Security+ Practice Quiz : SY0-301
This practice test contains 15 questions and answer explanations, excerpted from Mike Meyers' CompTIA Security+™ Certification Passport, Third Edition (Exam SY0-301), (McGraw-Hill, 2011) with permission from McGraw-Hill.
Question 1:
It has been discovered that a former member of the IT department who switched to the development team still has administrative access to many major network infrastructure devices and servers. Which of the following mitigation techniques should be implemented to help reduce the risk of this event recurring?
Question 2:
You are collecting forensic evidence from a recent network intrusion, including firewall logs, access logs, and screen captures of the intruder’s activity. Which of the following concepts describes the procedures for preserving the legal ownership history of evidence from the security incident?
Question 3:
You have implemented a backup plan for your critical file servers, including proper media rotation, backup frequency, and offsite storage. Which of the following must be performed on a regular basis to ensure the validity and integrity of your backup system?
Question 4:
When you connect to a secure HTTPS web page, which of the following actions is performed first?
Question 5:
You need to renew your company’s certificate for its public web server. When should you renew the certificate?
Question 6:
You have had a rash of hacking incidents where weak employee passwords are being hacked through brute-force methods and unauthorized users are gaining access to the network. Which of the following security policies is most efficient for preventing brute-force hacking attempts on employee passwords?
Question 7:
You are setting up a single sign-on authentication system for a large, enterprise network of 5000 users. Which of the following authentication methods would you use?
Question 8:
You have been tasked by your manager to perform an evaluation of the benefits of using virtualization in your QA testing environment. Which of the following is an advantage of using virtual machines in terms of security and cost efficiency?
Question 9:
During a denial-of-service attack, a network administrator blocks the source IP with the firewall, but the attack continues. What is the most likely cause of the problem?
Question 10:
To further secure your wireless network, you implement MAC address filtering. Which of the following statements describes the wireless network behavior after you enable MAC address filtering?
Question 11:
You have recently installed antivirus software on several client workstations and performed a full scan of the systems. One of the systems was infected with a virus less than an hour after the installation of the software. Which of the following is the most likely issue?
Question 12:
An executive is traveling with his laptop computer to a conference. The contents of his laptop contain very confidential product information, including development specifications and product road maps. Which of the following techniques can be implemented to protect the confidentiality of the data on the laptop?
Question 13:
Your building’s physical security is very critical, and you need to implement procedures to deal with security issues in the event of a malfunction with the security card access control system or a power outage. For maximum security, which of the following concepts should you use in your implementation?
Question 14:
You are designing a new web application service for your company. After an initial design review, it is discovered that a number of attack surfaces have been revealed that go well beyond the initial baseline proposed for the application, including unneeded network services that are enabled. What should you do?
Question 15:
A user has brought her company laptop back from a business trip and the user indicates the laptop is not acting correctly and might have a virus. Which of the following should be performed?
Congratulations, you have completed this quiz!