CBT IT Certification Training

Unlimited IT Certification Courses via Streaming Video

Free Security+ Exam

Check out our Security+ video and lab course here.

You can buy our Security+ labs book on Amazon.

Back to free exams page.

1. Your manager, Wayne, is concerned about malicious users who might compromise servers and remain undetected for a period of time. What type of threat is Wayne concerned about?

Question 1 of 50

2. Which type of malicious users or groups attempt to promote a political or ideological view?

Question 2 of 50

3. Your organization has deployed mission-critical applications to a public cloud service provider (CSP) platform. The CSP recently disclosed a security flaw in the underlying network switches that was exploited by malicious users. The network switches were missing a firmware update that addressed security vulnerabilities. From your organization’s perspective, what is the source of this security issue?

Question 3 of 50

4. Which type of hacker has malicious intent and attempts to discover and exploit vulnerabilities?

Question 4 of 50

5. You are inspecting a user’s system after she has complained about slow Internet speeds. After analyzing the system, you notice that the default gateway in the ARP cache is referencing an unknown MAC address. What type of attack has occurred?

Question 5 of 50

6. Which of the following descriptions best describes a buffer overflow attack?

Question 6 of 50

7. You are analyzing web traffic in transit to your web server and you notice someone logging on with a username of Bob with a password of “pass’ or 1=1--”. Which of the following describes what is happening?

Question 7 of 50

8.  What type of attack involves the attacker sending too much data to a service or application that typically results in the attacker gaining administrative access to the system?

Question 8 of 50

9. As a network administrator, what should you do to help prevent buffer overflow attacks from occurring on your systems?

Question 9 of 50

10.  You receive many calls from customers stating that your web site seems to be slow in responding. You analyze the traffic and notice that you are receiving a number of malformed requests on that web server at a high rate. What type of attack is occurring?

Question 10 of 50

11. Which cryptographic operations use an asymmetric private key? (Choose two.)

Question 11 of 50

12. Your company provides remote word processing and spreadsheet file access using FTP. After a security audit, the findings suggest employing TLS to harden FTP access. Which protocol should you configure to address this concern?

Question 12 of 50

13. Which cryptographic technique is often referred to as “hiding in plain sight”?

Question 13 of 50

14. Which of the following RAID configurations can be configured with only two drives? (Select all that apply.)

Question 14 of 50

15. Which of the following are the most important constraints that need to be considered when implementing cryptography, particularly for embedded devices? (Select three.)

Question 15 of 50

16.  Which of the following are associated with critical infrastructure systems where segmentation from public networks should be strongly considered? (Select two.)

Question 16 of 50

17. The aerospace company you work for is developing a highly secret new component. The computers to develop the component need to be isolated to prevent connections to the outside world. Which of the following should you put in place to provide the most secure setup?

Question 17 of 50

18. Which of the following is a type of barricade used to prevent unauthorized vehicles from entering an area?

Question 18 of 50

19. You are exchanging secure emails with another user. You use a key to encrypt your outbound email, but then you are unable to decrypt the email you receive in return by using the same key you used to encrypt the outbound email. Which best explains what’s happening?

Question 19 of 50

20. Which statement is false?

Question 20 of 50

21. Which one of the following ports would block outgoing email?

Question 21 of 50

22. Why do vendors provide MD5 values for their software patches?

Question 22 of 50

23.  Which of the following is a white-box testing process for detecting bugs in the early stages of program development?

Question 23 of 50

24. You are consulting for an organization that has only ever required outbound Internet access. The organization now needs to deploy a web server for its customers (and it will maintain the web server) but is concerned about inbound access to the organization network. Which one of the following should you recommend?

Question 24 of 50

25. You are implementing server load balancing. In which configuration is the passive server promoted to active if the active server fails?

Question 25 of 50

26. Your users are all connected to a wireless access point using WPA2-PSK. Your manager wants you to confirm what cryptographic standard is being used. Which of the following is most likely?

Question 26 of 50

27. As you are deploying wireless authentication protocols, a request comes up to eliminate the need for client certificates. Which of the following requires a client certificate?

Question 27 of 50

28.  Which of the following enables the use of location services for applications on mobile devices?

Question 28 of 50

29. As more users are using mobile devices for work, you have been tasked with supporting the compliance team by ensuring that policies can be enforced. You also need remote management capabilities of the devices. Which of the following solutions should you consider?

Question 29 of 50

30. A user does not have an identity-based policy and requires access to a storage resource but is denied access. Which of the following do you need to do in order to allow him access?

Question 30 of 50

31. Your organization was recently the victim of a large-scale phishing attack. Your manager has tasked you with automating response to quickly notify users and, if feasible, automatically block outbound requests to the attacker’s web page. Which of the following will accomplish this goal?

Question 31 of 50

32. A security analyst identifies malware that is traced back to the IP address 93.184.216.34. Which one of the following tools might the security analyst use to determine if an active connection to that IP address still resides on the infected system?

Question 32 of 50

33. Which of the following stakeholders are typically notified first when a confirmed incident has occurred? (Select two.)

Question 33 of 50

34. Your administrators remotely access web servers in the DMZ only from the internal network over SSH. However, these servers have come under attack via SSH from the IP address 93.184.216.34. Which of the following should you do to stop this attack?

Question 34 of 50

35. While capturing network traffic, you notice an abnormally excessive number of outbound SMTP packets. To determine whether this is an incident that requires escalation or reporting, what else should you consult?

Question 35 of 50

36. Which of the following best visually illustrates the state of a running computer at the time it was seized by law enforcement?

Question 36 of 50

37. Which of the following are benefits of application allow lists? (Select two.)

Question 37 of 50

38. What type of evidence would be the most difficult for a perpetrator to forge?

Question 38 of 50

39. You are preparing to gather evidence from a cell phone. Which of the following is false?

Question 39 of 50

40. Robin works as a network technician at a stock brokerage firm. To test network forensic capturing software, she plugs her laptop into an Ethernet switch and begins capturing network traffic. During later analysis, she notices some broadcast and multicast packets as well as her own computer’s network traffic. Why was she unable to capture all network traffic on the switch?

Question 40 of 50

41. An organization is increasingly subject to compliance regulations and is making strong efforts to comply with them but is still concerned about issues that might occur. Management decides to buy insurance to help cover the costs of a potential breach. Which of the following risk response techniques is the organization using?

Question 41 of 50

42. Which of the following are the most compelling reasons that secure configuration baselines have been established? (Select three.)

Question 42 of 50

43. Which of the following legally binding controls should you consider in order to protect sensitive information from being improperly disclosed by a third-party vendor you are hiring for consulting work in the organization?

Question 43 of 50

44. You have been tasked with creating a corporate security policy regarding smart phone usage for business purposes. What should you do first?

Question 44 of 50

45. Your organization currently runs an operating system for which software developed after the end of last month may no longer work or even be installable. Which of the following best describes this milestone for the operating system?

Question 45 of 50

46. Which action will have the largest impact on mitigating against SQL injection attacks?

Question 46 of 50

47. A recent audit revealed that most of the organization is not properly handling sensitive data correctly. To address this shortcoming, your organization is implementing computer security awareness training. What type of control is this?

Question 47 of 50

48. Which of the following statements are true? (Choose two.)

Question 48 of 50

49. Which data classification type contains data that would have a severe impact to the organization were it exposed, that should not be broadly shared internally or externally, and that should be tightly controlled?

Question 49 of 50

50. Which of the following is the monetary loss that can be expected for an asset from risk over a year?

Question 50 of 50


 

content-filler