This free CompTIA Security+ practice exam covers basic knowledge in the field of Information Systems Security. To pass the CompTIA Security+ exam, a candidate will need knowledge in Network Security, Compliance and operational security, threats and vulnerabilities, access control and identity management, cryptography, and application, data, and host security. This free practice test will test your knowledge and readiness for the CompTIA Security+ Examination.
1) Which of the following terms would be used when configuring a firewall to allow certain traffic to pass unobstructed?
Creating a firewall exception will allow that program or data on that port to bypass the firewall. Allowing a session and establishing a tunnel both refer to creating a connection (for example creating an SSH connection). Creating an AP would be creating an Access Point in a wireless network.
This question is filed under objective 1, Network Security
An access-control list (ACL), with respect to a computer file system, is a list of permissions associated with an object An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects Each entry in a typical ACL specifies a subject and an operation For instance, if a file object has an ACL that contains (Alice: read,write Bob: read), this would give Alice permission to read and write the file and Bob to only read it … Read More
2) A network or host designed to attract malicious users away from actual sensitive materials, is known as what?
A honeypot is used to try and lead a hacker away from real content, and is monitored to detect any unauthorized access.
This question is filed under objective 2, Compliance and Operational Security
In computer terminology, a honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems Generally, a honeypot consists of data (for example, in a network site) that appears to be a legitimate part of the site that seems to contain information or a resource of value to attackers, but actually, is isolated and monitored and, enables blocking or analyzing the attackers This is similar to police sting operations, colloquially known as "baiting" a suspect… Read More
3) Which of the following descriptions best defines the principle of implicit deny?
Implicit Deny is a security stance that prevents an action (network traffic, file access, etc) unless it is explicitly given. For example, network traffic will all be denied by a firewall unless a rule is given to allow traffic from the source and destination IP addresses.
This question is filed under objective 1, Network Security
4) Which of the following standard protocols utilizes the 802.11i standard?
IEEE standard 802.11i, was designed to replace WEP in wireless encryption/authentication. It is commonly known as WPA2 or WiFi Protected Access 2.
This question is filed under objective 1, Network Security
Wi-Fi Protected Access (WPA), Wi-Fi Protected Access II (WPA2), and Wi-Fi Protected Access 3 (WPA3) are three security and security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks The Alliance defined these in response to serious weaknesses researchers had found in the previous system, Wired Equivalent Privacy (WEP)WPA (sometimes referred to as the draft IEEE 80211i standard) became available in 2003 The Wi-Fi Alliance intended it as an intermediate measure in anticipation of the availability of the more secure and complex WPA2, which became available in 2004 and is a common shorthand for the full IEEE 802… Read More
5) Which networking device makes it very easy for a malicious user to receive and save packets that were not intended for their workstation?
A HUB forwards all packets out all interfaces, except the one the packet was received on. This means information sent from Host A to Host B, is very easily intercepted by Host C. Even if Host C wasn't addressed in the data header. A HUB is considered a layer 1 (Physical Layer) device in the OSI Model.
This question is filed under objective 1, Network Security
An Ethernet hub, active hub, network hub, repeater hub, multiport repeater, or simply hub is a network hardware device for connecting multiple Ethernet devices together and making them act as a single network segment It has multiple input/output (I/O) ports, in which a signal introduced at the input of any port appears at the output of every port except the original incoming A hub works at the physical layer (layer 1) of the OSI model A repeater hub also participates in collision detection, forwarding a jam signal to all ports if it detects a collision In addition to standard 8P8C ("RJ45") ports, some hubs may also come with a BNC or an Attachment Unit Interface (AUI) connector to allow connection to legacy 10BASE2 or 10BASE5 network… Read More
6) A DoS attack can be defined as what?
DoS (Denial of Service) attacks are normally done in large numbers (Distributed-DoS) and attempt to overload a service, such as an http server, so that the server can no longer do it's normal function and is rendered inoperable.
This question is filed under objective 3, Threats and Vulnerabilities
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilledIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources This effectively makes it impossible to stop the attack simply by blocking a single source… Read More
7) Which of the following terms describes installing an Operating System inside of a host Operating System?
Virtualization is a broad term used to describe the use of virtual hardware. This can be to install an operating system or emulator, or to run a software that would not otherwise be compatible with an OS.
This question is filed under objective 4, Application, Data and Host Security
In computing, virtualization refers to the act of creating a virtual (rather than actual) version of something, including virtual computer hardware platforms, storage devices, and computer network resources Virtualization began in the 1960s, as a method of logically dividing the system resources provided by mainframe computers between different applications Since then, the meaning of the term has broadened… Read More
8) The employees at the company you work for are complaining about receiving a lot of emails advertising services and goods. What are they experiencing?
The employees are receiving advertisements and other mail unrelated to them, this is known as spam or junk mail. Whaling and Phishing attempts to trick users into providing confidential data. Bluesnarfing is the unauthorized access of data through Bluetooth.
This question is filed under objective 3, Threats and Vulnerabilities
Email spam, also referred to as junk email, is unsolicited messages sent in bulk by email (spamming) The name comes from a Monty Python sketch in which Spam is ubiquitous, unavoidable, and repetitive Email spam has steadily grown since the early 1990s, and by 2014 was estimated to account for around 90% of total email trafficSince the expense of the spam is borne mostly by the recipient, it is effectively postage due advertising This makes it an excellent example of a negative externalityThe legal definition and status of spam varies from one jurisdiction to another, but nowhere have laws and lawsuits been particularly successful in stemming spam… Read More
9) Which of the following is not an example of biometric authentication?
A smart card is a physical token, which holds a certificate used to authenticate your identify. A pin number or password is generally required as well.
This question is filed under objective 5, Access Control and Identity Management
Biometrics are body measurements and calculations related to human characteristics Biometrics authentication (or realistic authentication) is used in computer science as a form of identification and access control It is also used to identify individuals in groups that are under surveillance Biometric identifiers are the distinctive, measurable characteristics used to label and describe individuals Biometric identifiers are often categorized as physiological versus behavioral characteristics Physiological characteristics are related to the shape of the body Examples include, but are not limited to fingerprint, palm veins, facerecognition, DNA, palmprint, handgeometry, irisrecognition, retina and odour/scent Behavioral characteristics are… Read More
10) Why would your business conduct a penetration test on it's network?
Penetration testing is an active test, in which some one attempts to penetrate a network solely for security reasons. Any security holes will be addressed afterwords.
This question is filed under objective 2, Compliance and Operational Security
A penetration test, colloquially known as a pen test, pentest or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system Not to be confused with a vulnerability assessment The test is performed to identify both weaknesses (also referred to as vulnerabilities), including the potential for unauthorized parties to gain access to the system's features and data, as well as strengths, enabling a full risk assessment to be completed The process typically identifies the target systems and a particular goal, then reviews available information and undertakes various means to attain that goal… Read More
11) Which of the following options can be used to verify data integrity?
MD5 (Message-Digest algorithm 5) is a hashing algorithm, commonly used to verify integrity when downloading or transferring files. MD5 is used before and after the file transfer and the generated 128 bit digests can be compared. If they match, the file is exactly the same. If not, some sort of error or malicious attack has occurred.
This question is filed under objective 4, Application, Data and Host Security
md5sum is a computer program that calculates and verifies 128-bit MD5 hashes, as described in RFC 1321 The MD5 hash functions as a compact digital fingerprint of a file As with all such hashing algorithms, there is theoretically an unlimited number of files that will have any given MD5 hash However, it is very unlikely that any two non-identical files in the real world will have the same MD5 hash, unless they have been specifically created to have the same hashThe underlying MD5 algorithm is no longer deemed secure Thus, while md5sum is well-suited for identifying known files in situations that are not security related, it should not be relied on if there is a chance that files have been purposefully and maliciously tampered… Read More
12) Several high level executives at a business have been targeted by phishing attacks. Which of the following terms describes this type of phishing?
Whaling (sometimes called spear phishing) is a phishing attack targeted at high level employees of a company or organization.
This question is filed under objective 3, Threats and Vulnerabilities
Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords and credit card details, by disguising oneself as a trustworthy entity in an electronic communication Typically carried out by email spoofing, instant messaging, and text messaging, phishing often directs users to enter personal information at a fake website which matches the look and feel of the legitimate sitePhishing is an example of social engineering techniques used to deceive users Users are lured by communications purporting to be from trusted parties such as social web sites, auction sites, banks, colleagues/executives, online payment processors or IT administrators… Read More
13) You are creating a new network for your company, you only want to purchase one public IP but have many hosts that will be on the network. What will ensure this is possible?
PAT (Port Address Translation) uses TCP Port numbers to "translate" a group of private IP addresses to a single public IP addresses (one to many). You may also see this one-to-many IP translation called Network Address Translation (NAT) with overload. Both would be acceptable answers here and the terms are both commonly used by different vendors.
This question is filed under objective 1, Network Security
Network address translation (NAT) is a method of remapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device The technique was originally used to avoid the need to assign a new address to every host when a network was moved, or when the upstream Internet service provider was replaced, but could not route the networks address space It has become a popular and essential tool in conserving global address space in the face of IPv4 address exhaustion One Internet-routable IP address of a NAT gateway can be used for an entire private network… Read More
14) Which of the following choices can be described as a type of social engineering?
Vishing (Voice Phishing) is a type of phishing attack that uses a telephone or VOIP call to trick an unsuspecting user into divulging important information. Xmas Attack, MAC Spoofing and DDoS are not examples of social engineering, but are malicious attacks.
This question is filed under objective 3, Threats and Vulnerabilities
Voice phishing is a form of criminal phone fraud, using social engineering over the telephone system to gain access to private personal and financial information for the purpose of financial reward It is sometimes referred to as 'vishing' - a portmanteau of "voice" and phishing Landline telephone services have traditionally been trustworthy terminated in physical locations known to the telephone company, and associated with a bill-payer Now however, vishing fraudsters often use modern Voice over IP (VoIP) features such as caller ID spoofing and automated systems (IVR) to make it difficult for legal authorities to monitor, trace or block Voice phishing is typically used to steal credit card numbers or other information used in identity… Read More
15) Which of the following terms involves the sending and receiving of unsolicited messages over Bluetooth?
Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices. Bluesnarfing is the unauthorized access to data over Bluetooth.
This question is filed under objective 3, Threats and Vulnerabilities
Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (ie, for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol Bluetooth has a very limited range, usually around 10 metres (328 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters … Read More
16) You have been tasked with finding and installing an enterprise SNMP solution. Which of the following properly describes the purpose and use of SNMP?
SNMP (Simple Network Management Protocol) is a standard protocol used to automatically monitor network equipment.
This question is filed under objective 2, Compliance and Operational Security
Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior Devices that typically support SNMP include cable modems, routers, switches, servers, workstations, printers, and moreSNMP is widely used in network management for network monitoring SNMP exposes management data in the form of variables on the managed systems organized in a management information base (MIB) which describe the system status and configuration These variables can then be remotely queried (and, in some circumstances, manipulated) by managing applications Three significant versions of SNMP have been developed and… Read More
17) PKI uses what type of encryption?
PKI, or Public-Key-Infrastructure uses asymmetric encryption. There is a public key, and a private key, anything encrypted with a key can only be decrypted with the opposing key.
This question is filed under objective 6, Cryptography
Public-key cryptography, or asymmetric cryptography, is a cryptographic system that uses pairs of keys: public keys, which may be disseminated widely, and private keys, which are known only to the owner The generation of such keys depends on cryptographic algorithms based on mathematical problems to produce one-way functions Effective security only requires keeping the private key private the public key can be openly distributed without compromising securityIn such a system, any person can encrypt a message using the receiver's public key, but that encrypted message can only be decrypted with the receiver's private key Robust authentication is also possible… Read More
18) Which of the following protocols is a tunnel encryption used as a secure alternative to telnet?
Secure Shell, is a tunnel encryption using port 22. It is commonly used as a secure alternative to telnet. SSH can also be used to encrypt just about any plain-text protocol, for example FTP over SSH. Secure Socket Layer (SSL) and Transport Security Layer (TLS) are very similar to SSH but are most commonly used in HTTPS. Blowfish is an older, but still common symmetric-key block cipher.
This question is filed under objective 4, Application, Data and Host Security
Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network Typical applications include remote command-line, login, and remote command execution, but any network service can be secured with SSH SSH provides a secure channel over an unsecured network by using a client–server architecture, connecting an SSH client application with an SSH server The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2 The standard TCP port for SSH is 22 SSH is generally used to access Unix-like operating systems, but it can also be used on Microsoft Windows Windows 10 uses OpenSSH as its default SSH client and SSH server… Read More
19) Which of the following terms properly describes the term Wardriving?
Wardriving is the act of searching for unsecured WiFi network in a moving vehicle using a mobile device such as a laptop or smartphone.
This question is filed under objective 3, Threats and Vulnerabilities
Wardriving is the act of searching for Wi-Fi wireless networks, usually from a moving vehicle, using a laptop or smartphone Software for wardriving is freely available on the internet Warbiking, warcycling, warwalking and similar use the same approach but with other modes of transportation … Read More
20) Using programming or scripting in an input field, in an attempt to find a vulnerability, is known as what?
An injection is when a hacker uses a computer language such as PHP, JavaScript, or SQL in an input field to trick a program into running the injected script, thus taking control of the program.
This question is filed under objective 3, Threats and Vulnerabilities
Code injection is the exploitation of a computer bug that is caused by processing invalid data Injection is used by an attacker to introduce (or "inject") code into a vulnerable computer program and change the course of execution The result of successful code injection can be disastrous, for example by allowing computer worms to propagate Code injection vulnerabilities occur when an application sends untrusted data to an interpreter Injection flaws are most often found in SQL, LDAP, XPath, or NoSQL queries OS commands XML parsers, SMTP headers, program arguments, etc Injection flaws tend to be easier to discover when examining source code than via testing… Read More
You can go back and review your answers or grade your test.