The CompTIA Security+ (SY0-601) course is a comprehensive program designed for IT professionals to learn the fundamental principles of information security. It covers a wide range of topics, from basic security concepts to advanced subjects like identity management and vulnerability management. This course provides a solid foundation in essential security knowledge and skills, enabling individuals to develop and maintain effective security programs. Overall, it offers a valuable opportunity to enhance expertise in the field of information security.
Take this assessment to know how good you are in this exciting domain.
Click the Rewards tab for eligibility requirements.
Read the FAQs tab carefully for Instructions before beginning the assessment.
* NyxCoins vary on score
0 of 30 Questions completed
You have already completed the assessment before. Hence you can not start it again.
Assessment is loading…
You must sign in or sign up to start the assessment.
You must first complete the following:
0 of 30 Questions answered correctly
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
The process of dividing larger network address spaces into smaller networks is called:CorrectIncorrect
Which of the following ports MUST be permitted by firewalls to allow active FTP connections? (Select TWO).CorrectIncorrect
Our security team identifies some critical files being transferred from a desktop in an internal network to an unauthorized IP address. Further investigations conclude that the firewall policies and settings have not been changed, and antivirus has the latest update installed as well .Which of the following is the MOST likely cause for the incident?CorrectIncorrect
A user receives a message that seems to be from a trusted source, however, in reality, it redirects the recipient to a malicious site. The message is created in such a way so that it is effective on only a small number of targeted victims. What kind of attack is this called?CorrectIncorrect
A security professional is assigned the task of securing applications against various attacks. While the underlying operating system is updated regularly, there is no process to update the software. Which of the following is the MOST effective way of mitigating these specific risks?CorrectIncorrect
Which of the following is recovered by recovery agent?CorrectIncorrect
An organization has hired a software developer for writing the software code and to deploy it to the production network. The network administrator is also part of the team who is responsible for deploying code to the application servers. Which of the following practices are they following to ensure application integrity?CorrectIncorrect
A security audit has concluded that a high percentage of users have passwords that can be easily cracked. The BEST technical control that could be implemented to minimize the amount of easily “crackable” passwords is to?CorrectIncorrect
Someone in your organization included a piece of code in an application that causes the program to stop functioning at 11:00 AM on Monday when the application is used at its peak efficiency. Which of the following categories of malware does this belong to?CorrectIncorrect
The cyber security team of our organization receives a list of IP addresses that have been reported as attempting to access the network. For us to check any possible successful attempts across the organization, which of the following should be implemented?CorrectIncorrect
Our security team is auditing the web server logs and notice multiple attempts by users to access: http://www.cisco.com/ldapsearch?user-* The attack has been detected. Which of the following measures will prevent this type of attack on the webserver?CorrectIncorrect
Which of the following technologies should an organization use to stop the execution of different types of malicious code?CorrectIncorrect
Which of the following TCP flags, set on a stream of multiple packets, can launch a common Denial of Service (DoS) attack?CorrectIncorrect
A security administrator notices the following log entry in IDS appliance : (where firstname.lastname@example.org and passwd= ‘or 1==1’) What kind of attack is indicated by this log?CorrectIncorrect
By deploying heuristics to detect an anomaly in a computer’s baseline, a security administrator was able to detect an attack, although the signature based IDS and antivirus did not detect it. Further analysis concluded that the attacker had downloaded a portable executable file onto the desktop from the USB port, and executed it to trigger privilege escalation. Which of the following attacks has MOST likely occurred?CorrectIncorrect
The project manager has complained that many employees have been playing preinstalled games on the PCs. Which of the following would be the MOST effective way for preventing the users from doing so?CorrectIncorrect
Tony, our security intern, manually calculates hashes all network device configuration files daily and compares them to the hashes calculated on the previous days. Which of the following security concepts is Tony implementing?CorrectIncorrect
You have downloaded an ISO image for a security appliance and want to verify its integrity. What should you do?CorrectIncorrect
When using DAC or Discretionary Access Control, who will have the control or rights over access to the resources?CorrectIncorrect
What are the two valid key-size specifications for WEP defined for 802.11 networks?CorrectIncorrect
Which of the following are the correct steps to find out an exact timeline for a network intrusion attempt?CorrectIncorrect
According to cyber security experts, which statement is the correct definition of a computer virus?CorrectIncorrect
Which of the following is the generic name for a fix or solution for a known software issue?CorrectIncorrect
Regarding the Intrusion Detection System or IDS, which of the following components is responsible for collecting data?CorrectIncorrect
What will you implement to ensure that data at-rest is secure even in the case of loss or theft?CorrectIncorrect
Which of the following aspects/concepts of security are a part of the “security triad”? (Select THREE).CorrectIncorrect
Our IT Manager concluded that our application is not able to handle the large volume of traffic received on a daily basis.There are a number of issues regarding packet drops and server not accessible during peak hours. Which of the following would be a possible solution to solve these issues and ensure that the application remains secure and available?CorrectIncorrect
Which of the following backup options/solutions will provide the backup in quickest time?CorrectIncorrect
Which mechanism does PKI use to allow immediate verification of validity of a certificate?CorrectIncorrect
What is the name of the process for verifying the steps taken to make sure that the evidence related to cyber-crime has not been tampered with?CorrectIncorrect