CompTIA Security+ Primer

This is the litmus test for anyone studying for CompTIA Security+ Certification. This e-book contains 600 quick-fire Q & A specifically covering the topics on the exam. The questions are similar to those you will face in the exam. ie, multiple choice, true or false ...etc. Good luck with your exams!

Number of questions:....Maximum of 90 questions

Type of questions:....Multiple choice and performance-based

Length of test:....90 minutes

Passing score:....750 (on a scale of 100-900)

Exam codes: SY0-401

Retirement Date: ....SY0-301 and JK0-018 retire December 31, 2014

Exam % Breakdown per topic

20% 1.0 Network Security Qst 1-132

18% 2.0 Compliance & Operational Security Qst 132-265

20% 3.0 Threats and Vulnerabilities Qst 266-395

15% 4.0 Application, Data and Host Security Qst 396-520

15% 5.0 Access Control & Identity Management Qst 521-539

12% 6.0 Cryptography Qst 540-600

----------------------------------------------------------

100%...Total

Q1. Switches are at which level of the OSI model?

a. layer 1

b. layer 2

c. layer 3

d. layer 4

e. layer 5

Answer b

Q2. Which of the following is true of Switches?

a. work at hardware level

b. decide on where traffic goes

c. decides based on MAC addresses

d. switches are like bridges

e. can have a lot of bandwidth going through them

f. all of above

Answer f

Q3. Since switches operate at layer 2, everyone is on the same ___?

a. MAC address

b. subnet

c. router

d. domain name

e. none of these

Answer b

Q4. Routers are usually at which level of the OSI model?

a. layer 1

b. layer 2

c. layer 3

d. layer 4

e. layer 5

Answer c

Q5. True or false. Routers installed inside of switches are sometimes called layer 3 switches.

Answer True

Q6. Routers can connect which of the following?

a. LAN

b. WAN

c. copper

d. Fiber

e. all of above

Answer e

Q7. If we have switching at layer 2 and routing at layer 3, what do we have for the rest of the OSI stack?

a. Firewalls

b. ip tables

c. password

d. MFA

e. security challenge questions

Answer a

Q8. True or false. Some firewalls can filter through OSI layer 7

Answer True

Q9. A load balancer can distribute load based on ___?

a. Load distribution

b. round robin

c. based on content

d. either of these

e. none of these

Answer c

Q10. True or false. A proxy is a server(s) sits between the users and the internet.

Answer True

Q11. True or false. A router with NAT is the same as a proxy server.

Answer False

Q12. True or false. A NAT is simply changing an IP address from one address to another. A proxy server performs a completely different function by making requests across the network on behalf of another user.

Answer True

Q13. A proxy where you need to configure browser/apps to let them know proxy is there and to use it is called?

a. an explicit proxy

b. Transparent (invisible) proxy

c. cache proxy

Answer a

Q14. A proxy where you don't need to configure any browser/apps settings to enable your end users to use the proxy is called?

a. an explicit proxy

b. Transparent (invisible) proxy

c. cache proxy

Answer b

Q15. UTM (also referred to as Web Security Gateway) stands for what?

Answer Unified Threat Management

Q16. A Unified Threat Management (or Web Security Gateway) may have which of the following?

a. URL filter

b. content inspection

c. Malware inspection

d. Spam filter

e. Router/switch

f. Firewall

g. All of these

Answer g

Q17. If you wanted to communicate via an encrypted tunnel with your corporate (or home) network remotely from McDonalds, you would use which of the following? Choose one.

a. VPC

b. switch

c. router

d. Default gateway

e. VPN Concentrator

Answer e

Q18. True or false. Encrypting / Decrypting data is not CPU-intensive.

Answer False

Q19. What does NIDS stand for?

Answer Network Intrusion Detection System

Q20. What does NIPS stand for?

Answer Network Intrusion Prevention System

Q21. NIDS and NIPS prevent which of the following?

a. Buffer Overflows

b. Cross-site scripting

c. Brute force attacks

d. Espionage

e. all of these

Answer a, b

Q22. True or false. IDS (Intrusion Detection System) can detect vulnerabilites but cannot stop them.

Answer True

Q23. Signature-based detection looks for ___?

a. partial match

b. perfect match

c. either of these

d. neither of these

Answer b

Q24. Which of the following uses Artificial Intelligence to identify threats?

a. Behaviour-based

b. Signature-based

c. Heuristics

d. Anomaly-based

e. all of above

Answer c

Q25. What does WAF stand for?

Answer Web Application