CompTIA Security+ (SY0-501) Practice Exams with Simulations Set 1

You are working as part of a cyber incident response team. An ongoing attack has been identified on your web server. Your company wants to take legal action against the criminals who have hacked your server, so they have brought in a forensic analyst from the FBI to collect the evidence from the server. What order should the digital evidence be collected based on the order of volatility?



Options are :

  • Hard Drive or USB Drive, Swap File, Random Access Memory, Processor Cache
  • Processor Cache, Swap File, Random Access Memory, Hard Drive or USB Drive
  • Processor Cache, Random Access Memory, Swap File , Hard Drive or USB Drive (Correct)
  • Swap File, Processor Cache , Random Access Memory, Hard Drive or USB Drive

Answer :Processor Cache, Random Access Memory, Swap File , Hard Drive or USB Drive

JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 2

How would you appropriately categorize the authentication method being displayed here?

(Note: the hardware token is being by itself used for authentication.)


Options are :

  • Biometric authentication
  • One-time password authentication (Correct)
  • Multi-factor authentication
  • PAP authentication

Answer :One-time password authentication

An attacker trying to gain access to your network is sending users a link to a free stock-monitoring program. However, that stock-monitoring program is attached to a software that will give an attacker access to any machine it is installed on. What type of attack is this?


Options are :

  • Rootkit
  • Trojan horse (Correct)
  • Spyware
  • Boot sector virus

Answer :Trojan horse

Of the following, choose a common security issue that is hard to control in large environments when a user has more rights, permissions, and privileges than the job requires. What is described by this scenario?


Options are :

  • Excessive rights
  • Excessive access
  • Excessive permissions
  • Excessive privileges (Correct)

Answer :Excessive privileges

Brady is the network administrator for his company where some users keep getting dropped from the network. When he checks the logs for that specific WAP, he finds that a deauthentication packet has been sent from those IP addresses. What seems to be happening?


Options are :

  • Problem with users’ WiFi configuration
  • Disassociation attack (Correct)
  • Session hijacking
  • Backdoor attack

Answer :Disassociation attack

CT0-101 Convergence+ Certification Practice Exam Set 12

Melanie manages the website security for a bank. When a user forgets their password, she wants to be able to give them a temporary password. What is the best solution for this situation?


Options are :

  • Facial recognition
  • Digital certificate authentication
  • RBAC
  • TOTP (Correct)

Answer :TOTP

Caleb is the network administrator where users are reporting odd behavior on their computers. He believes this may be due to malware but the behavior is different on different computers. What could best explain this anomaly?


Options are :

  • It is not malware, but hardware failure
  • It is a boot sector virus
  • It is a macro virus
  • It is a polymorphic virus (Correct)

Answer :It is a polymorphic virus

Charlotte is a network administrator and needs to administer several servers. Her task is to make it easier to administer and secure these servers, as well as make the installation of new servers more streamlined. Which of the following best addresses this issue?


Options are :

  • Setting up a cluster
  • Virtualizing the servers (Correct)
  • Putting the servers on a LAN
  • Putting the servers on a separate subnet

Answer :Virtualizing the servers

JK0-802 CompTIA A+ Certification Exam Set 8

Tim is managing the SIEM for his company. The SIEM aggregates logs from multiple servers. In the event a breach is discovered, which would be the most important concern?


Options are :

  • Event duplication
  • Time synchronization
  • Impact assessment
  • Correlation (Correct)

Answer :Correlation

Of the following options, what does application management accomplish for mobile devices?


Options are :

  • Only allows applications from the iTunes store to be installed
  • Ensures the company has a list of all applications on the devices
  • Ensures only approved applications are installed on the devices (Correct)
  • Updates patches on all applications on mobile devices

Answer :Ensures only approved applications are installed on the devices

You have partnered with another company that requires some systems to be shared. Which agreement outlines how they should be interfaced?


Options are :

  • BPA
  • MOU
  • SLA
  • ISA (Correct)

Answer :ISA

SY0-401 CompTIA Security+ Certification Practice Exam Set 7

A threat actor has created a tool which creates a man-in-the-middle attack. The actor is using this tool to capture encrypted communication between two remote users. The actor was unable to decrypt the messages he captured though. Why was the threat actor unable to decrypt the messages he captured as part of his man-in-the-middle attack?


Options are :

  • Hashing
  • Symmetric encryption
  • Asymmetric encryption (Correct)
  • Key escrow

Answer :Asymmetric encryption

Bob is responsible for network security at a very small company, so due to budget constraints and space constraints, he can only choose one security device. What should he select?


Options are :

  • Firewall
  • Antivirus
  • IDS
  • UTM (Correct)

Answer :UTM

Laura is the security administrator for a bank and is interested in detecting breaches and attempted breaches of the network, including internal breaches. She doesn’t want false positives to disrupt productivity. Which of the following devices is the best choice?


Options are :

  • IPS
  • WAF
  • SIEM
  • IDS (Correct)

Answer :IDS

SK0-004 CompTIA Server+ Certification Practice Exam Set 8

Steven is making an outline of plans to implement a wireless network. Which protocol was designed to provide security for a wireless network and is considered to be the most secure from the choices below?


Options are :

  • WAP
  • WPA
  • WPA2 (Correct)
  • WEP

Answer :WPA2

Stewart has instructed all administrators to disable nonessential ports on their local servers. Why are these protocols a security issue that matters?


Options are :

  • Nonessential ports provide additional areas of attack (Correct)
  • Nonessential ports can’t be secured
  • Nonessential ports are less secure
  • Nonessential ports require more administrative effort to secure

Answer :Nonessential ports provide additional areas of attack

Jeremy is concerned about employees violating software licenses. What would be the first step to address this issue?


Options are :

  • Performing software audits
  • Scanning the network for installed applications
  • Establishing clear policies (Correct)
  • Blocking the ability of users to install software

Answer :Establishing clear policies

Based on the image provided, what type of attack is occurring?


Options are :

  • SYN flood
  • Smurf attack
  • Ping flood (Correct)
  • DDoS

Answer :Ping flood

You are working as a help desk technician and received a call from a user who is complaining about their computer’s performance having slowed down over the last week since they installed a new free video game on the computer. As part of your troubleshooting efforts, you enter the command prompt in Windows and run the following command:

Based on the output provided, what type of malware may have been installed on this user’s computer?


Options are :

  • Keylogger
  • Worm
  • RAT (Correct)
  • Spam

Answer :RAT

220-702 CompTIA A+ Practical Application Practice Exam Set 8

Review the network diagram provided. Which of the following ACL entries should be added to the firewall to allow only the system administrator’s computer (IT) to have SSH access to the FTP, Email, and Web servers in the DMZ?

(Note: The firewall in this network is using implicit deny to maintain a higher level of security. ACL entries are in the format of Source IP, Destination IP, Port Number, TCP/UDP, Allow/Deny.)


Options are :

  • 172.16.1.0/24, 192.168.0.0/24, ANY, TCP, ALLOW
  • 192.168.0.0/24, 172.16.1.4, 22, TCP, ALLOW
  • 192.168.0.3/24, 172.16.1.4, ANY, TCP, ALLOW
  • 172.16.1.4, 192.168.0.0/24, 22, TCP, ALLOW (Correct)

Answer :172.16.1.4, 192.168.0.0/24, 22, TCP, ALLOW

Of the listed items, which is not a step of the incident response process?


Options are :

  • Snapshot (Correct)
  • Preparation
  • Recovery
  • Containment

Answer :Snapshot

Pat is working to allocate appropriate numbers of IP addresses for various subnets in the network for his company. What would be the proper CIDR notation for an IP v4 subnet with 72 nodes?


Options are :

  • /27
  • /29
  • /24 (Correct)
  • /26

Answer :/24

CompTIA Security+ Cert. (SY0-501) Practice Tests Set 2

Josh manages network security at his company and has noticed that NTP is not working correctly. What security protocol will be affected by this?


Options are :

  • Radius
  • DNSSEC
  • IPSec
  • Kerberos (Correct)

Answer :Kerberos

Cassie is worried about credential management on a network where users often have over six passwords to remember. She’s currently interested in finding a solution to this problem. Which would be the best way to address this issue?


Options are :

  • Implement a manager (Correct)
  • Use short passwords
  • Implement OAuth
  • Implement Kerberos

Answer :Implement a manager

Choose the appropriate attack that sends two different messages using the same hash function, therefore, causing a collision:


Options are :

  • Xmas attack
  • DoS
  • Logic Bomb
  • Birthday Attack (Correct)

Answer :Birthday Attack

JK0-019 CompTIA E2C Network + Certification Exam Set 4

Walt, a sales manager at your company, has been complaining about his computer performing slowly. When you investigate the issue, you noticed some spyware on his computer, but he insists the only thing he has downloaded lately was a freeware stock trading application. What best explains this situation?


Options are :

  • Logic bomb
  • Trojan horse (Correct)
  • Rootkit
  • Macro virus

Answer :Trojan horse

Josh, as an administrator for a health care company, is required to support an older, legacy application. He’s concerned about the application having some vulnerabilities that would affect the remainder of the network. Of the following, which option is the most efficient way to mitigate this?


Options are :

  • Use an application container (Correct)
  • Implement SDN
  • Run the application on a separate VLAN
  • Insist on an updated version of the application

Answer :Use an application container

Isaac is in need of an authentication protocol that would be effective when it comes to stopping a session hijacking. Which of the following would be the best choice?


Options are :

  • CHAP (Correct)
  • PAP
  • SPAP
  • RADIUS

Answer :CHAP

CompTIA 220-801 A+ Advanced Certification Practice Exam Set 5

Wanda is responsible for network connectivity for her company. The sales department is transitioning to VoIP. What two protocols must be allowed through the firewall for this to be successful?


Options are :

  • RADIUS and SNMP
  • TCP and UDP
  • SIP and RTP (Correct)
  • RADIUS and SIP

Answer :SIP and RTP

You have recently completed a review of company network traffic and saw where most of the malware infections are caused by users who visit illicit websites. You would like to implement a solution that will block these websites while scanning all network traffic for signs of malware and block the malware before it enters the company network. Which technology would be the best solution?


Options are :

  • IDS
  • Firewall
  • UTM (Correct)
  • SIEM

Answer :UTM

Your supervisor has asked you about protecting the privacy of personally identifiable information (PII) that is collected. As the security administrator, which is the best option to meet these requests?


Options are :

  • PIA (Correct)
  • BIA
  • RTO
  • SPF

Answer :PIA

CompTIA Security+ Cert. (SY0-501) Practice Tests Set 4

Which is a term for technical controls?


Options are :

  • Access controls
  • Logical controls (Correct)
  • Detective controls
  • Preventative controls

Answer :Logical controls

Amy manages mobile device security for her company, an insurance firm. The company currently uses BYOD. She’s concerned about employees’ personal device usage compromising company data on the mobile devices. What technology could best assist with this concern?


Options are :

  • Containerization (Correct)
  • Screen locks
  • FDE
  • Biometrics

Answer :Containerization

Of the following, which is the most significant disadvantage of federated identities?


Options are :

  • They cannot be used with Kerberos
  • They don’t implement least privileges
  • Poor password management
  • Transitive trust (Correct)

Answer :Transitive trust

CAS-003 CompTIA Advanced Security Practitioner (CASP+) Exam Set 2

You’re responsible for network protocols. The network time protocol has been failing periodically. What is the most affected?


Options are :

  • Kerberos (Correct)
  • RADIUS
  • CHAP
  • LDAP

Answer :Kerberos

Of the listed principles, which process would transpire if a user provides a correct username and password?


Options are :

  • Identification
  • Authentication (Correct)
  • Authorization
  • Accounting

Answer :Authentication

Which plan identifies critical systems and components to ensure assets are safe and protected?


Options are :

  • DRP
  • BCP (Correct)
  • IT contingency plan
  • Succession plan

Answer :BCP

CompTIA JK0-017 E2C Project+ Certification Practice Exam Set 11

Jason needs to renew the certificate for his company’s web server. Which of the following is recommended to be submitted to the CA?


Options are :

  • CSR (Correct)
  • Key escrow
  • CRL
  • OCSP

Answer :CSR

What type of attack is based on sending more data to a target than the target can hold?


Options are :

  • Bluesnarfing
  • Buffer overflow (Correct)
  • Bluejacking
  • DDoS

Answer :Buffer overflow

Mark noticed that one of the employees at his company tethers to his smartphone to bypass corporate web security to access prohibited websites while still being connected to the LAN. What is the best way to prevent this?


Options are :

  • Disable wireless access
  • Implement a WAF
  • Implement a policy against tethering (Correct)
  • Implement a HIPS

Answer :Implement a policy against tethering

CompTIA JK0-801 A Laptop Printer and Operating certify Exam Set 4

Jakob is worried that someone will use a password cracker on the computers in his company. He’s concerned that common passwords will be attempted in order to gain access to a system. Which would be the best option to mitigate the threat?


Options are :

  • Password age restrictions
  • Password minimum length requirements
  • Account lockout policies (Correct)
  • Account usage auditing

Answer :Account lockout policies

John is a sales manager at his company. He has recently received an email asking him to click a link to fill out a survey. The email seems suspicious but it does mention a major association of which he’s familiar, and makes him think it may be a legitimate email. Of the following, which best describes this attack?


Options are :

  • Phishing
  • Social engineering
  • Spear phishing (Correct)
  • Trojan horse

Answer :Spear phishing

You currently work for a large company and are concerned about ensuring all workstations have a common configuration, do not contain a rogue software installation, and all patches are kept up to date. Of the following, which would be most effective to accomplish this?


Options are :

  • Use VDE (Correct)
  • Implement strong policies
  • Use an image for all workstations
  • Implement strong patch management

Answer :Use VDE

SY0-401 CompTIA Security+ Certification Practice Exam Set 7

Nate is considering the use of biometric access control systems for his company. He’s concerned about the crossover error rate (CER), so which of the following processes would most accurately describe the CER?


Options are :

  • The rate of false acceptance
  • The rate of false rejection
  • The point at which false rejections outpace false acceptances
  • The point at which false rejections and false acceptances are equal (Correct)

Answer :The point at which false rejections and false acceptances are equal

Lisa manages incident response for a bank. The bank has a website that’s been attacked. The attacker utilized the login screen, and rather than entering proper login credentials, the attacker entered some odd text: ‘ or ‘1’=’1. What is this attack known as?


Options are :

  • Cross-site scripting
  • Cross-site request forgery
  • SQL injection (Correct)
  • ARP poisoning

Answer :SQL injection

Jay is a security administrator for a large company and has about 100 hosts on his network that were recently attacked by a virus. He’s concerned because there was a patch available that would have minimized the impact from the virus. What is the best solution to implement on the network?


Options are :

  • Install patch management software (Correct)
  • Using automatic updates
  • Putting unpatched machines on a Bridge
  • Scanning all machines for patches every day

Answer :Install patch management software

CompTIA Project+ (PK0-004) 5 Practice Test 2019 Set 2

Logan would like to test his company’s web application and evaluate if it’s handling input validation and data validation properly. Of the following, which testing method would be most effective for this scenario?


Options are :

  • Static code analysis
  • Fuzzing (Correct)
  • Baselining
  • Version control

Answer :Fuzzing

Brandon is a network administrator and has received a popup window that tells him his files are now encrypted and he must pay a certain amount of bitcoins to get them decrypted. He tried to check the files in question, but their extensions have all changed and he cannot open them. What best explains the given scenario?


Options are :

  • His machine has a rootkit
  • His machine has ransomware (Correct)
  • His machine has a logic bomb
  • His machine has been the target of whaling

Answer :His machine has ransomware

Josh is a security technician who’s been tasked with implementing PKI on the company’s network. When verifying the validity of the certificate, he needs to ensure bandwidth isn’t being consumed. What can be implemented?


Options are :

  • CRL (Correct)
  • OCSP
  • Key Escrow
  • CA

Answer :CRL

HT0-201 CEA- CompTIA DHTI+ Certification Practice Exam Set 3

Gary is concerned about unauthorized people entering the company’s building. Of the following, which would be most effective in preventing this?


Options are :

  • Alarm systems
  • Fencing
  • Cameras
  • Security guards (Correct)

Answer :Security guards

Thomas is seeking options for controlling physical access to the server room. He would like a hands-free solution. Which of the following would be his best choice?


Options are :

  • Smart cards
  • Proximity cards (Correct)
  • Tokens
  • Fingerprint scanner

Answer :Proximity cards

Which encryption type offers easy key exchange and key management?


Options are :

  • Obfuscation
  • Asymmetric (Correct)
  • Symmetric
  • Hashing

Answer :Asymmetric

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 4

Which of the following works like stream ciphers?


Options are :

  • One-time pad (Correct)
  • RSA
  • AES
  • DES

Answer :One-time pad

Janet has to deploy and support a legacy application where the configuration for this application and the OS are very specific and cannot be changed. Of the following options, which is the best approach to deploy this software?


Options are :

  • Use an immutable server (Correct)
  • Use a VM
  • Set permissions on the application so it cannot be changed
  • Place the application on a separate VLAN

Answer :Use an immutable server

Peter manages network security at a large company and is concerned about the variety of attacks, specifically DNS poisoning. Which of the following would be the best option to mitigate this issue?


Options are :

  • IPSec
  • DNSSEC (Correct)
  • L2TP
  • TLS

Answer :DNSSEC

CV0-001 CompTIA Cloud+ Certification Practice Exam Set 1

Joe is concerned about attacks to an e-commerce server. He’s especially concerned about a cross-site scripting attack and SQL injection. Which of the following would defend against these two attacks?


Options are :

  • Encrypted web traffic
  • Filtering user input (Correct)
  • A firewall
  • An IDS

Answer :Filtering user input

Of the items listed, which provides additional encryption strength by repeating the encryption process with additional keys?


Options are :

  • 3DES (Correct)
  • AES
  • Twofish
  • Blowfish

Answer :3DES

Eddie is your security manager and he received a call from law enforcement telling him that some of his computers on his network participated in a massive DoS attack. He’s certain that none of his employees would be involved in a cybercrime. What best explains the given scenario?


Options are :

  • It is a result of social engineering
  • The machines all have backdoors
  • The machines are bots (Correct)
  • The machines are infected with crypto-viruses

Answer :The machines are bots

JK0-019 CompTIA E2C Network + Certification Exam Set 11

Larry is a network administrator for a small accounting firm and has heard some of his users complaining of slow connectivity. When he started investigating the firewall logs, he saw a large number of half-open connections. What best describes his findings?


Options are :

  • DDoS
  • SYN flood (Correct)
  • Buffer overflow
  • ARP poisoning

Answer :SYN flood

You are currently testing your company network for security issues. The test you’re conducting involves using automated and semi-automated tools to look for known vulnerabilities with various systems. Which of the following best describes this test?


Options are :

  • Vulnerability scan (Correct)
  • Penetration test
  • Security audit
  • Security test

Answer :Vulnerability scan

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions