmission of the collected logs?

13 / 85

Which of these would be used to provide multi-factor authentication?

14 / 85

A security administrator would like to minimize the number of certificate status checks made by web clients tot he certificate authority. Which of the following would be the BEST option for this requirement?

15 / 85

An organization has developed an in-house mobile device app for order processing. The developers would like the app to identify revoked server certificates without sending any traffic over the corporate Internet connection. Which of the following MUST be configured to allow this functionality?

16 / 85

The contract of a long-term temporary employee is ending. Which of these would be the MOST important part of the off-boarding process?

17 / 85

A security engineer is running a vulnerability scan on their own workstation. The scanning software is using the engineers account access to perform all scans. What type of scan is running?

18 / 85

A network administrator is viewing a log file from a web server:

https://www.example.com/?s=/Index/think/app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][0]=_HelloThinkPHP

Which of the following would be the BEST way to prevent this attack?

19 / 85

A security administrator has discovered that an employee has been exfiltrating confidential company information by embedding the data within image files and emailing the images to a third-party. Which of the following would best describe this activity?

20 / 85

A finance company is legally required to maintain seven years of tax records for all of their customers. Which of the following would be the BEST way to implement this requirement?

 

21 / 85

A security administrator has identified an internally developed application that allows users to modify SQL queries through a web-based front-end. To prevent this modification, the administrator has recommended that all queries be completely removed from the application front-end and placed onto the back-end of the application server. Which of the following would describe this implementation?

22 / 85

During a ransomware outbreak, an organization was forced to rebuild database servers from known good backup systems. In which of the following incident response phases were these database servers brought back online?

23 / 85

A transportation company is installing new wireless access points in their corporate offices. The manufacturer estimates that the access points will operate an average of 100,000 hours before a hardware-related outage. Which of the following describes this estimate?

24 / 85

Which of the following would be the BEST way to provide a website login using existing credentials from a third-party site?

25 / 85

An attacker has sent more information than expected in a single API call, and this has allowed the execution of arbitrary code. Which of the following would BEST describe this attack?

26 / 85

An organization maintains a large database of customer information for sales tracking and customer support. Which person in the organization would be responsible for managing the access rights to this data?

27 / 85

Which of the following vulnerabilities would be the MOST significant security concern when protecting against a competitor?

28 / 85

A data center manager has built a Faraday cage in the data center, and a set of application servers have been placed inside the Faraday cage. Which of the following would be the MOST likely reason for the data center manager to install this configuration of equipment?

29 / 85

An organization has contracted with a third-party to perform a vulnerability scan of their Internet-facing web servers. The report shows that the web servers have multiple Sun Java Runtime Environment (JRE) vulnerabilities, but the server administrator has verified the JRE is not installed. Which of the following would be the BEST way to handle this report?

30 / 85

An attacker was able to download ten thousand company employee login credentials containing usernames and hashed passwords. Less than an hour later, a list containing all ten thousand usernames and passwords in plain text where posted to an online fire storage repository. which of the following would BEST describe hos this attack was able to post this information?

31 / 85

jack, a hacker, has identified a number of devices on a corporate network that use the username of 'admin' and the password of 'admin'. Which vulnerability describes this situation?

32 / 85

a company is implementing a public file-storage and cloud-based sharing service but does not want to build a separate authentication front-end. Instead, the company would like users to authenticate with an existing account on a trusted third-party website. Which of the following should the company implement?

33 / 85

A security administrator has created a new policy that prohibits the use of MD5 hashes due to collision problem. Which of the following describes the reason for this new policy?

34 / 85

A company is concerned their EDR solution will not be able to stop more advanced ransomware variants. Technicians have created a backup and restore utility that will get the most systems up and running less than an hour after an attack. What type of security control is associated with this restore process?

35 / 85

A security administrator has performed an audit of the organization's production web servers, and the results have identified banner information leakage, web services running from privileged account, and inconsistencies with SSL certificates. Which of the following would be the BEST way to resolve these issues?

36 / 85

Which of the following describes a monetary loss if one event occurs?

37 / 85

A user connects to a third-party website and receives this message:

Your connection is not private.

NET:ERR_CERT_INVALID

Which of the following attacks would be the MOST likely reason for this message?

38 / 85

An attacker has created amhy social media accounts and is posting information in an attempt to get the attention of the media. Which of the following would BEST describe this attack?

39 / 85

A user in the accounting department would like to send a spreadsheet with sensitive information to a list of third-party vendors. Which of the following could be used to transfer this spreadsheet to the vendors?

40 / 85

A recent security audit has discovered email addresses and passwords located in a packet capture. Which of the following did the audit identify?

41 / 85

A system administrator is implementing a password policy that would require letters, numbers, and special characters to be included in every password. Which of the following controls MUST be in place to enforce this password policy?

42 / 85

Sam, a user in the purchasing department, would like to send an email to Jack. Which of these should Sam use that would allow Jack to verify the sender of the email?

43 / 85

If a person is entering a data center facility, they must check-in before they are allowed to move further into the building. People who are leaving must be formally check-out before they are able to exit the building. Which of the following would BEST facilitate this process?

44 / 85

A company has decided to perform a disaster recovery exercise during an annual meeting with the IT directors and senior directors. A simulated disaster will be presented, and the participants will discuss the logistics and processes required to resolve the disaster. Which of the following would BEST describe this exercise?

45 / 85

A company has identified a compromised server, and the security team would like to know if an attacker has used this device to move between systems. Which of the following would be the BEST way to provide this information?

46 / 85

A system administrator has been called to a system that is suspected to have a malware infection. The administrator has removed the device from the network and has disconnected all USB flash drives. Which of these incident response steps is the administrator following?

47 / 85

a data breach has occurred in a large insurance company. A security administrator is building new servers and security systems to get all of the financials back online. Which part of the incident response process would BEST describe these actions?

48 / 85

A manufacturing company would like to use an existing router to separate a corporate network and a manufacturing floor that use the same physical switch. The company does not want to install any additional hardware. Which of the following would be the BEST choice for this segmentation?

49 / 85

A transportation company maintains a scheduling application and a database in a virtualized cloud-based environment. Which of the following would be the BEST way to backup these services?

50 / 85

A corporate security team would like to consolidate and protect the private keys across all of their web servers. Which of  these would be the BEST way to securly store these keys?

51 / 85

A company would like to protect the data stored on laptops used in the field. Which of the following would be the BEST choice for this requirement?

52 / 85

To upgrade an interanl application, the development team provides the operations teacm with a patch and instructions for backing up, patching, and reverting the patch if needed. The operations team schedules a date for the upgrade, informs the business divisions, and tests the upgrade process after completion. Which of the following describes this process?

53 / 85

A security administrator is researching the methods used by attackers to gain access to web servers. Which of the following would provide additional information about these techniques?

54 / 85

Which of the following would be the best way to describe the estimated number of laptops that might be stolen in a fiscal year?

55 / 85

The IT department of a transportation company maintains an on-site inventory of chassis-based network switch interface cards. If a failure occurs, the on-site technician can repolace the interface card and have the system running again in sixty minutes. Which of the following BEST describes this recovery metric?

56 / 85

 

A user with restricted access has typed this text in a serach field of an interanl web-based application:

USER77 or '1'='1

After submitting this search request, all of the database records are displayed on the screen. Which of the following would BEST describe this search?

57 / 85

A medical imaging company would like to connect all remote locations together with high-speed network links. The network connections must maintain high throughput rates and must always be available during working hours. In which of the following should these requirements be enforced with the network provider?

58 / 85

Which of these protocols use TLS to provide secure communication? (Select Two)

59 / 85

a system administrator is designing a data center for an insurance company's new public cloud and would like to restrict user access to sensitive data. Which of the the following would provide ongoing visibility, data security, and control of cloud-based applications?

60 / 85

Your company owns a purpose-built appliance that does not provide any access to the operating system and doesn't provide a method to upgrade the firmware. Which of the following describes this appliance?

61 / 85

Which of the following is true of a rainbow table? (Select TWO)

62 / 85

A security engineer is preparing to conduct a penetration test. Part of the preparation involves reading through social media posts for information about a third-party website. Which of the following descirbes this practice?

63 / 85

A security administrator has been using EAP-FAST wireless authentication since the migration from WEP to WPA2. The company's network team now needs to support additional authentication protocols inside of an encrypted tunnel. Which of the following would meet the network team's requirements?

64 / 85

Which of the following would be the BEST option for application testing in an environment that is completely separated from the production network?

65 / 85

When a home user connects to the corporate VPN, they are no longer able to print to their local network printer. Once the user disconnects from the VPN, the printer works normally. Which of the following would be the MOST likely reason for this issue?

66 / 85

Daniel, a system administrator, believes that certain configuration files on a Linux server have been modified from their original state. Daniel has reverted the configurations to their original state, but he would like to be notified if they are changed again. Which of the following would be the BEST way to provide this functionality?

67 / 85

A technology company is manufacturing military-grade radar tracking system that can instantly identify any nearby unmanned aerial vehicles (UAVs). The UAV detector must be able to instantly identify and react to a vehicle without delay. Which of the following would BEST describe this tracking system?

68 / 85

A security administrator has installed a new firewall to protect a web server VLAN. The application owner requires that all web server sessions communicate over an encrypted channel. Which of these rules should the security administrator include in the firewall rulebase? (Select TWO)

69 / 85

Which of these best describes two-factor authentication?

70 / 85

a user has opened a helpdesk ticket complaining of poor system performance, excessive pop-up messages, and the cursor moving without anyone touching the mouse. This issue began after they opened a spreadsheet from a vendor containing part numbers and pricing information. Which of the following is MOST likely the cause of this user's issues?

71 / 85

A company has signed an SLA with an Internet service provider. Which of the following would BEST describe the content of this SLA?

72 / 85

What kind of security control is associated with a login banner?

73 / 85

Which of the following would be the BEST way to protect credit card account information when performing real-time purchase authorizations?

74 / 85

a system administrator, Daniel, is working on a contract that will specify a minimum required uptime for a set of Internet-facing firewalls. Danial needs to know how often the firewall hardware is expected to fail between repairs. Which of the following would BEST describe this information?

75 / 85

A security manager believes that an employee is using their laptop to circumvent the corporate Internet security controls through the use of a cellular hotspot. Which of the the following could be used to validate this belief? (Select TWO)

76 / 85

Last month, a finance company disposed of seven-year old printed customer account summaries that were no longer required for auditing purposes. A recent onlince search has now found that images of these documents are available as downloadable torrents. Which of the following would MOST likely has prevented this information breach?

77 / 85

An application developer is creating a mobile device app that will include extensive encryption and decryption. Which of the following technologies would be the BEST choice for this app?

78 / 85

A network IPS has created this log entry:

Frame 4: 937 bytes on wire (7496 bits), 937 bytes captured

Ethernet II, SRC: HewlettP_82:d8:31, Dst: Cisco_a1:b0:d1

Internet Protocol Version 4, SRC: 172.16.22.7, Dst: 10.8.122.244

Transmission Control Protocol, Src Port: 3863, Dst Port: 1433

Application Data: SELECT * FROM users Where username='x' or 'x'='x' and password='x' or 'x'='x'

 

79 / 85

A member of the accounting team was out of the office for two weeks, and an important financial transfer was delayed until they returned. Which of the following would have prevented this delay?

80 / 85

A company has just purchased a new application server, and the security director wants to determine if the system is seeecure.  The system is currently install in a test environment and will not be available to users until the rollout to production next week. Which of the following would be the BEST way to determine if any part of the system can be exploited?

81 / 85

A financial services company is headquartered in an area with a high occurrence of tropical storms and hurricanes. Which of the following would be MOST important when restoring services disabled by a storm?

82 / 85

A security administrator is viewing the logs on a laptop in the shipping and receiving department and identifies these events:

8:55:30 AM | D:\Downloads\ChangeLog-5.0.4.scr | Quarantine Success
9:22:54 AM | C:\Program Files|Photo Viewer\ViewerBase.dll | Quaratine Failure
9:44:05 AM | C:\Sales\Sample32.dat | Quaratine Success

Which of the following would BEST describe the circumstances surrounding these events?

83 / 85

Vala, a security analyst, has received an alert from her IPS regarding active exploits attempts from the Internet. Which of the following would provide detailed information about these exploit attempts?

84 / 85

A hacker is planning an attack on a large corporation. Which of the following would provide the attacker with details about the company's domain names and IP addresses?

85 / 85

A company is deploying a new mobile application to all of its employees in the field. Some of the problems associated with this rollout include:

  • The company does not have a way to manage the mobile devices in the field
  • Company data on mobile devices in the field introduces additional risk
  • Team members have many different kinds of mobile devices

Which of the following deployment models would address these concerns?

Your score is