This free CompTIA Security+ practice exam covers basic knowledge in the field of Information Systems Security. To pass the CompTIA Security+ exam, a candidate will need knowledge in Network Security, Compliance and operational security, threats and vulnerabilities, access control and identity management, cryptography, and application, data, and host security. This free practice test will test your knowledge and readiness for the CompTIA Security+ Examination.
1) You are working as a security consultant for a small company. The owner of the company states they were recently targeted by hackers who gained access to their email account. Since then the attackers have taken control of the companies website and have stated they will only return control to the company after receiving a payment. The hosting provider has stated the web servers are not infected and no unusual logins have occurred. Despite this users are reporting they cannot access the companies website. Based on this information, what type of attack has occurred to the website?
2) You are the resident IT within your family. While relaxing and enjoying a family Thanksgiving dinner your sweet old Grandmother mentions that Microsoft called her cell phone and helped her with a virus on her computer. You explain to her that Microsoft does not call people directly to help with computer issues and that she was likely targeted by a malicious attacker. You scan her computer for viruses and find several. Your poor sweet old Grandmother was a victim of what type of attack?
3) During a regular security scan of the network you find that several user laptops are infected with the same malware. After cross-referencing the laptop users with the reverse proxy logs you find that they all accessed a industry news website the day before. You believe your organization may have been specifically targeted for this malware. What type of attack would best describe this theory?
4) You work for a large national realty company in the networking department. Recently your department received a help desk call from a smaller satellite office stating their WiFi is no longer working. The trouble ticket was escalated to you because company policy does not allow wireless networks. After further investigation you learn that an employee in the office setup a simple wireless router themselves. Which option best defines this situation?
5) During routine security checks you discover that a wireless access point is setup on the outside of your employer's office building. The access point has the same SSID as the internal WiFi network but is unsecured to allow anyone access. What type of attack have you discovered?
6) A smaller online retailer is experiencing huge numbers of requests on their websites. They are not running any major marketing campaigns and while seeing a lot of traffic are not seeing a rise in sales or logins. Eventually their web servers become overloaded and users are unable to load pages on the website. What type of attack most likely occurred?
7) Your employer allows BYOD because the companies software landscape is entirely based on SaaS applications on the internet. Recently an employee's various accounts were accessed by a hacker. The user tells you they had different passwords for all of the applications. No one else has reported similar issues. After helping the user conduct a malware scan on their personnel device you find that they have malware that records input given to the PC by the user. What option best describes the type of malware found?
8) Which regulation in the United States would apply to a healthcare organization and require they protect the confidentially of patient data?
9) Your employer is planning to place wireless devices at the entrance of their retail locations. The devices will use WiFi to connect to the store's wireless network and use beams of light to detect when someone enters through the entrance. Other than WiFi, what type of wireless communication is being used?
10) What type of DOS attack sends a large number of new TCP requests to a server in order to overwhelm it with unused open sessions?
11) You are observing an outage of your employers website. While investigating the cause of the outage you learn that there is a large-scale DDOS attack that has caused network outages for large percentages of the internet. The attack is targeting key infrastructure of major web service providers. According to news sources the attackers are sending huge numbers of requests to open DNS servers with spoofed IP addresses. The responses from the DNS servers are sent to the spoofed IP addresses which have resulted in network outages due to overwhelmed infrastructure. What type of attack is being conducted?
12) You have ordered a penetration test on the companies website from a 3rd party IT Security consultant. Your web administration team has created a stand-alone test network to ensure the penetration tests due not cause issues on the live website. Other than the IP address of the web server you have not provided the penetration testers with any information. What type of test best describes this scenario?
13) You are responsible for application security for a small startup. You are responsible for conducting regular penetration tests. Recently the startup has faced some budget issues and lacks the funds to create a stand alone system to be used for vulnerability scanning applications. Due to this constraint you must conduct vulnerability scans on the live system (the same one being used by customers). What type of scan should be used to ensure vulnerabilities are found but not executed?
14) You are conducting a penetration test on a web application recently purchased by the HR department of your employer. You find that when creating a new user account in the Web UI you can delete data from the database by entering '; DROP TABLE Users' into the field for the user account. What type of vulnerability have you discovered?
15) Your bank has contacted you and informed you they recognized an unusual login with your username and password on their website. As a precaution they have locked your account and stated the login came from a foreign country. You run a security scan on your PC which finds malware. The description of the malware states that it intercepts normal web traffic from your browser executable. What type of attack best describes this?
16) What option would create a new ACL entry that would deny any port 80 HTTP traffic?
17) A lazy programmer at a startup was recently fired for sleeping at their cubicle. Angry about being fired and wanting revenge, the programmer accessed the admin panel the startups website using a method they previously programmed into the application before being fired. With access to the admin panel the former employee was able to delete user account from the database which caused a lot of issues for the company. Which of the following options best describes the methodology of the attack?
18) Which option best describes the following situation: An attacker has intercepted network packets between a browser and web server. The attack then re-transmits the intercepted data to the web server hoping the server will respond with useful information (e.g. a session id, credit card information, etc.).
19) You have been called to the office of the CEO for a confidential meeting. In the meeting the CEO informs you he 'has a virus that won't let him login without paying a fee.' You begin to investigate the issue and find that the CEO downloaded a file from a website a friend shared on a social media site. After downloading the file his computer restarted and now will not allow anyone to login unless they enter credit card information. Which option best describes the attack used in this scenario based on the information available?
20) Your coworker is out sick due to an illness. In his absence you have received the results of a vulnerability scan he ordered from an external provider. Unfortunately your coworker did not give you any information on what type of scan was conducted or what methods were used. The results show that 3 injection vulnerabilities were identified but are only possible when attempted from an authenticated user account. Based on the information you have, what type of vulnerability scan was most likely completed?
You can go back and review your answers or grade your test.