This free CompTIA Security+ practice exam covers basic knowledge in the field of Information Systems Security. To pass the CompTIA Security+ exam, a candidate will need knowledge in Network Security, Compliance and operational security, threats and vulnerabilities, access control and identity management, cryptography, and application, data, and host security. This free practice test will test your knowledge and readiness for the CompTIA Security+ Examination.
1) You have been tasked with finding and installing an enterprise SNMP solution. Which of the following properly describes the purpose and use of SNMP?
SNMP (Simple Network Management Protocol) is a standard protocol used to automatically monitor network equipment.
This question is filed under objective 2, Compliance and Operational Security
Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior Devices that typically support SNMP include cable modems, routers, switches, servers, workstations, printers, and moreSNMP is widely used in network management for network monitoring SNMP exposes management data in the form of variables on the managed systems organized in a management information base (MIB) which describe the system status and configuration These variables can then be remotely queried (and, in some circumstances, manipulated) by managing applications Three significant versions of SNMP have been developed and… Read More
2) Which of the following terms properly describes the term Wardriving?
Wardriving is the act of searching for unsecured WiFi network in a moving vehicle using a mobile device such as a laptop or smartphone.
This question is filed under objective 3, Threats and Vulnerabilities
Wardriving is the act of searching for Wi-Fi wireless networks, usually from a moving vehicle, using a laptop or smartphone Software for wardriving is freely available on the internet Warbiking, warcycling, warwalking and similar use the same approach but with other modes of transportation … Read More
3) Which networking device makes it very easy for a malicious user to receive and save packets that were not intended for their workstation?
A HUB forwards all packets out all interfaces, except the one the packet was received on. This means information sent from Host A to Host B, is very easily intercepted by Host C. Even if Host C wasn't addressed in the data header. A HUB is considered a layer 1 (Physical Layer) device in the OSI Model.
This question is filed under objective 1, Network Security
An Ethernet hub, active hub, network hub, repeater hub, multiport repeater, or simply hub is a network hardware device for connecting multiple Ethernet devices together and making them act as a single network segment It has multiple input/output (I/O) ports, in which a signal introduced at the input of any port appears at the output of every port except the original incoming A hub works at the physical layer (layer 1) of the OSI model A repeater hub also participates in collision detection, forwarding a jam signal to all ports if it detects a collision In addition to standard 8P8C ("RJ45") ports, some hubs may also come with a BNC or an Attachment Unit Interface (AUI) connector to allow connection to legacy 10BASE2 or 10BASE5 network… Read More
4) Which of the following standard protocols utilizes the 802.11i standard?
IEEE standard 802.11i, was designed to replace WEP in wireless encryption/authentication. It is commonly known as WPA2 or WiFi Protected Access 2.
This question is filed under objective 1, Network Security
Wi-Fi Protected Access (WPA), Wi-Fi Protected Access II (WPA2), and Wi-Fi Protected Access 3 (WPA3) are the three security and security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks The Alliance defined these in response to serious weaknesses researchers had found in the previous system, Wired Equivalent Privacy (WEP)WPA (sometimes referred to as the draft IEEE 80211i standard) became available in 2003 The Wi-Fi Alliance intended it as an intermediate measure in anticipation of the availability of the more secure and complex WPA2, which became available in 2004 and is a common shorthand for the full IEEE 802… Read More
5) PKI uses what type of encryption?
PKI, or Public-Key-Infrastructure uses asymmetric encryption. There is a public key, and a private key, anything encrypted with a key can only be decrypted with the opposing key.
This question is filed under objective 6, Cryptography
Public-key cryptography, or asymmetric cryptography, is a cryptographic system which uses pairs of keys: public keys (which may be known to others), and private keys (which may never be known by any except the owner) The generation of such key pairs depends on cryptographic algorithms which are based on mathematical problems termed one-way functions Effective security requires keeping the private key private the public key can be openly distributed without compromising securityIn such a system, any person can encrypt a message using the intended receiver's public key, but that encrypted message can only be decrypted with the receiver's private key… Read More
6) Which of the following terms involves the sending and receiving of unsolicited messages over Bluetooth?
Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices. Bluesnarfing is the unauthorized access to data over Bluetooth.
This question is filed under objective 3, Threats and Vulnerabilities
Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (ie, for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol Bluetooth has a very limited range, usually around 10 metres (328 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters … Read More
7) Several high level executives at a business have been targeted by phishing attacks. Which of the following terms describes this type of phishing?
Whaling (sometimes called spear phishing) is a phishing attack targeted at high level employees of a company or organization.
This question is filed under objective 3, Threats and Vulnerabilities
Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords, credit card numbers, or other sensitive details by impersonating oneself as a trustworthy entity in a digital communication Typically carried out by email spoofing, instant messaging, and text messaging, phishing often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site As of 2020, phishing is by far the most common attack performed by cyber-criminals, with the FBI's Internet Crime Complaint Centre recording over twice as many incidents of phishing than any other type of computer crime… Read More
8) Which of the following descriptions best defines the principle of implicit deny?
Implicit Deny is a security stance that prevents an action (network traffic, file access, etc) unless it is explicitly given. For example, network traffic will all be denied by a firewall unless a rule is given to allow traffic from the source and destination IP addresses.
This question is filed under objective 1, Network Security
9) A DoS attack can be defined as what?
DoS (Denial of Service) attacks are normally done in large numbers (Distributed-DoS) and attempt to overload a service, such as an http server, so that the server can no longer do it's normal function and is rendered inoperable.
This question is filed under objective 3, Threats and Vulnerabilities
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilledIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources This effectively makes it impossible to stop the attack simply by blocking a single source… Read More
10) You are creating a new network for your company, you only want to purchase one public IP but have many hosts that will be on the network. What will ensure this is possible?
PAT (Port Address Translation) uses TCP Port numbers to "translate" a group of private IP addresses to a single public IP addresses (one to many). You may also see this one-to-many IP translation called Network Address Translation (NAT) with overload. Both would be acceptable answers here and the terms are both commonly used by different vendors.
This question is filed under objective 1, Network Security
Network address translation (NAT) is a method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device The technique was originally used to avoid the need to assign a new address to every host when a network was moved, or when the upstream Internet service provider was replaced, but could not route the networks address space It has become a popular and essential tool in conserving global address space in the face of IPv4 address exhaustion One Internet-routable IP address of a NAT gateway can be used for an entire private network… Read More
11) Which of the following options can be used to verify data integrity?
MD5 (Message-Digest algorithm 5) is a hashing algorithm, commonly used to verify integrity when downloading or transferring files. MD5 is used before and after the file transfer and the generated 128 bit digests can be compared. If they match, the file is exactly the same. If not, some sort of error or malicious attack has occurred.
This question is filed under objective 4, Application, Data and Host Security
md5sum is a computer program that calculates and verifies 128-bit MD5 hashes, as described in RFC 1321 The MD5 hash functions as a compact digital fingerprint of a file As with all such hashing algorithms, there is theoretically an unlimited number of files that will have any given MD5 hash However, it is very unlikely that any two non-identical files in the real world will have the same MD5 hash, unless they have been specifically created to have the same hashThe underlying MD5 algorithm is no longer deemed secure Thus, while md5sum is well-suited for identifying known files in situations that are not security related, it should not be relied on if there is a chance that files have been purposefully and maliciously tampered… Read More
12) Which of the following protocols is a tunnel encryption used as a secure alternative to telnet?
Secure Shell, is a tunnel encryption using port 22. It is commonly used as a secure alternative to telnet. SSH can also be used to encrypt just about any plain-text protocol, for example FTP over SSH. Secure Socket Layer (SSL) and Transport Security Layer (TLS) are very similar to SSH but are most commonly used in HTTPS. Blowfish is an older, but still common symmetric-key block cipher.
This question is filed under objective 4, Application, Data and Host Security
The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network Typical applications include remote command-line, login, and remote command execution, but any network service can be secured with SSH SSH provides a secure channel over an unsecured network by using a client–server architecture, connecting an SSH client application with an SSH server The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2 The standard TCP port for SSH is 22 SSH is generally used to access Unix-like operating systems, but it can also be used on Microsoft Windows… Read More
13) Which of the following choices can be described as a type of social engineering?
Vishing (Voice Phishing) is a type of phishing attack that uses a telephone or VOIP call to trick an unsuspecting user into divulging important information. Xmas Attack, MAC Spoofing and DDoS are not examples of social engineering, but are malicious attacks.
This question is filed under objective 3, Threats and Vulnerabilities
Voice phishing, or vishing, is the use of telephony (often Voice over IP telephony) to conduct phishing attacks Landline telephone services have traditionally been trustworthy terminated in physical locations known to the telephone company, and associated with a bill-payer Now however, vishing fraudsters often use modern Voice over IP (VoIP) features such as caller ID spoofing and automated systems (IVR) to impede detection by law enforcement agencies Voice phishing is typically used to steal credit card numbers or other information used in identity theft schemes from individuals Usually, voice phishing attacks are conducted using automated text-to-speech systems that direct a victim to call a number controlled by the attacker, however some… Read More
14) Which of the following is not an example of biometric authentication?
A smart card is a physical token, which holds a certificate used to authenticate your identify. A pin number or password is generally required as well.
This question is filed under objective 5, Access Control and Identity Management
Biometrics are body measurements and calculations related to human characteristics Biometrics authentication (or realistic authentication) is used in computer science as a form of identification and access control It is also used to identify individuals in groups that are under surveillance Biometric identifiers are the distinctive, measurable characteristics used to label and describe individuals Biometric identifiers are often categorized as physiological characteristics, which are related to the shape of the body Examples include, but are not limited to fingerprint, palm veins, face recognition, DNA, palm print, hand geometry, iris recognition, retina and odor/scent Behavioral characteristics are related to the pattern of behavior of a… Read More
15) Using programming or scripting in an input field, in an attempt to find a vulnerability, is known as what?
An injection is when a hacker uses a computer language such as PHP, JavaScript, or SQL in an input field to trick a program into running the injected script, thus taking control of the program.
This question is filed under objective 3, Threats and Vulnerabilities
Code injection is the exploitation of a computer bug that is caused by processing invalid data Injection is used by an attacker to introduce (or "inject") code into a vulnerable computer program and change the course of execution The result of successful code injection can be disastrous, for example by allowing computer viruses or computer worms to propagate Code injection vulnerabilities occur when an application sends untrusted data to an interpreter Injection flaws are most often found in SQL, LDAP, XPath, or NoSQL queries OS commands XML parsers, SMTP headers, program arguments, etc Injection flaws tend to be easier to discover when examining source code than via testing… Read More
16) A network or host designed to attract malicious users away from actual sensitive materials, is known as what?
A honeypot is used to try and lead a hacker away from real content, and is monitored to detect any unauthorized access.
This question is filed under objective 2, Compliance and Operational Security
In computer terminology, a honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems Generally, a honeypot consists of data (for example, in a network site) that appears to be a legitimate part of the site and contain information or resources of value to attackers It is actually isolated, monitored, and capable of blocking or analyzing the attackers This is similar to police sting operations, colloquially known as "baiting" a suspect … Read More
17) The employees at the company you work for are complaining about receiving a lot of emails advertising services and goods. What are they experiencing?
The employees are receiving advertisements and other mail unrelated to them, this is known as spam or junk mail. Whaling and Phishing attempts to trick users into providing confidential data. Bluesnarfing is the unauthorized access of data through Bluetooth.
This question is filed under objective 3, Threats and Vulnerabilities
Email spam, also referred to as junk email, is unsolicited messages sent in bulk by email (spamming) The name comes from a Monty Python sketch in which the name of the canned pork product Spam is ubiquitous, unavoidable, and repetitive Email spam has steadily grown since the early 1990s, and by 2014 was estimated to account for around 90% of total email trafficSince the expense of the spam is borne mostly by the recipient, it is effectively postage due advertising This makes it an excellent example of a negative externalityThe legal definition and status of spam varies from one jurisdiction to another, but nowhere have laws and lawsuits been particularly successful in stemming spam… Read More
18) Why would your business conduct a penetration test on it's network?
Penetration testing is an active test, in which some one attempts to penetrate a network solely for security reasons. Any security holes will be addressed afterwords.
This question is filed under objective 2, Compliance and Operational Security
A penetration test, colloquially known as a pen test, pentest or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system this is not to be confused with a vulnerability assessment The test is performed to identify weaknesses (also referred to as vulnerabilities), including the potential for unauthorized parties to gain access to the system's features and data, as well as strengths, enabling a full risk assessment to be completed The process typically identifies the target systems and a particular goal, then reviews available information and undertakes various means to attain that goal… Read More
19) Which of the following terms describes installing an Operating System inside of a host Operating System?
Virtualization is a broad term used to describe the use of virtual hardware. This can be to install an operating system or emulator, or to run a software that would not otherwise be compatible with an OS.
This question is filed under objective 4, Application, Data and Host Security
In computing, virtualization or virtualisation (sometimes abbreviated v12n, a numeronym) is the act of creating a virtual (rather than actual) version of something, including virtual computer hardware platforms, storage devices, and computer network resources Virtualization began in the 1960s, as a method of logically dividing the system resources provided by mainframe computers between different applications Since then, the meaning of the term has broadened … Read More
20) Which of the following terms would be used when configuring a firewall to allow certain traffic to pass unobstructed?
Creating a firewall exception will allow that program or data on that port to bypass the firewall. Allowing a session and establishing a tunnel both refer to creating a connection (for example creating an SSH connection). Creating an AP would be creating an Access Point in a wireless network.
This question is filed under objective 1, Network Security
In computer security, an access-control list (ACL) is a list of permissions associated with a system resource (object) An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects Each entry in a typical ACL specifies a subject and an operation For instance, if a file object has an ACL that contains (Alice: read,write Bob: read), this would give Alice permission to read and write the file and only give Bob permission to read it … Read More
You can go back and review your answers or grade your test.