SECURITY+ SY0-301 PRACTICE QUIZ

This practice test contains 15 questions and answer explanations, excerpted from Mike Meyers' CompTIA Security+ Certification Passport, Third Edition (Exam SY0-301), (McGraw-Hill, 2011) with permission from McGraw-Hill.

Question 1:
It has been discovered that a former member of the IT department who switched to the development team still has administrative access to many major network infrastructure devices and servers. Which of the following mitigation techniques should be implemented to help reduce the risk of this event recurring?

A. DLP B. Incident management and response policy C. Change management notifications D. Regular user permission and rights reviews

Question 2:
You are collecting forensic evidence from a recent network intrusion, including firewall logs, access logs, and screen captures of the intruders activity. Which of the following concepts describes the procedures for preserving the legal ownership history of evidence from the security incident?

A. Damage control B. Audit trail C. Escalation D. Chain of custody

Question 3:
You have implemented a backup plan for your critical file servers, including proper media rotation, backup frequency, and offsite storage. Which of the following must be performed on a regular basis to ensure the validity and integrity of your backup system?

A. Periodic testing of restores B. Multiple monthly backup media C. Purchasing of new media D. Updating the backup application software

Question 4:
When you connect to a secure HTTPS web page, which of the following actions is performed first?

A. The username and password are sent for authentication. B. A digital certificate establishes the web site identity to the browser.

C. The web page is displayed, and then authentication is performed. D. The client establishes its identity to the web server.

Question 5:
You need to renew your companys certificate for its public web server. When should you renew the certificate?

A. On its expiry date B. After it expires C. After its revoked D. Thirty days before expiry

Question 6:
You have had a rash of hacking incidents where weak employee passwords are being hacked through brute-force methods and unauthorized users are gaining access to the network. Which of the following security policies is most efficient for preventing brute-force hacking attempts on employee passwords?

A. Password rotation B. Password length and complexity restrictions C. Password expiration D. Limiting logon attempts

Question 7:
You are setting up a single sign-on authentication system for a large, enterprise network of 5000 users. Which of the following authentication methods would you use?

A. Local login and password database B. Login and password with a security token C. LDAP server D. Smart card with PIN number

Question 8:
You have been tasked by your manager to perform an evaluation of the benefits of using virtualization in your QA testing environment. Which of the following is an advantage of using virtual machines in terms of security and cost efficiency?

A. It reduces the need to install OS software updates. B. Multiple operating systems can be installed and run in their own separate, secure area on a single hardware device. C. It helps secure the hardware from unauthorized access. D. Antivirus and other security software only have to be installed once.

Question 9:
During a denial-of-service attack, a network administrator blocks the source IP with the firewall, but the attack continues. What is the most likely cause of the problem?

A. The denial-of-service worm has already infected the firewall locally. B. The attack is coming from multiple, distributed hosts. C. A firewall cant block denial-of-service attacks. D. Antivirus software needs to be installed.

Question 10:
To further secure your wireless network, you implement MAC address filtering. Which of the following statements describes the wireless network behavior after you enable MAC address filtering?

A. It allows wireless access only for specified MAC addresses. B. It prevents wireless access only from specified MAC addresses. C. It encrypts only specified wireless device MAC addresses. D. It encrypts only MAC addresses not specified.

Question 11:
You have recently installed antivirus software on several client workstations and performed a full scan of the systems. One of the systems was infected with a virus less than an hour after the installation of the software. Which of the following is the most likely issue?

A. The virus was already pre-existing on the system. B. Antivirus signatures need to be updated. C. The virus could only be blocked by a pop-up blocker. D. Operating system software was out of date.

Question 12:
An executive is traveling with his laptop computer to a conference. The contents of his laptop contain very confidential product information, including development specifications and product road maps. Which of the following techniques can be implemented to protect the confidentiality of the data on the laptop?

A. Make sure all software is up to date. B. Password-protect the laptop BIOS. C. Move the confidential documents to a USB key. D. Encrypt the hard drive using a TPM.

Question 13:
Your buildings physical security is very critical, and you need to implement procedures to deal with security issues in the event of a malfunction with the security card access control system or a power outage. For maximum security, which of the following concepts should you use in your implementation?

A. Surveillance video B. Failopen security C. Security guards D. Failsafe security

Question 14:
You are designing a new web application service for your company. After an initial design review, it is discovered that a number of attack surfaces have been revealed that go well beyond the initial baseline proposed for the application, including unneeded network services that are enabled. What should you do?

A. Rework the initial baseline. B. Perform a black box test. C. Reduce attack surfaces by removing unneeded services from the design. D. Reduce the attack surfaces during actual coding.

Question 15:
A user has brought her company laptop back from a business trip and the user indicates the laptop is not acting correctly and might have a virus. Which of the following should be performed?

A. Connect the laptop to the network and scan the laptop. B. Use bootable media to run an antivirus scan on the laptop. C. Reinstall the operating system. D. Back up the users hard drive to a new laptop.