Free Security+ Exam Check out our Security+ video and lab course here. You can buy our Security+ labs book on Amazon. Back to free exams page. 1. Your manager, Wayne, is concerned about malicious users who might compromise servers and remain undetected for a period of time. What type of threat is Wayne concerned about?Insider threatHacktivistAdvanced persistent threat State actorQuestion 1 of 50 2. Which type of malicious users or groups attempt to promote a political or ideological view?HacktivistAdvanced persistent threatState actorInsider threatQuestion 2 of 50 3. Your organization has deployed mission-critical applications to a public cloud service provider (CSP) platform. The CSP recently disclosed a security flaw in the underlying network switches that was exploited by malicious users. The network switches were missing a firmware update that addressed security vulnerabilities. From your organization’s perspective, what is the source of this security issue?Update managementNetwork switch vendorCSP organizational security policiesSupply chainQuestion 3 of 50 4. Which type of hacker has malicious intent and attempts to discover and exploit vulnerabilities?AuthorizedRed hatSemi-authorizedUnauthorizedQuestion 4 of 50 5. You are inspecting a user’s system after she has complained about slow Internet speeds. After analyzing the system, you notice that the default gateway in the ARP cache is referencing an unknown MAC address. What type of attack has occurred?Brute forceDNS poisoningBuffer overflowARP poisoningQuestion 5 of 50 6. Which of the following descriptions best describes a buffer overflow attack? Injecting database code into a web pageUsing a dictionary file to crack passwordsending too much data to an application that then enables the attacker to run arbitrary codeAltering the source address of a packetQuestion 6 of 50 7. You are analyzing web traffic in transit to your web server and you notice someone logging on with a username of Bob with a password of “pass’ or 1=1--”. Which of the following describes what is happening?XML injectionSQL injection attackLDAP injectionDenial of serviceQuestion 7 of 50 8. What type of attack involves the attacker sending too much data to a service or application that typically results in the attacker gaining administrative access to the system? Birthday attack Typosquatting/URL hijackingEavesdrop Buffer overflowQuestion 8 of 50 9. As a network administrator, what should you do to help prevent buffer overflow attacks from occurring on your systems?Static ARP entriesAntivirus softwarePhysical securityPatchingQuestion 9 of 50 10. You receive many calls from customers stating that your web site seems to be slow in responding. You analyze the traffic and notice that you are receiving a number of malformed requests on that web server at a high rate. What type of attack is occurring?EavesdropDenial of service Man-in-the-middleSocial engineerQuestion 10 of 50 11. Which cryptographic operations use an asymmetric private key? (Choose two.)Creating a digital signature Verifying a digital signatureEncrypting a message Decrypting messagesQuestion 11 of 50 12. Your company provides remote word processing and spreadsheet file access using FTP. After a security audit, the findings suggest employing TLS to harden FTP access. Which protocol should you configure to address this concern?SFTPFTPSSNMPv3HTTPSQuestion 12 of 50 13. Which cryptographic technique is often referred to as “hiding in plain sight”?EntropyQuantum computingHashingSteganographyQuestion 13 of 50 14. Which of the following RAID configurations can be configured with only two drives? (Select all that apply.) Raid 0 Raid 1 Raid 3 Raid 5Question 14 of 50 15. Which of the following are the most important constraints that need to be considered when implementing cryptography, particularly for embedded devices? (Select three.)SecurityTimePerformancePowerQuestion 15 of 50 16. Which of the following are associated with critical infrastructure systems where segmentation from public networks should be strongly considered? (Select two.)SCADAIoTICSNISTQuestion 16 of 50 17. The aerospace company you work for is developing a highly secret new component. The computers to develop the component need to be isolated to prevent connections to the outside world. Which of the following should you put in place to provide the most secure setup?FirewallAir gapHot and cold aislesPulverized networkQuestion 17 of 50 18. Which of the following is a type of barricade used to prevent unauthorized vehicles from entering an area?Screened subnet Faraday cageSIPRNETBollardQuestion 18 of 50 19. You are exchanging secure emails with another user. You use a key to encrypt your outbound email, but then you are unable to decrypt the email you receive in return by using the same key you used to encrypt the outbound email. Which best explains what’s happening?Email clients do not support cryptography.Asymmetric cryptography is being used.You are using a stream cipher.You are using a block cipher.Question 19 of 50 20. Which statement is false?Symmetric key algorithms use the same private key to encrypt and decrypt.Symmetric key algorithms are often referred to as public key algorithms.ECC is an example of an asymmetric public key cryptosystem. Symmetric key algorithms are typically faster than asymmetric systems.Question 20 of 50 21. Which one of the following ports would block outgoing email?2511044322Question 21 of 50 22. Why do vendors provide MD5 values for their software patches?To provide the necessary key for patch activationTo allow the downloader to verify the authenticity of the site providing the patchTo ensure that auto-updates are enabled for subsequent patch releases To allow the recipient to verify the integrity of the patch prior to installationQuestion 22 of 50 23. Which of the following is a white-box testing process for detecting bugs in the early stages of program development?Dynamic analysis Static analysisFuzzingSandboxingQuestion 23 of 50 24. You are consulting for an organization that has only ever required outbound Internet access. The organization now needs to deploy a web server for its customers (and it will maintain the web server) but is concerned about inbound access to the organization network. Which one of the following should you recommend?VLANVPNLoad balancerScreened subnetQuestion 24 of 50 25. You are implementing server load balancing. In which configuration is the passive server promoted to active if the active server fails?Active/active Round-robinWeighted round-robinActive/passiveQuestion 25 of 50 26. Your users are all connected to a wireless access point using WPA2-PSK. Your manager wants you to confirm what cryptographic standard is being used. Which of the following is most likely?AESDESMD5 WEPQuestion 26 of 50 27. As you are deploying wireless authentication protocols, a request comes up to eliminate the need for client certificates. Which of the following requires a client certificate?EAP-TLSPEAPEAP-TTLSEAP-FASTQuestion 27 of 50 28. Which of the following enables the use of location services for applications on mobile devices? BYODGPSMMSOTAQuestion 28 of 50 29. As more users are using mobile devices for work, you have been tasked with supporting the compliance team by ensuring that policies can be enforced. You also need remote management capabilities of the devices. Which of the following solutions should you consider?GPSMDMOTPPINQuestion 29 of 50 30. A user does not have an identity-based policy and requires access to a storage resource but is denied access. Which of the following do you need to do in order to allow him access?Assign an identity-based policy to the user to allow accessAssign an override for any deny attribute in the identity-based policyRemove the deny from the resource-based policyChange the deny to an allow permission on the resource-based policyQuestion 30 of 50 31. Your organization was recently the victim of a large-scale phishing attack. Your manager has tasked you with automating response to quickly notify users and, if feasible, automatically block outbound requests to the attacker’s web page. Which of the following will accomplish this goal?Email the users to warn them of the phishing attack Update URL filters to block the site the phishing attack points to Email the users to warn them of the phishing attack and send an email to the security administrator to have him configure a URL filter to block the site that the phishing attack points toImplement SOAR or workflows to trigger emails to users and to use threat intelligence to automatically configure URL filters to block the attacker’s siteQuestion 31 of 50 32. A security analyst identifies malware that is traced back to the IP address 93.184.216.34. Which one of the following tools might the security analyst use to determine if an active connection to that IP address still resides on the infected system?tracertpingnetstatnslookupQuestion 32 of 50 33. Which of the following stakeholders are typically notified first when a confirmed incident has occurred? (Select two.)PressCISOEnd usersLegalQuestion 33 of 50 34. Your administrators remotely access web servers in the DMZ only from the internal network over SSH. However, these servers have come under attack via SSH from the IP address 93.184.216.34. Which of the following should you do to stop this attack?Configure a rule to block outbound SSH requests to 93.184.216.34 Shut down the SSH service on all web serversAdd a rule to block inbound requests on port 22Add a rule to block port 21 inbound requests from 93.184.216.34Question 34 of 50 35. While capturing network traffic, you notice an abnormally excessive number of outbound SMTP packets. To determine whether this is an incident that requires escalation or reporting, what else should you consult?The contents of your inboxThe web server logThe mail server documentationThe mail server logQuestion 35 of 50 36. Which of the following best visually illustrates the state of a running computer at the time it was seized by law enforcement?Digital photograph of the screenVisio network diagramSteganographyDigital photograph of the motherboardQuestion 36 of 50 37. Which of the following are benefits of application allow lists? (Select two.)Prevents users and attackers from executing unauthorized applicationsAllows end users to freely use any application that has not been explicitly deniedAllows organizations to maintain strict control over applications employees can useBlocks specific applications from being executedQuestion 37 of 50 38. What type of evidence would be the most difficult for a perpetrator to forge?Cell phone SIM cardMAC addressIP addressDocuments on a USB flash driveQuestion 38 of 50 39. You are preparing to gather evidence from a cell phone. Which of the following is false?GSM mobile devices use SIM cards.CDMA mobile devices do not use SIM cards. CDMA phones store user data directly on the mobile device. GSM mobile devices do not use SIM cards.Question 39 of 50 40. Robin works as a network technician at a stock brokerage firm. To test network forensic capturing software, she plugs her laptop into an Ethernet switch and begins capturing network traffic. During later analysis, she notices some broadcast and multicast packets as well as her own computer’s network traffic. Why was she unable to capture all network traffic on the switch?Each switch port is an isolated collision domain.She must enable promiscuous mode on her NIC.She must disable promiscuous mode on her NIC. Each switch port is an isolated broadcast domain.Question 40 of 50 41. An organization is increasingly subject to compliance regulations and is making strong efforts to comply with them but is still concerned about issues that might occur. Management decides to buy insurance to help cover the costs of a potential breach. Which of the following risk response techniques is the organization using?AvoidanceTransferenceAcceptanceMitigationQuestion 41 of 50 42. Which of the following are the most compelling reasons that secure configuration baselines have been established? (Select three.)Industry representativesOrganizational requestsGovernment mandatesRegulatory bodiesQuestion 42 of 50 43. Which of the following legally binding controls should you consider in order to protect sensitive information from being improperly disclosed by a third-party vendor you are hiring for consulting work in the organization?DLPSOPSeparation of dutiesNDAQuestion 43 of 50 44. You have been tasked with creating a corporate security policy regarding smart phone usage for business purposes. What should you do first?Issue smart phones to all employees.Obtain support from management.Get a legal opinion.Create the first draft of the policy.Question 44 of 50 45. Your organization currently runs an operating system for which software developed after the end of last month may no longer work or even be installable. Which of the following best describes this milestone for the operating system?ISAEOLNDAMOUQuestion 45 of 50 46. Which action will have the largest impact on mitigating against SQL injection attacks? Enable HTTPSChange default web server settingsEnable input validationApply web server host OS updatesQuestion 46 of 50 47. A recent audit revealed that most of the organization is not properly handling sensitive data correctly. To address this shortcoming, your organization is implementing computer security awareness training. What type of control is this?LogicalAdministrativeDetectivePhysicalQuestion 47 of 50 48. Which of the following statements are true? (Choose two.)Security labels are used for data classifications, such as restricted and top secret. PII is applicable only to biometric authentication devices.PII is applicable only to biometric authentication devices.Forcing user password changes is considered change management.Question 48 of 50 49. Which data classification type contains data that would have a severe impact to the organization were it exposed, that should not be broadly shared internally or externally, and that should be tightly controlled?PublicProprietaryConfidentialSensitiveQuestion 49 of 50 50. Which of the following is the monetary loss that can be expected for an asset from risk over a year?ALESLEAROBIAQuestion 50 of 50 Loading...