CompTIA Security+ Cert. (SY0-501) Practice Tests Set 1

What type of file, often sent with an e-mail message, can contain malicious code that can be downloaded and executed on a client?s computer?


Options are :

  • Cookie
  • HTML attachment
  • Cross-site script
  • Locally shared object

Answer :HTML attachment

CompTIA Security+ Cert. (SY0-501) Practice Tests Set 2

Which of the following secure protocols protects traffic during transmission and uses TCP port 443? (Choose two.)


Options are :

  • SSH
  • SSL
  • TLS
  • TFTP
  • SCP

Answer :SSL TLS

All of the following are characteristics of hashing, except:


Options are :

  • Hashes are cryptographic representations of plaintext.
  • Hashes produce fixed-length digests for variable-length text.
  • Hashes are decrypted using the same algorithm and key that encrypted them.
  • Hashing can be used to protect data integrity.

Answer :Hashes are decrypted using the same algorithm and key that encrypted them.

If a person knows a control exists, and this control keeps him or her from performing a malicious act, what type of control would this be classified as?


Options are :

  • Preventative control
  • Corrective control
  • Compensating control
  • Deterrent control

Answer :Deterrent control

220-701 A+ Essentials Certification Practice Exam Set 1

Your organization is concerned that employees might e-mail proprietary information to themselves at their private addresses. Which of the following would be most effective at catching that particular effort?


Options are :

  • Caching proxy server
  • Content filter
  • Antispam filter
  • Firewall

Answer :Content filter

Which of the following is generally a script planted by a disgruntled employee or other malicious actor that is set to execute at a certain time?


Options are :

  • Trojan horse
  • Virus
  • Adware
  • Logic bomb

Answer :Logic bomb

A virtual LAN (VLAN) offers which of the following advantages for network security? (Choose two.)


Options are :

  • Allows physical segmentation of hosts by IP subnet.
  • Creates broadcast domains.
  • Allows logical segmentation of hosts.
  • Allows different security policies to be applied to different hosts.

Answer :Allows logical segmentation of hosts. Allows different security policies to be applied to different hosts.

220-701 A+ Essentials Certification Practice Exam Set 10

What type of organizations are the main users of an interconnection service agreement (ISA)?


Options are :

  • End users
  • Satellite providers
  • Government entities
  • Telecommunication companies

Answer :Telecommunication companies

What is the biggest difference between EAP-TLS and EAP-TTLS?


Options are :

  • EAP-TTLS can use unsigned certifcates; EAP-TLS must have third-party signed certificates.
  • EAP-TTLS needs server and client certifcates; EAP-TLS only needs server certifcates.
  • EAP-TLS can use unsigned certifcates; EAP-TTLS must have third-party signed certificates.
  • EAP-TLS needs server and client certifcates; EAP-TTLS only needs server certifcates.

Answer :EAP-TLS needs server and client certifcates; EAP-TTLS only needs server certifcates.

Which of the following describe a false reject rate? (Choose two.)


Options are :

  • Type II error
  • Type I error
  • The error caused when an unauthorized user is validated as authorized
  • The error caused from rejecting someone who is in fact an authorized user

Answer :Type I error The error caused from rejecting someone who is in fact an authorized user

220-701 A+ Essentials Certification Practice Exam Set 11

Which of the following access control models enables a person who creates or owns objects to define permissions to access those objects?


Options are :

  • Discretionary access control model
  • Rule-based access control model
  • Role-based access control model
  • Mandatory access control model

Answer :Discretionary access control model

Which of the following is a variant of a phishing attack, where a phishing e-mail is sent to a high-value target instead of on a mass scale to all employees?


Options are :

  • Pharming
  • Spear phishing
  • Vishing
  • Whaling

Answer :Whaling

Which of the following is not a characteristic of effective signage?


Options are :

  • Signage should be placed in well-lit areas and not obstructed by large objects.
  • Signage should follow national and international standards for symbols and colors.
  • Signage should indicate security checkpoints to report to in the event of an emergency requiring evacuation.
  • Signage should warn intruders away from restricted areas.

Answer :Signage should indicate security checkpoints to report to in the event of an emergency requiring evacuation.

220-701 A+ Essentials Certification Practice Exam Set 12

An attack in which an attacker attempts to disconnect a victim?s wireless host from its access point is called a(n) __________.


Options are :

  • Replay attack
  • Initialization vector attack
  • Spoofing
  • Deauthentication attack

Answer :Deauthentication attack

Wissa is updating a printer driver on a Windows system. She downloads the latest driver from the manufacturer's Web site. When installing the driver, Windows warns that the driver is unsigned. To which of the following threats is Wissa exposing her system?


Options are :

  • Refactoring
  • Version control
  • Shimming
  • Man-in-the-middle

Answer :Refactoring

You have received reports that a number of hosts in your company's internal network are sluggish and unresponsive. After troubleshooting other items, you decide to use a sniffer to examine the network traffic coming into the host. You see that massive amounts of ICMP broadcasts are being sent on the network. The switch is having trouble processing all of this traffic, due to repeated ICMP replies, causing it to slow down. Which of the following is the most likely explanation for this?


Options are :

  • Phishing attack
  • Flood attack
  • Man-in-the-middle attack
  • Malware attack

Answer :Flood attack

220-701 A+ Essentials Certification Practice Exam Set 2

Your organization wants you to create and implement a policy that will detail proper use of its information systems during work hours. Which of the following is the best choice?


Options are :

  • Due care
  • Service level agreement
  • Acceptable-use policy
  • Access control policies

Answer :Acceptable-use policy

Which of the following concepts should be the most important consideration when determining how to budget properly for security controls?


Options are :

  • Risk likelihood and impact
  • Threat of natural disasters
  • Asset identification
  • Qualitative costs

Answer :Risk likelihood and impact

You are trying to determine the appropriate level of high availability for a server. The server must be available on a constant basis, and downtime in a given year cannot exceed 1 hour. It normally takes you about 45 minutes to bring down and restart the server for maintenance. Which of the following reflects the level of availability you require?


Options are :

  • 99.9 percent availability
  • 99.99 percent availability
  • 99 percent availability
  • 99.999 percent availability

Answer :99.99 percent availability

220-701 A+ Essentials Certification Practice Exam Set 3

Which of the following security controls allows connectivity to a network based on the system?s hardware address?


Options are :

  • WEP encryption
  • MAC address filtering
  • WPA2 encryption
  • Disabling SSID broadcast

Answer :MAC address filtering

Which type of network intrusion detection system (NIDS) develops a baseline of normal traffic so it can detect deviations in this traffic that might indicate an attack?


Options are :

  • Anomaly-based system
  • Rule-based system
  • Filter-based system
  • Signature-based system

Answer :Anomaly-based system

The corporate IT manager wants you to implement a process that separates corporate apps from personal apps on mobile devices. Which of the following techniques will enable you to do this?


Options are :

  • Blacklisting
  • Sandboxing
  • Containerization
  • Whitelisting

Answer :Sandboxing

220-701 A+ Essentials Certification Practice Exam Set 4

Which of the following are typically created for a single Web browsing session and are generally not carried across different sessions?


Options are :

  • Locally shared objects
  • Flash cookies
  • Persistent cookies
  • Session cookies

Answer :Session cookies

Which of the following is normally required to convert and read coded messages?


Options are :

  • Codebook
  • Algorithm
  • Symmetric key
  • Asymmetric key

Answer :Codebook

Which of the following authentication protocols uses a series of tickets to authenticate users to resources, as well as timestamps to prevent replay attacks?


Options are :

  • EAP
  • SESAME
  • MS-CHAP
  • Kerberos

Answer :Kerberos

220-701 A+ Essentials Certification Practice Exam Set 5

Which type of assessment is used to determine weaknesses within a system?


Options are :

  • Penetration test
  • Risk assessment
  • Vulnerability assessment
  • Threat assessment

Answer :Vulnerability assessment

Which of the following is a key agreement protocol used in public key cryptography?


Options are :

  • SHA-2
  • ECDH
  • AES
  • RSA

Answer :ECDH

Which of the following enables a user to provide one set of credentials to the system and use those credentials throughout other interconnected systems?


Options are :

  • Single sign-on
  • Multifactor authentication
  • Single-factor authentication
  • Pass-through authentication

Answer :Single sign-on

220-701 A+ Essentials Certification Practice Exam Set 6

Which of the following is a form of intentional interference with a wireless network?


Options are :

  • SSID cloaking
  • Evil twin
  • Jamming
  • MAC spoofing

Answer :Jamming

If Bobby and Dawn exchange confidential encrypted e-mail messages using public and private key pairs, which of the following keys would Bobby need to encrypt confidential data in an e-mail message sent to Dawn?


Options are :

  • Bobby?s public key
  • Bobby?s private key
  • Dawn?s private key
  • Dawn?s public key

Answer :Dawn?s public key

All of the following are considered duties of a first responder to an incident, except:


Options are :

  • Determining the initial scope and impact of the incident
  • Notifying the incident response team
  • Secure the scene
  • Notifying and coordinating with senior management and law enforcement officials

Answer :Notifying and coordinating with senior management and law enforcement officials

220-701 A+ Essentials Certification Practice Exam Set 7

Which of the following algorithms won the U.S. government?sponsored competition to become the Advanced Encryption Standard (AES)?


Options are :

  • Rijindael
  • RC4
  • Twofish
  • Blowfish

Answer :Rijindael

Fabian's new load balancer has a number of scheduling options and he's trying to decide the one to use. He wants to schedule load balancing such that the load balancer assigns to each server in order, then returns to the first server. What is this form of scheduling?


Options are :

  • First come
  • Round robin
  • Affinity
  • On demand

Answer :Round robin

Which of the following statements best describes a buffer overflow attack?


Options are :

  • An attack that involves sending malicious XML content to a Web application, taking advantage of any lack of input validation and XML parsing.
  • An attack on a database through vulnerabilities in the Web application, usually in user input fields.
  • An attack that uses unexpected numerical results from a mathematical operation to overflow a buffer.
  • An attack that exceeds the memory allocated to an application for a particular function, causing it to crash.

Answer :An attack that exceeds the memory allocated to an application for a particular function, causing it to crash.

220-701 A+ Essentials Certification Practice Exam Set 8

Which of the following are two characteristics of strong passwords? (Choose two.)


Options are :

  • Use of additional character space
  • Authentication methods
  • Password length
  • Encryption strength

Answer :Use of additional character space Password length

All of the following are supporting elements of authorization, except:


Options are :

  • Separation of duties
  • Principle of least privilege
  • Credential validation
  • Rights, permissions, and privileges

Answer :Credential validation

What size WEP key did the original IEEE 802.11b specification use?


Options are :

  • 512-bit
  • 128-bit
  • 64-bit
  • 256-bit

Answer :64-bit

220-701 A+ Essentials Certification Practice Exam Set 9

Which of the following policy settings prevent a user from rapidly changing passwords and cycling through his or her password history to reuse a password?


Options are :

  • Password history
  • Minimum password age
  • Password complexity
  • Maximum password age

Answer :Minimum password age

Which of the following fire suppression chemicals was banned in 1987 and can no longer be used in data centers?


Options are :

  • Water
  • Halon
  • Carbon dioxide
  • FM-200

Answer :Halon

For which of the following should employees receive training to establish how they are to treat information of differing sensitivity levels?


Options are :

  • Clean desk policies
  • Protection of personally identifiable information on social media
  • Data disposal
  • Information classification

Answer :Information classification

220-701 A+ Essentials Certification Practice Exam Set 1

Which of the following technologies allows devices to communicate with each other at very close range through radio signals by using a special chip implanted in the device, and may be vulnerable to eavesdropping and man-in-the-middle attacks?


Options are :

  • 802.11 wireless
  • Near-field communication (NFC)
  • Bluetooth
  • Infrared

Answer :Near-field communication (NFC)

All of the following types of social engineering attacks might go undetected by the victim, except:


Options are :

  • Shoulder surfing
  • Tailgating
  • Dumpster diving
  • Coercion

Answer :Coercion

You have a server that is used for Domain Name System (DNS) queries. You find that it has several open ports, and you intend to close all of the unnecessary ports on the server. The server is listening on ports 22, 25, 53, and 80. Which port must be left open to continue to use DNS functionality?


Options are :

  • 80
  • 25
  • 53
  • 22

Answer :53

220-701 A+ Essentials Certification Practice Exam Set 10

Which of the following forms of authentication pass credentials in clear text and is not recommended for use?


Options are :

  • PAP
  • EAP
  • MS-CHAP
  • CHAP

Answer :PAP

What is the second step in the incident response life cycle?


Options are :

  • Preparation
  • Detection and analysis
  • Post-incident activity
  • Containment, eradication, and recovery

Answer :Detection and analysis

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions