MODULE 2
Assessment Exam
In this module you’ll get the chance to see some examples of the questions you can look forward to on the Security+ exam. We’ve prepared 25 sample questions, taken from the various domain objectives, to give you a taste of what to expect. This assessment will allow you to see potential areas that you may need to focus on in your studies and will show you what areas you may already know well. Don’t worry if you don’t do as well as you expect to on this assessment—you are studying for the exam to improve your knowledge and test-taking skills in preparation for the real exam.
Assessment Questions
1. Lauren is installing a powerful database application. To make this application run more quickly and efficiently, she builds a network of computers that work together to increase processing power for this application. What is this called?
A. Clustering
B. Load balancing
C. Disaster recovery
D. Middleware
2. Max is creating a software testing strategy to identify possible security issues by using random data for input to the application. What is this technique called?
A. Agile software testing
B. Fuzzing
C. Data validation
D. Logic check
3. Which of the following administrative controls should be put in place to ensure that a company can legally dismiss any employee who is found to be misusing computing assets, without fear of legal reprisals?
A. Separation of duties
B. Principle of least privilege
C. Password expiration
D. Acceptable use policy
4. Sam is a security administrator who needs to ensure that a specific configuration is maintained on a secure server. Which of the following would he implement to ensure a standardized security configuration?
A. Security audit
B. Security baseline
C. Topology review
D. Vulnerability assessment
5. A business requires the ability to resume computing operations immediately after a disaster, if it affects the organization’s data center. Which of the following solutions would enable the business to resume operations immediately?
A. Warm site
B. Hot site
C. Cold site
D. Mirroring
6. Ben, a security engineer, wants to prevent a man-in-the-middle attack on his network. Which of the following would best prevent this kind of attack?
A. Limiting the connection MAC addresses to a single port
B. Implementing a firewall
C. Implementing encryption for all network traffic as it is transmitted and received
D. Installing a wireless sniffer
7. Sarah, who works at a customer site, sends a PGP-encrypted file to the company’s headquarters. If she used the company’s public key to encrypt the file, which of the following does the company use to decrypt the file?
A. Transport Layer Security (TLS)
B. Symmetric key
C. Digital signature
D. Private key
8. Greg, a system administrator, runs a packet sniffer that has identified a device trying to communicate to TCP port 23. Which of the following is probably occurring?
A. Someone is attempting to use the Telnet protocol.
B. Someone is attempting to communicate using the SSH protocol.
C. The traffic is encrypted.
D. The traffic requires mutual authentication.
9. Attackers sometimes spoof the hardware address of their network interface cards. Which of the following wireless security measures are they attempting to defeat when they do this?
A. 802.1X authentication
B. WPA encryption
D. WEP encryption
10. Adam, a security administrator, just received a telephone request to change a user’s password. The user did not provide verification of his identity, and insisted that he needed the password changed immediately. What type of attack could be in progress?
A. Social engineering
B. Dictionary attack
C. Man-in-the-middle attack
D. Brute-force password hacking
11. Before a system administrator upgrades to a more current operating system version on all of the routers in the company, which of the following actions must be completed?
A. The change must be approved by the incident management team.
B. Management must sign-off that the operating system is the latest available.
C. The user population must be consulted and give their approval.
D. The request must be approved through the change management process.
12. Barbara, a newly hired system administrator, discovered that a company web server was allowing the use of weak ciphers to communicate during secure web application sessions with users. She can improve the security of the web server by disabling which of the following?
A. TLS 1.0
B. SSL 3.0
C. RC4
D. AES
13. What are the three common information security goals?
A. Confidentiality, integrity, and availability
B. Continuity, integrity, and availability
C. Continuity, integrity, and authentication
D. Confidentiality, integrity, and authentication
14. Dawn, a security analyst, needs to be able to review logs from different types of hosts all across the company’s infrastructure. Which of the following should she use to accomplish this?
A. Packet analyzer
B. SIEM software
C. Honeynet
D. Vulnerability scanner
15. Bobby, a system administrator, just returned to work from vacation and is concerned that his temporary replacement didn’t apply the latest operating system patches to several of the company’s servers. Which of the following would be the best assessment for him to perform?
A. Baseline review
B. Risk analysis
C. Vulnerability scan
D. Threat modeling
16. Amy, a security administrator, suspects that two people in engineering are working together to get access to controlled information that they might otherwise not be able to access individually. Which of the following controls could be implemented to discover if they are working together?
A. Mandatory vacation policy
B. Containment strategies
C. Password expiration policy
D. Threat control
17. Meghan is designing a data center and wants to make sure that all the equipment is kept at the right temperature. Which of the following should she implement as an effective way to ensure the best temperature for all the equipment?
A. Raised floors
B. False ceilings
C. Redundant power
D. Hot and cold aisle containment
18. Tim is an employee who has been spending a significant amount of work time on gaming sites, such as “World of Warcraft,” online fantasy football, and gambling web sites. Which of the following would best prevent those sites from being accessed from the company network?
A. URL content filter
B. Firewall
C. Spam filter
D. Ad-blocking software
19. Which RAID version prevents data loss in the event of failure of two drives?
A. RAID 5
B. RAID 0
C. RAID 6
D. RAID 1
20. Antivirus software does not identify which of the following?
A. Trojans
B. Logic bombs
C. Polymorphic viruses
D. Adware
21. Kelly needs to send an e-mail securely using public and private keys, but he has never communicated with the recipient in this manner. What must Kelly do before he can send the message to this recipient?
A. Send a plaintext message to the recipient.
B. Export the recipient’s public key.
C. Import the recipient’s private key.
D. Ensure that the recipient can verify his electronic signature.
22. Which of the following trust models is an alternative to Public Key Infrastructure?
A. Web of trust
B. Self-signed trust
C. SSL
D. Private keys
23. Bobby, the network administrator, was informed that Mike had been fired for e-mailing threatening messages to politicians via a work computer. What does Bobby need to consider when securing the computer for law enforcement?
A. Incident response
B. Chain of custody
C. Disaster recovery
D. Backups
24. Your company CEO wants to allow the use of personal smart phones and tablets within the organization as a cost-saving measure. Which of the following provides for centralized management of mobile devices within the organization’s infrastructure?
A. NAC
B. MDM
C. MAC
D. PKI
25. Jessica, an employee who has access to sensitive areas within the company’s facility, has just been terminated for deleting unfavorable performance reports written about her from the company’s HR database. Which of the following actions should be taken immediately to ensure that she no longer has access to sensitive company data or systems? (Choose all that apply.)
A. She should be escorted throughout facility until she leaves.
B. All of her access badges and cards should be revoked.
C. All of her user accounts should be locked.
D. She should be given adequate time to clean out her desk and copy her personal information from her company computer.
Answers
1. A. A cluster is a group of computers used together to provide increased computing power for its users.
2. B. Fuzzing is a technique used to test software applications and is conducted by sending random data to the application to determine what type of response the application will provide.
3. D. An acceptable use policy is an administrative control used to inform users of what they are allowed to do and not allowed to do on company computer assets, as well as what the consequences for their actions will be. Because the consequences may include termination from employment, the acceptable use policy serves as a way for companies to fulfill their legal obligations with regard to employment. Employees are usually required to sign a copy of the acceptable use policy stating that they understand what is required of them and the consequences of their actions.
4. B. A security baseline is a standardized set of configuration items that must be maintained across operating systems and platforms throughout the infrastructure.
5. B. A hot site is an alternative processing site that allows a business to resume immediate operations after a disaster. It contains all of the equipment, utilities, and data necessary for a very fast recovery.
6. C. Implementing strong encryption is the best protection against man-in-the-middle attacks.
7. D. Any file encrypted with the public key in a pair can be decrypted only with the private key of the same pair.
8. A. Someone is attempting to communicate across the network using the Telnet protocol, which uses TCP port 23.
9. C. Spoofing the hardware address of the wireless card is an attempt to bypass MAC filtering, since computers can be allowed or denied access to the network based upon their wireless network card’s hardware (MAC) address.
10. A. A social engineering attack could be in progress, since the user cannot be positively identified and has attempted to get the administrator to change the password over the telephone.
11. D. The change must be vetted through the change management process, to include testing the change in a non-production environment and obtaining the approval from the change control board.
12. B. All versions of the Secure Sockets Layer (SSL) protocol are considered non-secure and should be disabled. The Transport Layer Security protocol must be used in its place whenever possible. Neither AES nor RC4 are protocols used during secure web sessions.
13. A. The three common information security goals are confidentiality, integrity, and availability (CIA).
14. B. Security Information Event Management (SIEM) software is used to centrally collect and analyze logs from a wide variety of sources and hosts across an organization’s entire network.
15. C. A vulnerability assessment would quickly indicate if any security patches are missing from the servers, as well as any other vulnerabilities the servers may have.
16. A. A mandatory vacation policy would enable the organization to separate the two engineers, audit access to the controlled information, and determine whether or not they had colluded to gain unauthorized access to the information.
17. D. Meghan should consider the use of hot and cold aisles in her data center design, because they enable a controlled flow of both hot and cold air in and around the equipment.
18. A. A URL content filter would prevent Tim from accessing gaming sites from the company’s internal network.
19. C. RAID 6 can ensure that data is preserved, even if more than one drive fails in an array.
20. B. Logic bombs are scripts that are designed to execute at a particular time, or under particular circumstances, automatically. Although they typically perform malicious actions, they are not malicious code, per se, and would not be detected by an antivirus solution.
21. D. Before Kelly can send a secure e-mail, he must ensure that the recipient of the e-mail can verify his electronic signature, using his public key. He can either send the public key to the recipient via a digitally signed e-mail, or the recipient must download the key from a centrally stored location.
22. A. The “web of trust,” which is used extensively with PGP, is an alternative to the standard PKI model.
23. B. A chain of custody ensures that evidence is secure and accounted for during receipt, storage, analysis, and transfer to other parties.
24. B. Mobile device management, or MDM, comprises the policies and technologies that allow an organization to centrally control the use of mobile devices that connect to the company’s network.
25. A, B, C. Jessica should not be allowed to walk through the facility unescorted, all access badges and cards should be revoked, and all of her user accounts should be locked. She should not be allowed to access her computer, because she may either steal or corrupt data, or damage systems.