Top Banner

Click here to load reader

CompTIA Security+ SY0-301 Practice Test

Aug 29, 2014



CompTIA SY0-301 Security+ 100-Question Practice Exam Developed for (Author to remain anonymous) This practice exam has been developed exclusively for GetCertified4Less.Com. Answers and explanations on last pages. 1. In which of the cloud computing infrastructure types clients, instead of buying all the hardware and software, purchase computing resources as an outsourced service from suppliers who own and maintain all the necessary equipment? A. IaaS B. PaaS C. SaaS D. RAS 2. A. B. C. D. 3. A. B. C. D. WPA2 is also known as: 802.1X 802.11 802.3 802.11i Which of the following devices operates at Layer 3 of the OSI model? Passive hub Switch Router Active hub

4. One of the measures used in securing an Ethernet switch includes disabling unused ports. A. True B. False 5. A cloud computing infrastructure type where applications are hosted over a network (typically Internet) eliminating the need to install and run the software on the customer's own computers is called: A. Thick client B. SaaS C. Virtualization D. IaaS 6. A. B. C. D. RAID 0: (Select two answers) Offers fault tolerance and redundancy Requires at least three drives to implement Doesn't offer fault tolerance Requires at least two drives to implement

7. Which of the following terms refers to a logical grouping of computers that allow computer hosts to act as if they were attached to the same broadcast domain, regardless of their physical location? A. VLAN B. DMZ C. MAC filtering D. SNMP community

8. A group that consists of SNMP devices and one or more SNMP managers is called: A. SNMP trap B. Network Management System (NMS) C. SNMP community D. Management Information Base (MIB) 9. A. B. C. D. VLAN membership can be set through: (Select all that apply) Trunk port Switch ports Encryption MAC address

10. A lightly protected subnet placed on the outside of the company's firewall consisting of publicly available servers is also referred to as: A. VPN B. Access Point (AP) C. VLAN D. DMZ 11. Which of the following attacks uses multiple compromised computer systems against its target? A. DoS B. Botnet C. Logic bomb D. DDoS 12. What is the purpose of non-repudiation? A. Preventing someone from denying that they took a specific action B. Ensuring that received data hasn't changed in transit C. Hiding one piece of data in another piece of data D. Transforming plaintext to ciphertext 13. Which of the following refers to one of the testing stages in the software development process performed by customers or end users? A. UAC B. NAT C. UAT D. EULA 14. Using a telephone system to manipulate a user into disclosing confidential information is called: A. Shoulder surfing B. Spoofing C. Vishing D. Tailgating 15. Which of the following fall(s) into the category of social engineering attacks? (Select all that apply) A. Whaling B. MAC spoofing C. Xmas attack D. Vishing E. Spear phishing

16. The practice of sending unsolicited messages over Bluetooth is also known as: A. SPIM B. Bluejacking C. Phishing D. Bluesnarfing 17. Gaining unauthorized access to a Bluetooth device is also referred to as: A. Interference B. Bluesnarfing C. Bluejacking D. Pharming 18. Which of the following terms refers to a microchip embedded on the motherboard of a personal computer or laptop that can store keys, passwords and digital certificates? A. FRU B. EFS C. TPM D. HCL 19. Phishing scams targeting a specific group of users are also referred to as: A. Bluejacking B. Spear phishing C. Tailgating D. Pharming 20. Unsolicited messages received over an instant messaging system are also known as: A. Spim B. Spoofing C. Spam D. Bluejacking 21. What is war chalking? A. Scanning for open ports B. Finding unsecured wireless networks C. SSID discovery D. Marking unsecured wireless networks 22. A piece of hardware and associated software / firmware that usually attaches to the inside of a PC or server and provides at least the minimum of cryptographic functions is called: A. OUI B. BIOS C. HSM D. PKI

23. Which of the following solutions is used to hide the internal IP addresses by modifying IP address information in IP packet headers while in transit across a traffic routing device? A. NAC B. ACL C. NAT D. DMZ 24. Which of the following is an acronym for a risk assessment formula defining probable financial loss due to a risk over a one-year period? A. ARO B. ALE C. SLE D. UAT 25. Malicious code activated by a specific event is also known as: A. Logic bomb B. Denial of service C. Computer worm D. Xmas attack 26. Security measures that can be applied to mobile devices include: (Select all that apply) A. Quality of Service (QoS) B. Encryption and passwords C. Load balancing D. Remote sanitation E. Voice encryption 27. Which of the following port numbers is used by Kerberos? A. 23 B. 80 C. 22 D. 88 28. SHA and MD5 are examples of: A. Encryption algorithms B. Virus signatures C. Hash functions D. Trust models 29. Which of the following protocols periodically reauthenticates a client? A. PAP B. SHA C. CHAP D. MD5 30. Which IPsec mode provides whole packet encryption? A. Tunnel B. Payload C. Transport D. Host-to-host

31. A set of rules enforced in a network that restrict the use to which the network may be put is also known as: A. OEM B. AUP C. FAQ D. UAT 32. A group of computers running malicious software under control of a hacker is also referred to as: A. Botnet B. Ethernet C. Subnet D. Intranet 33. Which of the following terms refers to software or hardware based security solutions designed to detect and prevent unauthorized use and transmission of confidential information outside of a corporate network? A. EULA B. DLP C. UAT D. LTO 34. Penetration test of a computer system without the prior knowledge on how the system works is also known as: A. Auditing B. White hat testing C. Black box testing D. White box 35. Finding vulnerability in an application by feeding it incorrect input is also known as: A. Patching B. Exception handling C. Application hardening D. Fuzzing 36. Which of the following is an example of a biometric authentication? A. Password B. Smart card C. Fingerprint scanner D. User name 37. Which of the following is an example of a multi-factor authentication? A. Password and biometric scan B. User name and PIN C. Smart card and identification badge D. Iris and fingerprint scan 38. Steganography allows for: A. Hiding data within another piece of data B. Data encryption C. Checking data integrity D. Hashing

39. An IPv6 address consists of: A. 32 bits B. 48 bits C. 64 bits D. 128 bits 40. Which of the following acronyms refers to any type of information pertaining to an individual that can be used to uniquely identify that individual? A. PIN B. PII C. ID D. Password 41. Which of the following terms refers to a rogue access point? A. Computer worm B. Backdoor C. Evil twin D. Trojan horse 42. Antivirus software can be kept up to date through: (Select all that apply) A. Virus signature updates B. Virtualization C. Auditing D. Engine updates 43. In this access control model every resource has a sensitivity label matching a clearance level assigned to a user. A. RBAC B. DAC C. HMAC D. MAC 44. Which of the following is used to prevent switching loops? A. UTP B. HMAC C. STP D. RAS 45. TCP port 23 is used by: A. SMTP B. SSH C. Telnet D. TFTP 46. A chronological record outlining persons in possession of an evidence is also referred to as: A. Chain of custody B. Data handling chain C. Information classification D. Evidence timeline

47. Sticky note with a password kept on sight in the user's cubicle would be a violation of which of the following policies? A. Data labeling policy B. Clean desk policy C. User account policy D. Password complexity 48. A policy outlining ways of collecting and managing personal data is also known as: A. Acceptable use policy B. Audit policy C. Privacy policy D. Data loss prevention 49. Which of the following solutions is used for controlling temperature and humidity? A. Faraday cage B. UART C. EMI shielding D. HVAC 50. A maximum acceptable period of time within which a system must be restored after failure is also known as: A. Recovery Time Objective (RTO) B. Mean Time To Restore (MTTR) C. Maximum Tolerable Period of Disruption (MTPOD) D. Mean Time Between Failures (MTBF) 51. Which of the following provides confidentiality? A. SHA-1 B. RAID 0 C. MD5 D. AES 52. Which of the following authentication protocols offer(s) countermeasures against replay attacks? (Select all that apply) A. NTP B. PAP C. Kerberos D. CHAP 53. Which of the following provide the means for checking data integrity? (Select two answers) A. WEP B. RC4 C. SHA-1 D. WPA2 E. MD5

54. Which of the following are symmetric-key algorithms? (Select all that apply) A. AES B. DES C. RSA D. Diffie-Hellman E. 3DES 55. Which of the following provide availability? (Select all that apply) A. RAID 5 B. RAID 0 C. Encryption D. RAID 1 E. Hot site 56. 802.1x is an IEEE standard defining: A. Token ring networks B. Port-based network access control C. VLAN tagging D. Wireless networking 57. Allowing a program through a firewall is also referred to as creating: A. Entry B. Tunnel C. Access Control list (ACL) D. Exception 58. The last default rule on a firewall is to: A. Create an exception B. Allow all traffic C. Deny all traffic D. Unblock all ports 59. Which of the following protocols was designed as a secure replacement for Telnet? A. ICMP B. FTP C. IPv6 D. SSH 60. TCP port 22 is used by default by: (Select all that apply) A. FTP B. SSH C. SMTP D. SCP E. SFTP

61. Which of the following ports are used by NetBIOS? (Select all that apply) A. 137 B. 161 C. 138 D. 162 E. 139 62. Which of the following sequences of steps adheres to the order of volatility while collecting an evidence? A. Memory dump, disk files, temporary files, archival media B. Archival media, disk files, temporary files, memory dump C. Memory dump, temporary