CompTIA Security+ (SY0-401) Practice Questions
During a recent audit, it was discovered that many servers and desktops were missing security patches. Which of the following BEST describes the assessment that was performed to discover this issue?
A. Network mapping
B. Vulnerability scan
C. Port scan
D. Protocol analysis
A system administrator must configure the company’s authentication system to ensure that users will be unable to reuse the last ten passwords within a six months period. Which of the following settings must be configured? (Select TWO).
A. Minimum password age
B. Password complexity
C. Password history
D. Minimum password length
E. Multi-factor authentication
F. Do not store passwords with reversible encryption
Which of the following helps to establish an accurate timeline for a network intrusion?
A. Hashing images of compromised systems
B. Reviewing the date of the antivirus definition files
C. Analyzing network traffic and device logs
D. Enforcing DLP controls at the perimeter
Which of the following internal security controls is aimed at preventing two system administrators from completing the same tasks?
A. Least Privilege
B. Separation of Duties
C. Mandatory Vacation
D. Security Policy
Which of the following is the BEST reason for placing a password lock on a mobile device?
A. Prevents an unauthorized user from accessing owner’s data
B. Enables remote wipe capabilities
C. Stops an unauthorized user from using the device again
D. Prevents an unauthorized user from making phone calls
A company would like to take electronic orders from a partner; however, they are concerned that a non-authorized person may send an order. The legal department asks if there is a solution that provides non-repudiation. Which of the following would meet the requirements of this scenario?
B. Digital signatures
E. Perfect forward secrecy
A company has had their web application become unavailable several times in the past few months due to increased demand. Which of the following should the company perform to increase availability?
A. Implement a web application firewall to prevent DDoS attacks
B. Configure the firewall to work with the IPS to rate limit customer requests
C. Implement a load balancer to distribute traffic based on back end server utilization
D. Configure the web server to detect race conditions and automatically restart the web services
A security administrator is auditing a database server to ensure the correct security measures are in place to protect the data. Some of the fields consist of people’s first name, last name, home address, date of birth and mothers last name. Which of the following describes this type of data?
Which of the following would be MOST appropriate if an organization’s requirements mandate complete control over the data and applications stored in the cloud?
A. Hybrid cloud
B. Community cloud
C. Private cloud
D. Public cloud
Ann is an employee in the accounting department and would like to work on files from her home computer. She recently heard about a new personal cloud storage service with an easy web interface. Before uploading her work related files into the cloud for access, which of the following is the MOST important security concern Ann should be aware of?
A. Size of the files
B. Availability of the files
C. Accessibility of the files from her mobile device
D. Sensitivity of the files
Which of the following attacks involves the use of previously captured network traffic?
A company has recently allowed employees to take advantage of BYOD by installing WAPs throughout the corporate office. An employee, Joe, has recently begun to view inappropriate material at work using his personal laptop. When confronted, Joe indicated that he was never told that he could not view that type of material on his personal laptop. Which of the following should the company have employees acknowledge before allowing them to access the corporate WLAN with their personal devices?
B. Security Policy
C. Consent to Monitoring Policy
D. Acceptable Use Policy
Which of the following solutions provides the most flexibility when testing new security controls prior to implementation?
A. Trusted OS
B. Host software baselining
C. OS hardening
Ann, a college professor, was recently reprimanded for posting disparaging remarks regarding her coworkers on a web site. Ann stated that she was not aware that the public was able to view her remarks. Which of the following security-related trainings could have made Ann aware of the repercussions of her actions?
A. Data labeling and disposal
B. Use of social networking
C. Use of P2P networking
D. Role-based training
Given the following set of firewall rules:
From inside to outside allow source any destination any port any
From inside to dmz allow source any destination any port tcp-80
From inside to dmz allow source any destination any port tcp-443
Which of the following would prevent FTP traffic from reaching a server in the DMZ from the inside network?
A. Implicit deny
B. Policy routing
C. Port forwarding
D. Fowarding proxy
In order to gain an understanding of the latest attack tools being used in the wild, an administrator puts a Unix server on the network with the “root” user’s password set to “root.” Which of the following BEST describes this technique?
C. Gray box testing
A user is unable to login after 5 p.m. to complete a financial report. The user calls the help desk to report the issue. A technician verifies that the user’s credentials are valid, and the user account is enabled. Which of the following is causing this issue?
A. Separation of duties
B. Multifactor authentication
C. Rule-based access control
D. Least privilege
A wireless site survey has been performed at a company. One of the results of the report is that the wireless signal extends too far outside of the building. Which of the following security issues could occur as a result of this finding?
A. Excessive wireless access coverage
B. Interference with nearby access points
C. Exhaustion of DHCP address pool
D. Unauthorized wireless access
During a code review, a software developer discovers a security risk that may result in hundreds of hours of rework. The security team has classified this issue as low risk. Executive management has decided that the code will not be rewritten. This is an example of:
A. risk avoidance.
B. risk transference.
C. risk mitigation.
D. risk acceptance.
A security architect is designing an enterprise solution for the sales force of a corporation which handles sensitive customer data. The solution must allow users to work from remote offices and support traveling users. Which of the following is the MOST appropriate control for the architect to focus on to ensure confidentiality of data stored on laptops?
A. Full-disk encryption
B. Digital signatures
C. Federated identity management
D. Cable locks
Which of the following works by implanting software on systems but delays execution until a specific set of conditions is met?
A. Logic bomb
An attacker wearing a building maintenance uniform approached a company’s receptionist asking for access to a secure area. The receptionist asks for identification, a building access badge, and checks the company’s list of approved maintenance personnel prior to granting physical access to the secure area. The controls used by the receptionist are in place to prevent which of the following types of attacks?
B. Shoulder surfing
During a recent audit, it was discovered that several user accounts belonging to former employees were still active and had valid VPN permissions. Which of the following would help reduce the amount of risk the organization incurs in this situation in the future?
A. Time-of-day restrictions
B. User access reviews
C. Group-based privileges
D. Change management policies
A technician reports a suspicious individual is seen walking around the corporate campus. The individual is holding a smartphone and pointing a small antenna, in order to collect SSIDs. Which of the following attacks is occurring?
A. Rogue AP
B. Evil twin
D. War driving
A security director has contracted an outside testing company to evaluate the security of a newly developed application. None of the parameters or internal workings of the application have been provided to the testing company prior to the start of testing. The testing company will be using:
A. gray box testing.
B. active control testing.
C. white box testing.
D. black box testing.
Security+ (SY0-401) Answer Key
Question 1) B. Vulnerability scan
Question 2) A. Minimum password age and C. Password history
Question 3) C. Analyzing network traffic and device logs
Question 4) B. Separation of Duties
Question 5) A. Prevents an unauthorized user from accessing owner’s data
Question 6) B. Digital signatures
Question 7) C. Implement a load balancer to distribute traffic based on back end server utilization
Question 8) A. PII
Question 9) C. Private cloud
Question 10) D. Sensitivity of the files
Question 11) A. Replay
Question 12) D. Acceptable Use Policy
Question 13) D. Virtualization
Question 14) B. Use of social networking
Question 15) A. Implicit deny
Question 16) B. Honeypot
Question 17) C. Rule-based access control
Question 18) D. Unauthorized wireless access
Question 19) D. risk acceptance
Question 20) A. Full-disk encryption
Question 21) A. Logic bomb
Question 22) C. Impersonation
Question 23) B. User access reviews
Question 24) D. War driving
Question 25) D. black box testing