Scribd
Upload
39 views3 pages

Security+ Practice Exam 2: Questions 1-20

Uploaded by

John
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
39 views3 pages

Security+ Practice Exam 2: Questions 1-20

Uploaded by

John
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Security+ Practice Exam 2 – Part 1 (Q1–Q20)

Questions only – No answers provided


Q1. (PBQ – Log Analysis) You are reviewing SIEM logs after an incident. Examine the log snippet
below: Date: 2025-06-14 [Link] Source IP: [Link] Destination IP: [Link] Port: 3389
Event: Multiple failed login attempts Status: Authentication failure What is the most likely type of
attack being attempted?

Q2. (PBQ – Firewall Rule Analysis) Review the following firewall rule set: Rule ID | Source |
Destination | Port | Action 1 | ANY | [Link] | 22 | ALLOW 2 | ANY | [Link] | 80 | ALLOW 3 |
ANY | [Link] | ANY | DENY Which services are exposed to the internet, and what is the security
concern?

Q3. (PBQ – Matching) Match the security control type with its example. 1. Preventive 2. Detective 3.
Corrective 4. Deterrent A. Security camera recording logs B. Installing OS patches after
vulnerabilities are found C. Strong authentication and MFA D. Warning signs and banners

Q4. (PBQ – Incident Response Stages) Place the following incident response phases in the correct
order: - Eradication & Recovery - Containment - Detection & Analysis - Preparation - Post-Incident
Activity

Q5. (PBQ – Cloud Security) Match each cloud security risk with its appropriate mitigation. Risks:
Misconfiguration, Data exfiltration, Account hijacking, Insider abuse Mitigations: 1. User activity
monitoring & auditing 2. Strong IAM controls & MFA 3. Security configuration baseline & hardening
4. DLP solutions & network segmentation

Q6. Which of the following BEST describes the principle of least privilege? A. Users are given
access only to the data and resources they need to perform their job B. All administrative access is
disabled by default C. Users are restricted to using only company-owned devices D. Administrators
must approve all user access requests manually

Q7. An attacker sends a fraudulent text message to trick a user into clicking a malicious link. Which
type of attack is this? A. Spear phishing B. Smishing C. Vishing D. Whaling

Q8. A company has implemented zero trust architecture. Which of the following is MOST likely
true? A. Users are implicitly trusted once inside the network perimeter B. Each request for access is
continuously verified regardless of network location C. Network firewalls are unnecessary D. Once
logged in, users have unlimited access

Q9. Which of the following BEST mitigates the risk of password brute-force attacks? A. Strong
firewall rules B. Account lockout policies C. Regular patching D. Using DNS filtering

Q10. A penetration tester is able to capture traffic and see passwords in cleartext. Which protocol is
MOST likely in use? A. HTTPS B. SSH C. Telnet D. SFTP

Q11. Which type of malware is designed to lock user files until a payment is made? A. Worm B.
Trojan C. Rootkit D. Ransomware

Q12. Which of the following is an example of social engineering? A. SQL injection B. Phishing email
C. DDoS attack D. Man-in-the-middle attack

Q13. A company wants to ensure that only authorized applications can run on its systems. Which
technology BEST meets this need? A. Application whitelisting B. DLP C. IDS D. Antivirus

Q14. An employee discovers an infected USB drive in the parking lot and plugs it into a company
laptop. This is an example of: A. Baiting B. Phishing C. Spear phishing D. Shoulder surfing

Q15. Which cloud model gives customers the most control over infrastructure? A. SaaS B. PaaS C.
IaaS D. FaaS

Q16. A company wants redundancy in case its primary data center is destroyed. Which is the BEST
solution? A. RAID 5 array B. Offsite hot site C. Local backups D. High availability cluster in the
same room
Q17. Which of the following BEST describes a compensating control? A. Control implemented
instead of the recommended one, due to constraints B. A control that completely eliminates a risk
C. A redundant security layer D. A control applied only after an incident

Q18. Which type of risk management strategy involves buying cyber insurance? A. Risk avoidance
B. Risk transference C. Risk mitigation D. Risk acceptance

Q19. An organization needs to protect data-in-transit between branch offices. Which technology
BEST achieves this? A. VPN B. TLS C. SSL stripping D. WPA2

Q20. During a security audit, it is discovered that employees are using personal cloud storage
accounts for work files. This is BEST described as: A. Shadow IT B. Insider threat C. BYOD policy
D. Data exfiltration

You might also like