CompTIA Security+ Practice Test 32 1 / 10A breach response is slow. What should be measured? CPU usage. Mean time to detect (MTTD) and respond (MTTR). Network bandwidth. Storage capacity. User login times. Correct Answer: Mean time to detect (MTTD) and respond (MTTR).Explanation: MTTD and MTTR gauge incident response efficiency.Correct Answer: Mean time to detect (MTTD) and respond (MTTR).Explanation: MTTD and MTTR gauge incident response efficiency.2 / 10A company accepts a minor risk. What did they perform? Risk mitigation. Risk avoidance. Risk acceptance. Risk transfer. Risk escalation. Correct Answer: Risk acceptance.Explanation: Risk acceptance acknowledges a risk without further action.Correct Answer: Risk acceptance.Explanation: Risk acceptance acknowledges a risk without further action.3 / 10A guest Wi-Fi is compromised. What should have been done? Used WPA3 with a strong passphrase. Left it open. Used WEP. Shared the password. Disabled encryption. Correct Answer: Used WPA3 with a strong passphrase.Explanation: WPA3 secures Wi-Fi with strong encryption and passphrases.Correct Answer: Used WPA3 with a strong passphrase.Explanation: WPA3 secures Wi-Fi with strong encryption and passphrases.4 / 10A site forces an older SSL version. What attack is this? Replay attack. Downgrade attack. Pass-the-hash. Birthday attack. Side-channel attack. Correct Answer: Downgrade attack.Explanation: Downgrade attacks force weaker security protocols.Correct Answer: Downgrade attack.Explanation: Downgrade attacks force weaker security protocols.5 / 10A server sends encrypted traffic to a hacker. What should be suspected? A system update. A botnet infection. A hardware error. A user mistake. A network glitch. Correct Answer: A botnet infection.Explanation: Botnets encrypt communication with command-and-control servers.Correct Answer: A botnet infection.Explanation: Botnets encrypt communication with command-and-control servers.6 / 10A user’s actions deviate from normal patterns. What should be deployed? A firewall update. User behavior analytics (UBA). A new VPN. A password change. A system reboot. Correct Answer: User behavior analytics (UBA).Explanation: UBA detects insider threats via behavioral anomalies.Correct Answer: User behavior analytics (UBA).Explanation: UBA detects insider threats via behavioral anomalies.7 / 10A blue team responds to a simulated attack. What is their role? To attack the system. To develop code. To monitor logs only. To encrypt data. To defend and improve security. Correct Answer: To defend and improve security.Explanation: Blue teams protect and strengthen defenses.Correct Answer: To defend and improve security.Explanation: Blue teams protect and strengthen defenses.8 / 10A website loads insecurely over HTTP. What should be enabled? FTP. SMTP. ICMP. TLS. SNMP. Correct Answer: TLS.Explanation: TLS secures web traffic, replacing HTTP with HTTPS.Correct Answer: TLS.Explanation: TLS secures web traffic, replacing HTTP with HTTPS.9 / 10An attacker moves from a workstation to a server. What should have been implemented? A flat network. Microsegmentation. Open ports. Shared accounts. No firewalls. Correct Answer: Microsegmentation.Explanation: Microsegmentation limits lateral movement within a network.Correct Answer: Microsegmentation.Explanation: Microsegmentation limits lateral movement within a network.10 / 10A program crashes due to a timing issue. What attack exploited this? TOCTOU. Buffer overflow. SQL injection. XSS. CSRF. Correct Answer: TOCTOU.Explanation: Time-of-check to time-of-use (TOCTOU) exploits timing gaps.Correct Answer: TOCTOU.Explanation: Time-of-check to time-of-use (TOCTOU) exploits timing gaps.Your score isThe average score is 100% 0% Restart quiz
