Comptia Security +: Cyber Ops MCQs

Comptia Security +: Cyber Ops MCQs

Our experts have gathered these Comptia Security +: Cyber Ops MCQs through research, and we hope that you will be able to see how much knowledge base you have for the subject of Comptia Security +: Cyber Ops by answering these 30 multiple-choice questions.
Get started now by scrolling down!

1: While performing basic forensic analysis of a hard drive in River Tam's - the security administrator - possession - which of the following should be verified during the analysis?

A.   Rootkit

B.   Image hashes

C.   21

D.   Mandatory access control

2: Mal - the Chief Executive Officer (CEO) of a company - has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something happens to Pete?

A.   Clustering

B.   Succession planning

C.   23

D.   Antenna placement; Power levels

3: River Tam - a security administrator - has generated a key pair for the company web server. Which of the following should she do next to ensure all web traffic to the company web server is encrypted?

A.   Dual-homing a server

B.   Software as a Service

C.   Install both the private and the public key on the web server.

D.   Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.

4: Which of the following risks could IT management be mitigating by removing an all-in-one device?

A.   Cold site

B.   SSH

C.   21

D.   Single point of failure

5: While traveling - users need access to an internal company web server that contains proprietary information. Mal - the security administrator - should implement a...

A.   RAS

B.   Group based privileges

C.   Cipher lock combination and proximity badge

D.   Gray box

6: Which of the following types of data encryption would Starbuck - a security administrator - use if MBR and the file systems needed to be included?

A.   Full disk

B.   Cable locks

C.   Single point of failure

D.   Fuzzing

7: Which of the following controls mitigates the risk of Jayne - an attacker - gaining access to a company network by using a former employee's credential?

A.   Update the CRL; Deploy OCSP

B.   Application hardening

C.   Account expiration

D.   The DES algorithm is run three consecutive times against the item being encrypted

8: The fundamental information security principals include confidentiality - availability and which of the following?

A.   The capacity of a system to resist unauthorized changes to stored information

B.   Passive finger printing

C.   Business impact assessment

D.   IV attack

9: Starbuck - an administrator - is primarily concerned with blocking external attackers from gaining information on remote employees by scanning their laptops. Which of the following security applications is BEST suited for this task?

A.   Personal firewall

B.   Mandatory access control

C.   Something you are

D.   NAC

10: Which of the following technologies would allow the removal of a single point of failure?

A.   IV attack

B.   Install both the private and the public key on the web server.

C.   Dual-homing a server

D.   Public key

11: Which of the following network devices will prevent port scans?

A.   The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard

B.   Port forwarding

C.   Firewall

D.   Mandatory access control

12: Mal - a network administrator - implements the spanning tree protocol on network switches. Which of the following issues does this address?

A.   Loop protection

B.   Zero day attack

C.   CRL

D.   Encrypt all confidential data.

13: Which of the following are restricted to 64-bit block sizes?

A.   Warm site

B.   DES;3 DES

C.   Penetration testing

D.   Worm outbreak

14: River Tam and Starbuck - users - are reporting an increase in the amount of unwanted email that they are receiving each day. Which of the following would be the BEST way to respond to this issue without creating a lot of administrative overhead?

A.   Deploy an anti-spam device to protect the network.

B.   IPS

C.   Device encryption

D.   To limit the number of endpoints connected through the same switch port

15: Which of the following is a best practice when securing a switch from physical access?

A.   SSH

B.   Disable unused ports

C.   Blowfish

D.   E-discovery

16: Starbuck - the administrator - is tasked with deploying a strong encryption cipher. Which of the following ciphers would she be the LEAST likely to choose?

A.   Signature based

B.   Impersonation

C.   Change management

D.   Two fish

17: Which of the following authentication protocols forces centralized wireless authentication?

A.   WPA2-Enterprise

B.   UDP 53

C.   VLAN mismatch is occurring.

D.   Signature based

18: Which of the following reduces the likelihood of a single point of failure when a server fails?

A.   Clustering

B.   DES;3 DES

C.   Update the CRL; Deploy OCSP

D.   Loop protection

19: Jayne - a server administrator - sets up database forms based on security rating levels. If a user has the lowest security rating then the database automatically determines what access that user has. Which of the following access control methods does

A.   Mandatory access control

B.   Two fish

C.   Error handling


20: Which of the following network solutions would BEST allow Starbuck - a security technician - to host an extranet application for her company?

A.   PII handling

B.   Fuzzing

C.   Software as a Service

D.   Worm outbreak

21: Jayne - the security administrator - notices a spike in the number of SQL injection attacks against a web server connected to a backend SQL database. Which of the following practices should be used to prevent an application from passing these attacks

A.   Input validation

B.   Humidity controls

C.   Dictionary; Brute force

D.   Establish a MAC limit and age

22: When Mal - an employee - leaves a company - which of the following should be updated to ensure Pete's security access is reduced or eliminated?

A.   Time of day restrictions;Access control lists

B.   CRL

C.   Evil twin

D.   Clustering

23: River Tam - a security administrator - has configured a trusted OS implementation on her servers. Which of the following controls are enacted by the trusted OS implementation?

A.   Ticket granting server

B.   Passive finger printing

C.   Mandatory Access Controls

D.   CA

24: Employees are reporting that they are receiving unusual calls from the help desk for the purpose of verifying their user credentials. Which of the following attack types is occurring?

A.   Penetration testing

B.   Vishing

C.   Detective

D.   Shoulder surfing

25: Which of the following practices reduces the attack surface of a wireless network?

A.   Account lockout


C.   Antenna placement; Power-level control

D.   The DES algorithm is run three consecutive times against the item being encrypted.

26: Mal - a security administrator - would like to implement laptop encryption to protect data. The Chief Executive Officer (CEO) believes this will be too costly to implement and decides the company will purchase an insurance policy instead. Which of th

A.   23

B.   Risk avoidance


D.   Dcfldd

27: Which of the following should River Tam - a security technician - perform as the FIRST step when creating a disaster recovery plan for a mission critical accounting system?

A.   The IDS does not identify a buffer overflow

B.   Mandate additional security awareness training for all employees.


D.   Business impact assessment

28: The corporate NIPS requires a daily download from its vendor with updated definitions in order to block the latest attacks. Which of the following describes how the NIPS is functioning?

A.   Signature based

B.   DES;3 DES

C.   The security company is provided with no information about the corporate network or physical locations.

D.   Separation of duties

29: River Tam - a network security administrator - has been tasked with setting up a guest wireless network for her corporation. The requirements for this connection state that it must have password authentication - with passwords being changed every wee

A.   Dual-homing a server

B.   IV attack

C.   21


30: Which of the following has a default port of 22?

A.   SSH

B.   Mitigation

C.   Proxy server

D.   The system is virtualized