CBT IT Certification Training

Unlimited IT Certification Courses via Streaming Video

Login to this site requires ssl communication.
Click here to reload the page over ssl.

  • Lost your password?

  • Back to login
Loading
Login to this site requires ssl communication.
Click here to reload the page over ssl.

  • Lost your password?

  • Back to login
Loading
  • Home
  • Courses
        • Amazon
          • Solutions Architect
          • SysOps Associate
        • Career
          • How to Break into IT
          • IT Freelancing
          • Ace Your IT Exams
        • Cisco
          • CCNA Primer
          • CCNA Exam Coaching
          • CCNA
          • CCNA CyberOps
          • DevNet Associate
          • CCNP – ENARSI
          • CCNP ENCOR Primer
          • CCNP – ENCOR
          • CCST – Networking
        • Coding Academy
          • PhP Fundamentals
          • MySQL Fundamentals
          • Web Development
          • Python For Beginners
        • CompTIA
          • CASP+
          • Cloud Essentials
          • CySA+
          • Data+
          • Linux+
          • Network+
          • PenTest+
          • Project+
          • Security+
        • DevOps
          • DevOps Foundations
          • Docker Basics
        • EC Council
          • Certified Ethical Hacker
        • Google
          • Cloud Architect
        • ITIL
          • ITIL Foundations
        • PMI
          • CAPM
        • ISC2
          • SSCP
        • Juniper
          • JNCIA-Junos
          • JNCIA-SEC
          • JNCIS-ENT
          • JNCIS-SEC
        • Linux
          • CompTIA Linux+
          • Linux LPI Essentials
          • Linux LPIC-1
          • Linux LPIC-2
          • Linux LPIC-3 Security
          • Red Hat RHCSA
        • Microsoft
          • Microsoft SQL Server
          • Windows 10
          • Windows Server 2016
          • Microsoft Security
          • Azure Fundamentals
          • Azure Administrator
          • Azure Developer
        • Python
          • PCEP
          • PCAP
        • TCP-IP
          • IP Subnetting
          • IPv6 Associate
          • IPv6 Professional
          • IPv6 Expert
        • VMware
          • VCA Data Center
        • Wireless
          • CWNA
          • CWSP
        • Wireshark
          • WCNA
  • Racks
    • GNS3 VM – Virtual Cisco Rack
    • Live Cisco Racks
  • Tour
  • Blog
  • Join
  • Join
  • Free IT Training
    • Free CCNA Study and Lab Guide
    • CCNA Security Study and Lab Guide
    • CompTIA Network+ Study Guide
    • CompTIA Security+ Study Guide
    • Network Design Workbook
    • Free IT Webinars
    • Free IT Exams
    • Free Labs
  • Meet the Trainers
  • Help
    • Helpdesk
    • FAQ
    • Contact Us
    • Privacy
    • Meet the Trainers
  • Products
    • IT Study Guides
  • Start $1 Trial
  • Login
  • Members
    • Account
    • Exam Coaching
    • Exams
    • Forum
    • Live Cisco Rack Training
    • Members Training
    • Member Bonuses
    • My Courses
    • Nuggets
  • Home
  • Courses
        • Amazon
          • Solutions Architect
          • SysOps Associate
        • Career
          • How to Break into IT
          • IT Freelancing
          • Ace Your IT Exams
        • Cisco
          • CCNA Primer
          • CCNA Exam Coaching
          • CCNA
          • CCNA CyberOps
          • DevNet Associate
          • CCNP – ENARSI
          • CCNP ENCOR Primer
          • CCNP – ENCOR
          • CCST – Networking
        • Coding Academy
          • PhP Fundamentals
          • MySQL Fundamentals
          • Web Development
          • Python For Beginners
        • CompTIA
          • CASP+
          • Cloud Essentials
          • CySA+
          • Data+
          • Linux+
          • Network+
          • PenTest+
          • Project+
          • Security+
        • DevOps
          • DevOps Foundations
          • Docker Basics
        • EC Council
          • Certified Ethical Hacker
        • Google
          • Cloud Architect
        • ITIL
          • ITIL Foundations
        • PMI
          • CAPM
        • ISC2
          • SSCP
        • Juniper
          • JNCIA-Junos
          • JNCIA-SEC
          • JNCIS-ENT
          • JNCIS-SEC
        • Linux
          • CompTIA Linux+
          • Linux LPI Essentials
          • Linux LPIC-1
          • Linux LPIC-2
          • Linux LPIC-3 Security
          • Red Hat RHCSA
        • Microsoft
          • Microsoft SQL Server
          • Windows 10
          • Windows Server 2016
          • Microsoft Security
          • Azure Fundamentals
          • Azure Administrator
          • Azure Developer
        • Python
          • PCEP
          • PCAP
        • TCP-IP
          • IP Subnetting
          • IPv6 Associate
          • IPv6 Professional
          • IPv6 Expert
        • VMware
          • VCA Data Center
        • Wireless
          • CWNA
          • CWSP
        • Wireshark
          • WCNA
  • Racks
    • GNS3 VM – Virtual Cisco Rack
    • Live Cisco Racks
  • Tour
  • Blog
  • Join
  • Join
  • Free IT Training
    • Free CCNA Study and Lab Guide
    • CCNA Security Study and Lab Guide
    • CompTIA Network+ Study Guide
    • CompTIA Security+ Study Guide
    • Network Design Workbook
    • Free IT Webinars
    • Free IT Exams
    • Free Labs
  • Meet the Trainers
  • Help
    • Helpdesk
    • FAQ
    • Contact Us
    • Privacy
    • Meet the Trainers
  • Products
    • IT Study Guides
  • Start $1 Trial
  • Login
  • Members
    • Account
    • Exam Coaching
    • Exams
    • Forum
    • Live Cisco Rack Training
    • Members Training
    • Member Bonuses
    • My Courses
    • Nuggets

Free Security+ Practice Test

Check out our Security+ video and lab course here.

You can buy our Security+ labs book on Amazon.

Back to free exams page.

loading

1. You need to manage cloud-based Windows virtual machines (VMs) from your on-premises network. Which option presents the most secure remote management solution?

Question 1 of 50

2. Say that you work for a cloud service provider. Prior to signing off on a purchase order for a new security cloud service, a prospective customer wants to understand the nature of what you are providing and what levels of service in regard to performance and uptime your service offers. What should you provide the prospective customer?

Question 2 of 50

3. Your organization is looking to move the internally developed and managed HR system to a SaaS vendor. Which of the following should you request from the vendor?

Question 3 of 50

4. An organization is increasingly subject to compliance regulations and is making strong efforts to comply with them but is still concerned about issues that might occur. Management decides to buy insurance to help cover the costs of a potential breach. Which of the following risk response techniques is the organization using?

Question 4 of 50

5. You are planning the secure management of servers and network infrastructure devices on your corporate LAN. Which design will best protect these devices from RDP and SSH attacks?

Question 5 of 50

6. Which of the following are the most compelling reasons that secure configuration baselines have been established? (Select three.)

Question 6 of 50

7. Which of the following legally binding controls should you consider in order to protect sensitive information from being improperly disclosed by a third-party vendor you are hiring for consulting work in the organization?

Question 7 of 50

8. Which one of the following is responsible for implementing the data classification and security controls?

Question 8 of 50

9. Your online retail business accepts PayPal and credit card payments. You need to ensure that your company is compliant with the relevant security standards. Which payment security standard should you focus on?

Question 9 of 50

10. You have been tasked with creating a corporate security policy regarding smart phone usage for business purposes. What should you do first?

Question 10 of 50

11. Your organization currently runs an operating system for which software developed after the end of last month may no longer work or even be installable. Which of the following best describes this milestone for the operating system?

Question 11 of 50

12. Which of the following equations best represents the proper assessment of exposure to danger?

Question 12 of 50

13. Which action will have the largest impact on mitigating against SQL injection attacks?

Question 13 of 50

14. You have been hired to review security controls for a medical practice in rural Tennessee. Which of the following data privacy frameworks must the medical practice be compliant with?

Question 14 of 50

15. Your manager needs to know, for budgetary purposes, the average life span for each of the firewall appliances. Which of the following should you provide?

Question 15 of 50

16. A recent audit revealed that most of the organization is not properly handling sensitive data correctly. To address this shortcoming, your organization is implementing computer security awareness training. What type of control is this?

Question 16 of 50

17. Which of the following are examples of PII? (Choose two.)

Question 17 of 50

18. Which of the following statements are true? (Choose two.)

Question 18 of 50

19. When determining how best to mitigate risk, which items should you consider? (Choose two.)

Question 19 of 50

20. Which data classification type contains data that would have a severe impact to the organization were it exposed, that should not be broadly shared internally or externally, and that should be tightly controlled?

Question 20 of 50

21. During customer support calls, customer service representatives periodically pull up customer details on their screens, including credit card numbers. What should be enabled to prevent the disclosure of credit card numbers?

Question 21 of 50

22. Which of the following is the monetary loss that can be expected for an asset from risk over a year?

Question 22 of 50

23. The Accounts Payable department notices large out-of-country purchases made using a corporate credit card. After discussing the matter with Juan, the employee whose name is on the credit card, they realize that somebody has illegally obtained the credit card details. You also learn that Juan recently received an e-mail from what appeared to be the credit card company asking him to sign in to their web site to validate his account, which he did. How could this have been avoided?

Question 23 of 50

24. Your organization uses the private and public labels to classify data, as the internal security policy details how data should be protected based on the classification label. The decision was made to add an additional “proprietary” label. Which is the most likely reason this was done?

Question 24 of 50

25. Which of the following are functional control types? (Select three.)

Question 25 of 50

26. Christine is the server administrator for your organization. Her manager provided step-by-step security policies outlining how servers should be configured to maximize security. Which type of security policy will Christine be implementing?

Question 26 of 50

27. Which of the following is an example of PHI?

Question 27 of 50

28. Your company has decided to adopt a public cloud device management solution whereby all devices are centrally managed from a web site hosted on servers in a data center. Management has instructed you to ensure that the solution is reliable and always available. Which type of document should you focus on?

Question 28 of 50

29. Your legal consulting services company is headquartered in Berlin with a branch office in Paris. You are determining how to comply with applicable data privacy regulations. Which of the following security standards must your company comply with?

Question 29 of 50

30. You are a file server administrator for a health organization. Management has asked you to configure your servers appropriately to classify files containing unique manufacturing processes. What is an appropriate data classification for these types of files?

Question 30 of 50

31. Which of the following best illustrates potential security problems related to social media sites?

Question 31 of 50

32. You are configuring a password policy for users in the Berlin office. Passwords must be changed every 60 days. You must ensure that user passwords cannot be changed more than once within the 60-day interval. What should you configure?

Question 32 of 50

33. After a lengthy background check and interviewing process, your company hired a new payroll clerk named Tammy. Tammy will be using a web browser on a company computer at the office to access the payroll application on a public cloud provider web site over the Internet. Which type of document should Tammy read and sign?

Question 33 of 50

34. As the IT security officer, you establish a security policy requiring that users protect all paper documents so that sensitive client, vendor, or company data is not stolen. What type of policy is this?

Question 34 of 50

35. Which of the following options best describe the proper use of PII? (Choose two.)

Question 35 of 50

36. After identifying internal and external threats, you must determine how these potential risks will affect business operations. Which of the following terms best describes this?

Question 36 of 50

37. You are listing preventative measures for potential risks. Which of the following would you document? (Choose three.)

Question 37 of 50

38. You are identifying security threats to determine the likelihood of virus infection. Identify potential sources of infection. (Choose two.)

Question 38 of 50

39. You are an IT security consultant. A client conveys her concern to you regarding malicious Internet users gaining access to corporate resources. What type of assessment would you perform to determine this likelihood?

Question 39 of 50

40. You are responsible for ensuring that all company IT-related equipment and data are inventoried and given a value. Which term best describes this activity?

Question 40 of 50

41. You are an IT consultant performing a risk analysis for a seafood company. The client is concerned with specific cooking and packaging techniques the company uses being disclosed to competitors. What type of security concern is this?

Question 41 of 50

42. Margaret, the head of HR, conducts an exit interview with a departing IT server technician named Irving. The interview encompasses Irving’s view of the organization, such as the benefits of the job he held and suggestions of improvements that could be made. Which of the following issues should also be addressed in the exit interview? (Choose two.)

Question 42 of 50

43. You are the network administrator for a legal firm. Users in Vancouver must be able to view trade secrets for patent submission. You have shared a network folder called Trade Secrets and allowed the following NTFS permissions:

Vancouver_Staff: Read, List Folder Contents
Executives: Write
IT_Admins: Full Control
Regarding Vancouver staff, which principle is being adhered to?

Question 43 of 50

44. Which of the following is true regarding qualitative risk analysis?

Question 44 of 50

45. What is the primary purpose of enforcing a mandatory vacation policy?

Question 45 of 50

46. Your company restricts firewall administrators from modifying firewall rules unless they make the modifications with a member of the IT security team. What is this an example of?

Question 46 of 50

47. During a risk analysis meeting, you are asked to specify internal threats being considered. Which item is not considered an internal threat?

Question 47 of 50

48. Which values must be calculated to derive annual loss expectancy? (Choose two.)

Question 48 of 50

49. Which term best describes monies spent to minimize the impact that threats and unfavorable conditions have on a business?

Question 49 of 50

50. An insurance company charges an additional $200 monthly premium for natural disaster coverage for your business site. What figure must you compare this against to determine whether to accept this additional coverage?

Question 50 of 50

Loading... Loading...

 

content-filler

ABOUT US

This site has been created to help you make the best out of your IT career. Whether you are trying to get your first job, get promoted, or start your own IT business, we have a course for you.

MOST POPULAR

  • Account
  • Forum
  • Live Cisco Rack Training
  • Members Training
  • Member Bonuses
  • My Courses

Members

  • Account
  • Forum
  • Live Cisco Rack Training
  • Members Training
  • Member Bonuses
  • My Courses

Newsletter

Subscription Form

Secure Site

website security secure

Copyright Reality Press Ltd . / Paul Browning

Insert/edit link

Enter the destination URL

Or link to existing content

    No search term specified. Showing recent items. Search or use up and down arrow keys to select an item.