CompTIA Security+ Certification Practice
Exams Questions with correct Answers
(A+ GRADED 100% VERIFIED)
199.126.19.71 is an example of which type of address?
A. IPv4
B. Port
C. IPv6
D. MAC - ANSWER: A
A busy web site has not been responding well because of the large volumes of
HTTP connections to the web server. Which solution would increase web server
performance?
A. Add more RAM to the web server.
B. Install two web servers hosting the same content. Configure a load balancer to
distribute incoming HTTP connections between the two web servers.
C. Place a router between the web server and the Internet to throttle incoming HTTP
connections.
D. Enable SSL on the web server. - ANSWER: B
A corporate security policy emphasizes data confidentiality, and you must configure
computing devices accordingly. What should you do? (Choose two.)
A. Install smartcard readers so users can identify themselves before sending
important e-mail messages.
B. Enforce SD card encryption on smart phones issued to employees.
C. Configure a server failover cluster to ensure sensitive documents are always
available.
D. Set file and folder permissions to control user file access. - ANSWER: B, D
A hacker is sitting in an Internet cafe and ARP poisons everyone connected to the
wireless network so that all traffic passes through the hacker's laptop before she
routes the traffic to the Internet. What type of attack is this?
A. Rainbow tables
B. Man in the middle
C. DNS poison
D. Spoofing - ANSWER: B
A large corporation requires new employees to present a driver's license and
passport to a security officer before receiving a company-issued laptop. Which
security principle does this map to?
,A. Authorization
B. Confidentiality
C. Identification
D. Custodian - ANSWER: C
A network administrator places a network appliance on the DMZ network and
configures it with various security thresholds, each of which will notify the IT group
via e-mail. The IT group will then adhere to the incident response policy and take
action. What will be triggered when any of these thresholds is violated?
A. Alarm
B. Alert
C. Remediation
D. Input validation - ANSWER: A
A network security audit exposes three insecure wireless routers using default
configurations. Which security principle has been ignored?
A. Application patch management
B. Device hardening
C. Input validation
D. Principle of least privilege - ANSWER: B
A piece of malicious code uses dictionary attacks against computers to gain access
to administrative accounts. The code then links compromised computers together for
the purpose of receiving remote commands. What term best applies to this malicious
code?
A. Exploit
B. Botnet
C. Logic bomb
D. Backdoor - ANSWER: B
A RADIUS server is used to authenticate your wireless network users. While creating
a new user account, you notice there are many more user accounts than actual
users. What should be done?
A. Delete all accounts not linked to a user.
B. Disable all accounts not linked to a user.
C. Verify how accounts are used and then delete unnecessary accounts.
D. Verify how accounts are used and then disable unnecessary accounts. -
ANSWER: D
A shipment of new Windows computers has arrived for Accounting department
employees. The computers have the operating system preinstalled but will require
additional financial software. In which order should you perform all of the following?
A. Join the Active Directory domain.
B. Apply all operating system patches.
,C. Ensure the virus scanner is up to date.
D. Log in to the Active Directory domain to receive Group Policy security settings.
E. Install the additional financial software. - ANSWER: C. Ensure the virus scanner
is up to date.
B. Apply all operating system patches.
A. Join the Active Directory domain.
D. Log in to the Active Directory domain to receive Group Policy security settings.
E. Install the additional financial software.
A user complains that their system has all of a sudden become unresponsive and
ads for various products and services are popping up on the screen and cannot be
closed. Which user actions could have led to this undesirable behavior? (Choose all
that apply.)
A. Clicking a web search result
B. Viewing a web page
C. Watching a move in AVI file format
D. Inserting a USB flash drive - ANSWER: A, B, C, D
A user on your network receives an e-mail from the bank stating that there has been
a security incident at the bank. The e-mail continues by asking the user to log on to
her bank account by following the link provided and verify that her account has not
been tampered with. What type of attack is this?
A. Phishing
B. Spam
C. Dictionary attack
D. Spim - ANSWER: A
A user reports repeated instances of Windows 7 slowing down to the point where
they can no longer be productive. You view the Windows Event Viewer logs for the
past month and notice an exorbitant amount of SMTP traffic leaving the local
machine each morning between 10 A.M. and 11 A.M. What type of analysis was
performed to learn of this anomaly?
A. Forensic
B. Trend
C. Network statistical
D. Vulnerability - ANSWER: B
A user reports USB keyboard problems. You check the back of the computer to
ensure the keyboard is properly connected and notice a small connector between
the keyboard and the computer USB port. After investigation you learn this piece of
hardware captures everything a user types in. What type of hardware is this?
A. Smartcard
B. Trojan
C. Keylogger
, D. PS/2 converter - ANSWER: C
A workstation has an IP address of 169.254.46.86. The server administrators realize
the DHCP service is offline, so they start the DHCP service. What command should
be used next on the workstation to immediately obtain a valid TCP/IP configuration?
A. ping -t
B. tracert
C. netstat -a
D. ipconfig /renew - ANSWER: D
Acme Corporation is upgrading its network routers. The old routers will be sent to the
head office before they are disposed of. What must be done to the routers prior to
disposal to minimize security breaches?
A. Change the router privileged mode password.
B. Remove DNS server entries from the router configuration.
C. Set the router to factory default settings.
D. Format the router hard drive. - ANSWER: C
After a lengthy interviewing process, your company hired a new payroll clerk named
Stacey. Stacey will be using a web browser on a company computer at the office to
access the payroll application on a public cloud provider web site over the Internet.
Which type of document should Stacey read and sign?
A. Internet acceptable use policy
B. Password policy
C. Service level agreement
D. Remote access acceptable use policy - ANSWER: A
After patching and hardening your computers, how would you determine whether
your computers are secure?
A. Performance baseline
B. Security templates
C. Penetration testing
D. Password cracking - ANSWER: C
Ahmid is a software developer for a high-tech company. He creates a program that
connects to a chat room and waits to receive commands that will gather personal
user information. Ahmid embeds this program into an AVI file for a current popular
movie and shares this file on a P2P file-sharing network. Once Ahmid's program is
activated as people download and watch the movie, what will be created?
A. Botnet
B. DDoS
C. Logic bomb
D. Worm - ANSWER: A
Exams Questions with correct Answers
(A+ GRADED 100% VERIFIED)
199.126.19.71 is an example of which type of address?
A. IPv4
B. Port
C. IPv6
D. MAC - ANSWER: A
A busy web site has not been responding well because of the large volumes of
HTTP connections to the web server. Which solution would increase web server
performance?
A. Add more RAM to the web server.
B. Install two web servers hosting the same content. Configure a load balancer to
distribute incoming HTTP connections between the two web servers.
C. Place a router between the web server and the Internet to throttle incoming HTTP
connections.
D. Enable SSL on the web server. - ANSWER: B
A corporate security policy emphasizes data confidentiality, and you must configure
computing devices accordingly. What should you do? (Choose two.)
A. Install smartcard readers so users can identify themselves before sending
important e-mail messages.
B. Enforce SD card encryption on smart phones issued to employees.
C. Configure a server failover cluster to ensure sensitive documents are always
available.
D. Set file and folder permissions to control user file access. - ANSWER: B, D
A hacker is sitting in an Internet cafe and ARP poisons everyone connected to the
wireless network so that all traffic passes through the hacker's laptop before she
routes the traffic to the Internet. What type of attack is this?
A. Rainbow tables
B. Man in the middle
C. DNS poison
D. Spoofing - ANSWER: B
A large corporation requires new employees to present a driver's license and
passport to a security officer before receiving a company-issued laptop. Which
security principle does this map to?
,A. Authorization
B. Confidentiality
C. Identification
D. Custodian - ANSWER: C
A network administrator places a network appliance on the DMZ network and
configures it with various security thresholds, each of which will notify the IT group
via e-mail. The IT group will then adhere to the incident response policy and take
action. What will be triggered when any of these thresholds is violated?
A. Alarm
B. Alert
C. Remediation
D. Input validation - ANSWER: A
A network security audit exposes three insecure wireless routers using default
configurations. Which security principle has been ignored?
A. Application patch management
B. Device hardening
C. Input validation
D. Principle of least privilege - ANSWER: B
A piece of malicious code uses dictionary attacks against computers to gain access
to administrative accounts. The code then links compromised computers together for
the purpose of receiving remote commands. What term best applies to this malicious
code?
A. Exploit
B. Botnet
C. Logic bomb
D. Backdoor - ANSWER: B
A RADIUS server is used to authenticate your wireless network users. While creating
a new user account, you notice there are many more user accounts than actual
users. What should be done?
A. Delete all accounts not linked to a user.
B. Disable all accounts not linked to a user.
C. Verify how accounts are used and then delete unnecessary accounts.
D. Verify how accounts are used and then disable unnecessary accounts. -
ANSWER: D
A shipment of new Windows computers has arrived for Accounting department
employees. The computers have the operating system preinstalled but will require
additional financial software. In which order should you perform all of the following?
A. Join the Active Directory domain.
B. Apply all operating system patches.
,C. Ensure the virus scanner is up to date.
D. Log in to the Active Directory domain to receive Group Policy security settings.
E. Install the additional financial software. - ANSWER: C. Ensure the virus scanner
is up to date.
B. Apply all operating system patches.
A. Join the Active Directory domain.
D. Log in to the Active Directory domain to receive Group Policy security settings.
E. Install the additional financial software.
A user complains that their system has all of a sudden become unresponsive and
ads for various products and services are popping up on the screen and cannot be
closed. Which user actions could have led to this undesirable behavior? (Choose all
that apply.)
A. Clicking a web search result
B. Viewing a web page
C. Watching a move in AVI file format
D. Inserting a USB flash drive - ANSWER: A, B, C, D
A user on your network receives an e-mail from the bank stating that there has been
a security incident at the bank. The e-mail continues by asking the user to log on to
her bank account by following the link provided and verify that her account has not
been tampered with. What type of attack is this?
A. Phishing
B. Spam
C. Dictionary attack
D. Spim - ANSWER: A
A user reports repeated instances of Windows 7 slowing down to the point where
they can no longer be productive. You view the Windows Event Viewer logs for the
past month and notice an exorbitant amount of SMTP traffic leaving the local
machine each morning between 10 A.M. and 11 A.M. What type of analysis was
performed to learn of this anomaly?
A. Forensic
B. Trend
C. Network statistical
D. Vulnerability - ANSWER: B
A user reports USB keyboard problems. You check the back of the computer to
ensure the keyboard is properly connected and notice a small connector between
the keyboard and the computer USB port. After investigation you learn this piece of
hardware captures everything a user types in. What type of hardware is this?
A. Smartcard
B. Trojan
C. Keylogger
, D. PS/2 converter - ANSWER: C
A workstation has an IP address of 169.254.46.86. The server administrators realize
the DHCP service is offline, so they start the DHCP service. What command should
be used next on the workstation to immediately obtain a valid TCP/IP configuration?
A. ping -t
B. tracert
C. netstat -a
D. ipconfig /renew - ANSWER: D
Acme Corporation is upgrading its network routers. The old routers will be sent to the
head office before they are disposed of. What must be done to the routers prior to
disposal to minimize security breaches?
A. Change the router privileged mode password.
B. Remove DNS server entries from the router configuration.
C. Set the router to factory default settings.
D. Format the router hard drive. - ANSWER: C
After a lengthy interviewing process, your company hired a new payroll clerk named
Stacey. Stacey will be using a web browser on a company computer at the office to
access the payroll application on a public cloud provider web site over the Internet.
Which type of document should Stacey read and sign?
A. Internet acceptable use policy
B. Password policy
C. Service level agreement
D. Remote access acceptable use policy - ANSWER: A
After patching and hardening your computers, how would you determine whether
your computers are secure?
A. Performance baseline
B. Security templates
C. Penetration testing
D. Password cracking - ANSWER: C
Ahmid is a software developer for a high-tech company. He creates a program that
connects to a chat room and waits to receive commands that will gather personal
user information. Ahmid embeds this program into an AVI file for a current popular
movie and shares this file on a P2P file-sharing network. Once Ahmid's program is
activated as people download and watch the movie, what will be created?
A. Botnet
B. DDoS
C. Logic bomb
D. Worm - ANSWER: A
