COMPTIA Security+ Exam Prep Test Bank 3
Latest 2026-2027 with 400 Questions and Correct
Answers/ CompTIA Security+ Practice Exam
According to CompTIA's Security+ examination blueprint, what are the three
listed reporting techniques for mitigation and deterrence? - ANSWER-alarms,
alerts, and trends
Which type of attack enables an intruder to capture and modify data traffic by
rerouting the traffic from a network device to the intruder's computer? -
ANSWER-network address hijacking
What are the three issues that symmetric data encryption fails to address? -
ANSWER-data integrity, repudiation, scalable key distribution
What occurs when a user provides a password or proof of identity to a system? -
ANSWER-authentication
Which wireless protocol provides the best security: WEP, WAP, WPA, or WPA2?
- ANSWER-Wi-Fi Protected Access IIversion 2 (WPA2) with CCMP
Which term is used when the amount of work that a computer has to do is divided
between two or more computers so that more work is performed in the same
amount of time? - ANSWER-load balancing
Which type of attack searches long lists of words for a particular language to
match them to an encrypted password? - ANSWER-dictionary attack
1
,What is spimming? - ANSWER-an instance of spam sent over an instant message
application
What is a proxy server? - ANSWER-a server that caches and filters content
Which type of authentication combines two or more authentication methods, like
something that a person knows (such as a password), something that a person owns
(such as a smart card), and a characteristic about the person (such as a fingerprint)?
- ANSWER-multi-factor authentication
Which services are usually provided by all-in-one security devices? - ANSWER-
URL filtering, content inspection, and malware inspection
Which directory protocol does Directory-Enabled Networking (DEN) use? -
ANSWER-Lightweight Directory Access Protocol (LDAP)
What is a honeypot? - ANSWER-a decoy system in your network installed to lure
potential intruders away from legitimate systems
What is the term for a potential opening in network security that a hacker can
exploit to attack a network? - ANSWER-a vulnerability
What is the most significant misuse of cookies? - ANSWER-misuse of personal
data
Which setting ensures that repeated attempts to guess a user's password is not
possible beyond the configured value? - ANSWER-account lockout
2
,What is a smurf attack? - ANSWER-an attack where a ping request is sent to a
broadcast network address with the aim of overwhelming the system
Is the Message Digest 5 (MD5) algorithm used with symmetric or asymmetric key
algorithms? - ANSWER-asymmetric
What is the purpose of Infrastructure as a Service (IaaS) in cloud computing? -
ANSWER-It provides computer and server infrastructure, typically through a
virtualization environment.
What is war driving? - ANSWER-the act of discovering unprotected wireless
network by driving around with a laptop
What does the acronym DAC denote? - ANSWER-discretionary access control
Which audit category will audit all instances of users exercising their rights? -
ANSWER-the Audit Privilege Use audit category
Which intrusion detection system (IDS) watches for intrusions that match a known
identity? - ANSWER-signature-based IDS
Which security protocol was designed as an interim solution to replace WEP
without requiring the replacement of legacy hardware? - ANSWER-Temporal Key
Integrity Protocol (TKIP)
What is the recommended action when the cost of the safeguard exceeds the
amount of the potential loss for a given risk? - ANSWER-to accept the risk
3
, What is a VPN concentrator? - ANSWER-a device that creates a virtual private
network (VPN)
Does each VLAN create its own collision domain or its own broadcast domain? -
ANSWER-broadcast domain
What is a warm site? - ANSWER-an alternate computing facility with
telecommunications equipment but no computers
What does the acronym POP denote? - ANSWER-Post Office Protocol
Which type of cryptography relies more on physics, rather than mathematics, as a
key aspect of its security model? - ANSWER-quantum cryptography
What is the main difference between an IDS and an IPS? - ANSWER-An IDS
detects intrusions. An IPS prevents intrusions.
What is the term for an authorized access that a network-based intrusion detection
system (NIDS) incorrectly detects as an attack? - ANSWER-false positive
What is another name for RAID 5? - ANSWER-disk striping with parity
What is the key size, in bits, of the Data Encryption Standard (DES)? - ANSWER-
56
What is another name for RAID 0? - ANSWER-disk striping
4
Latest 2026-2027 with 400 Questions and Correct
Answers/ CompTIA Security+ Practice Exam
According to CompTIA's Security+ examination blueprint, what are the three
listed reporting techniques for mitigation and deterrence? - ANSWER-alarms,
alerts, and trends
Which type of attack enables an intruder to capture and modify data traffic by
rerouting the traffic from a network device to the intruder's computer? -
ANSWER-network address hijacking
What are the three issues that symmetric data encryption fails to address? -
ANSWER-data integrity, repudiation, scalable key distribution
What occurs when a user provides a password or proof of identity to a system? -
ANSWER-authentication
Which wireless protocol provides the best security: WEP, WAP, WPA, or WPA2?
- ANSWER-Wi-Fi Protected Access IIversion 2 (WPA2) with CCMP
Which term is used when the amount of work that a computer has to do is divided
between two or more computers so that more work is performed in the same
amount of time? - ANSWER-load balancing
Which type of attack searches long lists of words for a particular language to
match them to an encrypted password? - ANSWER-dictionary attack
1
,What is spimming? - ANSWER-an instance of spam sent over an instant message
application
What is a proxy server? - ANSWER-a server that caches and filters content
Which type of authentication combines two or more authentication methods, like
something that a person knows (such as a password), something that a person owns
(such as a smart card), and a characteristic about the person (such as a fingerprint)?
- ANSWER-multi-factor authentication
Which services are usually provided by all-in-one security devices? - ANSWER-
URL filtering, content inspection, and malware inspection
Which directory protocol does Directory-Enabled Networking (DEN) use? -
ANSWER-Lightweight Directory Access Protocol (LDAP)
What is a honeypot? - ANSWER-a decoy system in your network installed to lure
potential intruders away from legitimate systems
What is the term for a potential opening in network security that a hacker can
exploit to attack a network? - ANSWER-a vulnerability
What is the most significant misuse of cookies? - ANSWER-misuse of personal
data
Which setting ensures that repeated attempts to guess a user's password is not
possible beyond the configured value? - ANSWER-account lockout
2
,What is a smurf attack? - ANSWER-an attack where a ping request is sent to a
broadcast network address with the aim of overwhelming the system
Is the Message Digest 5 (MD5) algorithm used with symmetric or asymmetric key
algorithms? - ANSWER-asymmetric
What is the purpose of Infrastructure as a Service (IaaS) in cloud computing? -
ANSWER-It provides computer and server infrastructure, typically through a
virtualization environment.
What is war driving? - ANSWER-the act of discovering unprotected wireless
network by driving around with a laptop
What does the acronym DAC denote? - ANSWER-discretionary access control
Which audit category will audit all instances of users exercising their rights? -
ANSWER-the Audit Privilege Use audit category
Which intrusion detection system (IDS) watches for intrusions that match a known
identity? - ANSWER-signature-based IDS
Which security protocol was designed as an interim solution to replace WEP
without requiring the replacement of legacy hardware? - ANSWER-Temporal Key
Integrity Protocol (TKIP)
What is the recommended action when the cost of the safeguard exceeds the
amount of the potential loss for a given risk? - ANSWER-to accept the risk
3
, What is a VPN concentrator? - ANSWER-a device that creates a virtual private
network (VPN)
Does each VLAN create its own collision domain or its own broadcast domain? -
ANSWER-broadcast domain
What is a warm site? - ANSWER-an alternate computing facility with
telecommunications equipment but no computers
What does the acronym POP denote? - ANSWER-Post Office Protocol
Which type of cryptography relies more on physics, rather than mathematics, as a
key aspect of its security model? - ANSWER-quantum cryptography
What is the main difference between an IDS and an IPS? - ANSWER-An IDS
detects intrusions. An IPS prevents intrusions.
What is the term for an authorized access that a network-based intrusion detection
system (NIDS) incorrectly detects as an attack? - ANSWER-false positive
What is another name for RAID 5? - ANSWER-disk striping with parity
What is the key size, in bits, of the Data Encryption Standard (DES)? - ANSWER-
56
What is another name for RAID 0? - ANSWER-disk striping
4
