CompTIA Security+ (SY0-401) Practice Questions

Question 1
During a recent audit, it was discovered that many servers and desktops were missing security patches. Which of the following BEST describes the assessment that was performed to discover this issue?

A. Network mapping
​B. Vulnerability scan
​C. Port scan
D. Protocol analysis


Question 2
A system administrator must configure the company’s authentication system to ensure that users will be unable to reuse the last ten passwords within a six months period. Which of the following settings must be configured? (Select TWO).

A. Minimum password age
​B. Password complexity
​C. Password history
D. Minimum password length
E. Multi-factor authentication
F. Do not store passwords with reversible encryption


Question 3
Which of the following helps to establish an accurate timeline for a network intrusion?

A. Hashing images of compromised systems
​B. Reviewing the date of the antivirus definition files
​C. Analyzing network traffic and device logs
D. Enforcing DLP controls at the perimeter


Question 4
Which of the following internal security controls is aimed at preventing two system administrators from completing the same tasks?

A. Least Privilege
​B. Separation of Duties
​C. Mandatory Vacation
D. Security Policy


Question 5
Which of the following is the BEST reason for placing a password lock on a mobile device?

A. Prevents an unauthorized user from accessing owner’s data
​B. Enables remote wipe capabilities
​C. Stops an unauthorized user from using the device again
D. Prevents an unauthorized user from making phone calls


Question 6
A company would like to take electronic orders from a partner; however, they are concerned that a non-authorized person may send an order. The legal department asks if there is a solution that provides non-repudiation. Which of the following would meet the requirements of this scenario?

A. Encryption
​B. Digital signatures
​C. Steganography
D. Hashing
E. Perfect forward secrecy


Question 7
A company has had their web application become unavailable several times in the past few months due to increased demand. Which of the following should the company perform to increase availability?

A. Implement a web application firewall to prevent DDoS attacks
​B. Configure the firewall to work with the IPS to rate limit customer requests
​C. Implement a load balancer to distribute traffic based on back end server utilization
D. Configure the web server to detect race conditions and automatically restart the web services


Question 8
A security administrator is auditing a database server to ensure the correct security measures are in place to protect the data. Some of the fields consist of people’s first name, last name, home address, date of birth and mothers last name. Which of the following describes this type of data?

A. PII
​B. PCI
​C. Low
D. Public


Question 9
Which of the following would be MOST appropriate if an organization’s requirements mandate complete control over the data and applications stored in the cloud?

A. Hybrid cloud
​B. Community cloud
​C. Private cloud
D. Public cloud


Question 10
Ann is an employee in the accounting department and would like to work on files from her home computer. She recently heard about a new personal cloud storage service with an easy web interface. Before uploading her work related files into the cloud for access, which of the following is the MOST important security concern Ann should be aware of?

A. Size of the files
​B. Availability of the files
​C. Accessibility of the files from her mobile device
D. Sensitivity of the files


Question 11
Which of the following attacks involves the use of previously captured network traffic?

A. Replay
​B. Smurf
​C. Vishing
D. DDoS


Question 12
A company has recently allowed employees to take advantage of BYOD by installing WAPs throughout the corporate office. An employee, Joe, has recently begun to view inappropriate material at work using his personal laptop. When confronted, Joe indicated that he was never told that he could not view that type of material on his personal laptop. Which of the following should the company have employees acknowledge before allowing them to access the corporate WLAN with their personal devices?

A. Privacy Policy
​B. Security Policy
​C. Consent to Monitoring Policy
D. Acceptable Use Policy


Question 13
Which of the following solutions provides the most flexibility when testing new security controls prior to implementation?

A. Trusted OS
​B. Host software baselining
​C. OS hardening
D. Virtualization


Question 14
Ann, a college professor, was recently reprimanded for posting disparaging remarks regarding her coworkers on a web site. Ann stated that she was not aware that the public was able to view her remarks. Which of the following security-related trainings could have made Ann aware of the repercussions of her actions?

A. Data labeling and disposal
​B. Use of social networking
​C. Use of P2P networking
D. Role-based training


Question 15
Given the following set of firewall rules:

From inside to outside allow source any destination any port any
From inside to dmz allow source any destination any port tcp-80
From inside to dmz allow source any destination any port tcp-443

Which of the following would prevent FTP traffic from reaching a server in the DMZ from the inside network?

A. Implicit deny
​B. Policy routing
​C. Port forwarding
D. Fowarding proxy


Question 16
In order to gain an understanding of the latest attack tools being used in the wild, an administrator puts a Unix server on the network with the “root” user’s password set to “root.” Which of the following BEST describes this technique?

A. Pharming
​B. Honeypot
​C. Gray box testing
D. Phishing


Question 17
A user is unable to login after 5 p.m. to complete a financial report. The user calls the help desk to report the issue. A technician verifies that the user’s credentials are valid, and the user account is enabled. Which of the following is causing this issue?

A. Separation of duties
​B. Multifactor authentication
​C. Rule-based access control
D. Least privilege


Question 18
A wireless site survey has been performed at a company. One of the results of the report is that the wireless signal extends too far outside of the building. Which of the following security issues could occur as a result of this finding?

A. Excessive wireless access coverage
​B. Interference with nearby access points
​C. Exhaustion of DHCP address pool
D. Unauthorized wireless access


Question 19
During a code review, a software developer discovers a security risk that may result in hundreds of hours of rework. The security team has classified this issue as low risk. Executive management has decided that the code will not be rewritten. This is an example of:

A. risk avoidance.
​B. risk transference.
​C. risk mitigation.
​D. risk acceptance.


Question 20
A security architect is designing an enterprise solution for the sales force of a corporation which handles sensitive customer data. The solution must allow users to work from remote offices and support traveling users. Which of the following is the MOST appropriate control for the architect to focus on to ensure confidentiality of data stored on laptops?

A. Full-disk encryption
​B. Digital signatures
​C. Federated identity management
D. Cable locks


Question 21
Which of the following works by implanting software on systems but delays execution until a specific set of conditions is met?

A. Logic bomb
​B. Trojan
​C. Scareware
D. Ransomware


Question 22
An attacker wearing a building maintenance uniform approached a company’s receptionist asking for access to a secure area. The receptionist asks for identification, a building access badge, and checks the company’s list of approved maintenance personnel prior to granting physical access to the secure area. The controls used by the receptionist are in place to prevent which of the following types of attacks?

A. Tailgating
​B. Shoulder surfing
​C. Impersonation
D. Hoax


Question 23
During a recent audit, it was discovered that several user accounts belonging to former employees were still active and had valid VPN permissions. Which of the following would help reduce the amount of risk the organization incurs in this situation in the future?

A. Time-of-day restrictions
​B. User access reviews
​C. Group-based privileges
D. Change management policies


Question 24
A technician reports a suspicious individual is seen walking around the corporate campus. The individual is holding a smartphone and pointing a small antenna, in order to collect SSIDs. Which of the following attacks is occurring?

A. Rogue AP
​B. Evil twin
​C. Man-in-the-middle
D. War driving


Question 25
A security director has contracted an outside testing company to evaluate the security of a newly developed application. None of the parameters or internal workings of the application have been provided to the testing company prior to the start of testing. The testing company will be using:

A. gray box testing.
​B. active control testing.
​C. white box testing.
D. black box testing.


Security+ (SY0-401) Answer Key

Question 1) ​B. Vulnerability scan

Question 2) A. Minimum password age and ​C. Password history

Question 3) C. Analyzing network traffic and device logs

Question 4) ​B. Separation of Duties

Question 5) A. Prevents an unauthorized user from accessing owner’s data

Question 6) B. Digital signatures

Question 7) C. Implement a load balancer to distribute traffic based on back end server utilization

Question 8) A. PII

Question 9) ​C. Private cloud

Question 10) D. Sensitivity of the files

Question 11) A. Replay

Question 12) D. Acceptable Use Policy

Question 13) D. Virtualization

Question 14) ​B. Use of social networking

Question 15) A. Implicit deny

Question 16) B. Honeypot

Question 17) ​C. Rule-based access control

Question 18) D. Unauthorized wireless access

Question 19) D. risk acceptance

Question 20) A. Full-disk encryption

Question 21) A. Logic bomb

Question 22) ​C. Impersonation

Question 23) ​B. User access reviews

Question 24) D. War driving

Question 25) D. black box testing