SkillTestPro | CompTIA Security+ Practice Test 5

CompTIA Security+ Practice Test 5

CompTIA Security+ Quiz

1 / 20

A security team needs to identify weaknesses in an organization’s network before attackers can exploit them. What should be performed?

DNS spoofing

Brute-force attack

Man-in-the-middle attack

Ransomware deployment

Penetration testing

2 / 20

A company wants to ensure that its employees follow security best practices when working remotely. What should be enforced?

Allowing personal devices on corporate networks

Disabling firewalls

Weak password policies

Use of virtual private networks (VPNs)

Allowing unrestricted file-sharing

3 / 20

A security analyst is investigating a ransomware attack. What is the primary characteristic of this type of attack?

Personal information is stolen and sold

Users are tricked into clicking malicious links

A network is flooded with traffic to cause downtime

Data is encrypted and a ransom is demanded

A website is defaced with unauthorized content

4 / 20

A network administrator needs to separate internal network traffic from guest Wi-Fi traffic. What should be implemented?

Disabling DHCP

Enabling port mirroring

Using a single subnet

Virtual LAN (VLAN)

Implementing a DMZ

5 / 20

A company wants to ensure that only authorized devices can communicate on its Wi-Fi network. What technology should be implemented?

Port forwarding

MAC address filtering

Ad-hoc networking

Weak encryption

Using a shared Wi-Fi password

6 / 20

A company's security team wants to protect against social engineering attacks. What is the best way to achieve this?

Conduct regular security awareness training

Disable all user accounts

Enable single sign-on (SSO)

Implement biometric authentication

Increase the complexity of passwordsc

7 / 20

A security administrator wants to prevent users from installing unauthorized applications on company devices. What is the best approach?

Password complexity policies

Application allowlisting

Using a VPN

Removing administrator privileges from all users

Enabling guest accounts

8 / 20

A company wants to ensure that all employees’ devices are encrypted before allowing them to access corporate data remotely. What should be implemented?

Single sign-on (SSO)

Role-based access control (RBAC)

Public key infrastructure (PKI)

Mobile device management (MDM)

Network segmentation

9 / 20

A hacker successfully installs a rootkit on a victim’s machine. What is the main risk of this attack?

The victim’s browser history is deleted

The system slows down due to high CPU usage

Antivirus software becomes more effective

The user’s password is reset automatically

The attacker gains persistent administrative access

10 / 20

A company's security team wants to ensure that system logs cannot be modified by attackers. What is the best solution?

Manually back up logs

Disable logging on critical systems

Use a centralized logging system

Encrypt network traffic

Implement geofencing

11 / 20

An attacker exploits an unpatched software vulnerability before a fix is available. What type of attack is this?

Denial-of-service attack

Social engineering

Session hijacking

Zero-day attack

Phishing

12 / 20

A company wants to ensure that deleted data from old hard drives cannot be recovered. What is the best method?

Reinstalling the operating system

Renaming the files

Moving files to the Recycle Bin

Disabling user accounts

Degaussing

13 / 20

An administrator wants to ensure that any external devices connecting to the network meet security policies before gaining access. What solution should be used?

Patch management

Virtual private network (VPN)

Network access control (NAC)

Multi-factor authentication

Account lockout policy

14 / 20

A security analyst needs to detect and prevent sensitive data from leaving the organization through email. What security solution should be used?

Data loss prevention (DLP)

Web application firewall (WAF)

Intrusion detection system (IDS)

Network access control (NAC)

Virtual private network (VPN)

15 / 20

An attacker sends a fraudulent email appearing to be from an IT administrator, requesting login credentials. What type of attack is this?

Vishing

Smishing

Brute-force attack

Spear phishing

Man-in-the-middle attack

16 / 20

A user reports receiving multiple pop-ups and unusual redirects while browsing the internet. What is the most likely cause?

DDoS attack

DNS hijacking

Brute-force attack

Adware infection

Zero-day exploit

17 / 20

A system administrator needs to ensure that critical files are not modified or deleted. What security measure should be implemented?

Firewall rules

Role-based access control (RBAC)

File integrity monitoring (FIM)

Account lockout policy

Network segmentation

18 / 20

A hacker compromises a website and embeds malicious scripts that execute when users visit the site. What type of attack is this?

SQL injection

Denial-of-service attack

Session hijacking

DNS spoofing

Cross-site scripting (XSS)

19 / 20

A company's web application is being targeted by automated bots attempting to guess user credentials. What security measure should be implemented?

CAPTCHA

MAC filtering

Geofencing

Disabling account lockouts

Using plaintext authentication

20 / 20

A security administrator notices that employees are using the same password across multiple systems. What is the best solution to mitigate this risk?

Enforce password rotation every 30 days

Implement single sign-on (SSO) with multi-factor authentication

Disable password complexity requirements

Allow users to store passwords in a text file

Reduce the number of authentication attempts

Your score is

The average score is 0%