CompTIA Security+ (SY0-401) Multiple Choice Sample Questions

CompTIA Security+ (SY0-401) Multiple Choice Sample Questions
A targeted email attack sent to Sara, the company's Chief Executive Officer (CEO), is known as
which of the
following?


A. Whaling
B. Bluesnarfing
C. Vishing
D. Dumpster diving correct answers A


In regards to secure coding practices, why is input validation important?


A. It mitigates buffer overflow attacks.
B. It makes the code more readable.
C. It provides an application configuration baseline.
D. It meets gray box testing standards. correct answers A


Which of the following steps should follow the deployment of a patch?


A. Antivirus and anti-malware deployment
B. Audit and verification
C. Fuzzing and exploitation
D. Error and exception handling correct answers B


Which of the following would be used when a higher level of security is desired for encryption
key storage?


A. TACACS+

,B. L2TP
C. LDAP
D. TPM correct answers D


A security administrator needs to determine which system a particular user is trying to login to at
various times
of the day. Which of the following log types would the administrator check?


A. Firewall
B. Application
C. IDS
D. Security correct answers D


Which of the following MUST be updated immediately when an employee is terminated to
prevent unauthorized
access?


A. Registration
B. CA
C. CRL
D. Recovery agent correct answers C


A security administrator is observing congestion on the firewall interfaces and a high number of
half open
incoming connections from different external IP addresses. Which of the following attack types
is underway?


A. Cross-site scripting

,B. SPIM
C. Client-side
D. DDoS correct answers D


Which of the following application security testing techniques is implemented when an
automated system
generates random input data?


A. Fuzzing
B. XSRF
C. Hardening
D. Input validation correct answers A


Which of the following BEST describes a protective countermeasure for SQL injection?


A. Eliminating cross-site scripting vulnerabilities


B. Installing an IDS to monitor network traffic


C. Validating user input in web applications


D. Placing a firewall between the Internet and database servers correct answers C


A certificate authority takes which of the following actions in PKI?


A. Signs and verifies all infrastructure messages
B. Issues and signs all private keys

, C. Publishes key escrow lists to CRLs
D. Issues and signs all root certificates correct answers D


Use of a smart card to authenticate remote servers remains MOST susceptible to which of the
following attacks?


A. Malicious code on the local system
B. Shoulder surfing
C. Brute force certificate cracking
D. Distributed dictionary attacks correct answers A


A security administrator needs to update the OS on all the switches in the company. Which of the
following MUST be done before any actual switch configuration is performed?


A. The request needs to be sent to the incident management team.


B. The request needs to be approved through the incident management process.


C. The request needs to be approved through the change management process.


D. The request needs to be sent to the change management team. correct answers C


The security administrator wants each user to individually decrypt a message but allow anybody
to encrypt it.
Which of the following MUST be implemented to allow this type of authorization?


A. Use of CA certificate
B. Use of public keys only