Security+ Practice Exam Free Check out our Security+ video and lab course here. You can buy our Security+ labs book on Amazon. Back to free exams page. 1. What type of attack involves the attacker inserting a client-side script into the web page?XSSWatering hole attackARP poisoning  SQL injectionQuestion 1 of 50 2. Which of the following best describes a zero-day attack?An attack that modifies the source address of the packetAn attack that changes the computer’s system date to 00/00/00An attack that never happens   An attack that uses an exploit that the product vendor is not aware of yetQuestion 2 of 50 3. Your manager has been hearing a lot about social-engineering attacks and wonders why such attacks are so effective. Which of the following identifies reasons why the attacks are so successful? (Choose three.)Authority DNS poisoningUrgencyBrute forceTrustQuestion 3 of 50 4. An attacker tricks a user into clicking a malicious link that causes an unwanted action on a web site the user is currently authenticated to. What type of exploit is this?Cross-site request forgeryCross-site scriptingReplayPass the hashQuestion 4 of 50 5. A user reports USB keyboard problems. You check the back of the computer to ensure that the keyboard is properly connected and notice a small connector between the keyboard and the computer USB port. After investigating, you learn that this piece of hardware captures everything a user types in. What type of hardware is this? SmartcardTrojanKeyloggerPS/2 converterQuestion 5 of 50 6. You have discovered that a driver’s license was mistakenly left on a scanner that was remotely compromised by a malicious user who scanned the document and used it to secure a bank loan. Further investigation reveals that the attacker identified vulnerabilities in the unpatched web application component built into the multifunction printer, which was revealed through web app error messages. Which terms best describe the nature of this attack? (Choose two.)Brute force Data exfiltrationIdentity theft Reputation lossQuestion 6 of 50 7. What should be done to help mitigate the threat of ransomware? (Choose two.)Modify packet-filtering firewall rules.Perform online backups. Conduct user awareness training. Use offline backups.Question 7 of 50 8.  A user complains that his system has suddenly become unresponsive and ads for various products and services are popping up on the screen and cannot be closed. Which user actions could have led to this undesirable behavior? (Choose all that apply.)Clicking a web search resultViewing a web pageWatching a move in AVI file format Inserting a USB flash driveQuestion 8 of 50 9. After installing a new piece of software from an online web site and then reviewing system logs, you notice that programs have been running without your consent. You also realize that files have been added and removed to the system at times when you were not using the computer. Which of the following items was most likely used to result in these logged messages?Remote access TrojanAdwareLogic bombBackdoorQuestion 9 of 50 10. The Stuxnet attack’s primary function is to hide its presence while reprogramming industrial computer systems such as programmable logic controllers (PLCs) within a SCADA IDS environment. The malware was spread through USB flash drives, where it transmits copies of itself to other hosts. To which of the following does Stuxnet relate? (Choose two.) Rootkit SpamWormAdwareQuestion 10 of 50 11. Which of the following should be part of the configuration management process? (Select three.)HSMDiagrams Standard naming conventionsIP schemaQuestion 11 of 50 12. Which of the following are core services provided by cloud computing? (Select three.)Self-service capabilityElasticityPay as you go Perpetual licensingQuestion 12 of 50 13. Your company is expanding, and your boss asks for your recommendation regarding assistance with security management of the network perimeter, day-to-day monitoring, and penetration testing and vulnerability assessments. What should you propose?Virtual sprawl avoidanceA transit gateway A thin clientAn MSSPQuestion 13 of 50 14. Your organization’s compute needs are relatively the same throughout the year except for the two months leading up to a holiday. The board of directors is interested in how the organization can handle this additional capacity for this time period without incurring unnecessary costs the rest of the year. Which of the following best describes the board’s request?ElasticityScriptingContinuous integrationScalabilityQuestion 14 of 50 15. Your organization’s development team wants to protect trade secrets and intellectual property. What should the team implement during the software development process to prevent software from being reverse engineered?NormalizationStored proceduresObfuscation and camouflageAutomation and scriptingQuestion 15 of 50 16. Which of the following measures the likelihood that an access system will wrongly accept an access attempt and allow access to an unauthorized user?FRRFARCERCACQuestion 16 of 50 17. Your organization stores sensitive medical data in the cloud. You must ensure that the data is not replicated outside of national boundaries for legal reasons. Which term best encompasses this scenario?Rights management API strategy  Zero trust  Data sovereigntyQuestion 17 of 50 18.  Users in your company use a VPN to connect to the corporate network. In terms of network placement, where should the VPN appliance be placed?Default VLAN  IntranetScreened subnetPublic cloudQuestion 18 of 50 19. You need to limit which devices can be active when plugged into a network switch port. What should you configure? Broadcast storm preventionMAC filteringBridging loop prevention  BPDU guardQuestion 19 of 50 20.   Your network intrusion detection system (NIDS) is configured to receive automatic updates for known malicious attacks. Which type of intrusion detection is used in this case?Anomaly-basedHeuristic-basedSignature-basedInlineQuestion 20 of 50 21. What is the term for disabling, deactivating, or deleting a user identity from the environment based on company policy when the user leaves the company?Least privilege IdPOnboardingOffboardingQuestion 21 of 50 22. Which of the following use SAML? (Select two.)Secure tokenOpenIDOAuthLDAPQuestion 22 of 50 23. What type of access control is often used in government systems, where resources and access are granted based on categorical assignments such as classified, secret, or top secret?Mandatory access control (MAC)Discretionary access control (DAC)Attribute-based access control (ABAC)Role-based access control (RBAC)Question 23 of 50 24.  Which of the following is a symmetric key–based authentication protocol that uses a key distribution center? TACACS+KerberosRADIUSHSMQuestion 24 of 50 25. Your organization has established a hierarchical PKI and deployed several CAs in the process. Which one of the following steps should your organization be sure to take? Take the root CA offline.Take all subordinate CAs offline. Take the root CA online. Take all subordinate CAs online with the exception of the intermediates.Question 25 of 50 26. Your organization has developed a custom application that requires a check for the validity of digital certificates even when the Internet is not available. Which of the following meets this requirement?CRLOCSPSANCPSQuestion 26 of 50 27. You need a fast, secure, and reliable multihomed network perimeter solution that is designed to prevent specific types of network traffic from entering your corporate network. Which solution should you deploy?Software firewall Virtual firewallHost-based firewallHardware firewallQuestion 27 of 50 28. Currently in your organization, on-premises user app access is limited based on their security clearance and the type of mobile device they are using. You would like to extend this configuration to the cloud. Which security service should be enabled?Unified threat managementCloud access security broker  DDoS mitigationWeb application firewallQuestion 28 of 50 29. Which type of cryptographic operation serves as a one-way function resulting in a unique value?HashingEncryption Data maskingTokenizationQuestion 29 of 50 30. You need to connect branch office networks securely over the Internet. Which type of VPN should you deploy?Always On VPNSplit tunnelSite-to-siteIPSecQuestion 30 of 50 31. While working on an insider trading case, you are asked to prove that an e-mail message is authentic and was sent to another employee. Which of the following should you consider? (Choose two.)Was the message digitally signed?Was the message encrypted?Are user public keys properly protected?Are user private keys properly protected?Question 31 of 50 32. You arrive at a scene where a computer must be seized as evidence. The computer is powered off and has an external USB hard drive plugged in. What should you do first? Thoroughly document the state of the equipment.Unplug the external USB hard drive.Turn on the computer.Place the computer in a Faraday bag.Question 32 of 50 33. You must analyze data on a digital camera’s internal memory. You plan to connect your forensic computer to the camera using a USB cable. What should you do to ensure that you do not modify data on the camera? Use a USB write-blocking device. Ensure that the camera is turned off.Flag all files on the camera as read-only.Log in with a non-administrative account on the forensic computer.Question 33 of 50 34. How can a forensic analyst benefit from analyzing metadata? (Choose three.)Microsoft Excel metadata can reveal your MAC address. JPEG metadata can reveal specific camera settings.Microsoft Word metadata can reveal the author name. PDF metadata can reveal the registered company name.Question 34 of 50 35. You are reviewing existing network security controls and need to get up to speed on current lateral movement attacks commonly used by malicious users. What should you consult? Mitre Att&ck COOP Cyber kill chainDiamond modelQuestion 35 of 50 36. A company executive complains that her online banking credentials no longer work. After further investigation, you determine that the user clicked a link in a fraudulent e-mail meant to deceive bank customers. Which type of attack occurred?PhishingHoaxTailgatingImpersonationQuestion 36 of 50 37. At 9:30 a.m., users report that network performance has been severely degraded since the workday began at 8 a.m. After network analysis and a quick discussion with your IT security team, you conclude that a worm virus has infected your network. What should you do to contain the damage? (Choose two.) Determine the severity of the security breach. Shut down Ethernet switches.Unplug SAN devices.Shut down all servers.Question 37 of 50 38. Which built-in Linux operating system tool can be used to create an exact copy of a disk volume for forensic analysis?memdumpAutopsyWinHexddQuestion 38 of 50 39. Which of the following items can enforce the RTO for a failed server?Communication planStakeholder managementCOOPDisaster recovery planQuestion 39 of 50 40. You need to review log files to determine whether network reconnaissance to learn of hostnames and IP addresses has occurred. Where will you most likely find this information? DNS server logDirectory server authentication logVoIP traffic logrsyslog configurationQuestion 40 of 50 41. Your legal consulting services company is headquartered in Berlin with a branch office in Paris. You are determining how to comply with applicable data privacy regulations. Which of the following security standards must your company comply with?GDPRPCI DSS HIPAAPIPEDAQuestion 41 of 50 42. Which of the following best illustrates potential security problems related to social media sites?Other users can easily see your IP address. Talkative employees can expose a company’s intellectual property. Malicious users can use your pictures for steganography.Your credit card number is easily stolen.Question 42 of 50 43. After a lengthy background check and interviewing process, your company hired a new payroll clerk named Tammy. Tammy will be using a web browser on a company computer at the office to access the payroll application on a public cloud provider web site over the Internet. Which type of document should Tammy read and sign?Internet acceptable use policy Password policyService level agreementRemote access acceptable use policyQuestion 43 of 50 44. Which of the following options best describe the proper use of PII? (Choose two.)Law enforcement tracking an Internet offender using a public IP addressDistributing an e-mail contact list to marketing firmsLogging into a secured laptop using a fingerprint scannerPracticing due diligenceQuestion 44 of 50 45. After identifying internal and external threats, you must determine how these potential risks will affect business operations. Which of the following terms best describes this?Risk analysisFault toleranceAvailabilityImpact analysisQuestion 45 of 50 46. You are an IT security consultant. A client conveys her concern to you regarding malicious Internet users gaining access to corporate resources. What type of assessment would you perform to determine this likelihood?Threat assessmentRisk analysisAsset identificationTotal cost of ownershipQuestion 46 of 50 47. You are an IT consultant performing a risk analysis for a seafood company. The client is concerned with specific cooking and packaging techniques the company uses being disclosed to competitors. What type of security concern is this?IntegrityConfidentialityAvailabilityAuthorizationQuestion 47 of 50 48. You are the network administrator for a legal firm. Users in Vancouver must be able to view trade secrets for patent submission. You have shared a network folder called Trade Secrets and allowed the following NTFS permissions: Vancouver_Staff: Read, List Folder Contents Executives: Write IT_Admins: Full ControlRegarding Vancouver staff, which principle is being adhered to?Job rotationLeast privilegeMandatory vacationsSeparation of dutiesQuestion 48 of 50 49. What is the primary purpose of enforcing a mandatory vacation policy?To adhere to government regulationTo ensure employees are refreshedTo enable other employees to experience other job rolesTo prevent improper activityQuestion 49 of 50 50. Which term best describes monies spent to minimize the impact that threats and unfavorable conditions have on a business? Risk managementSecurity auditBudgetary constraintsImpact analysisQuestion 50 of 50 Loading...
