CompTIA Security+ (SY0-701)
Level 2 – Intermediate (Exam 2)
Time allowed: 1 hour
Total marks: 40
Pass mark: 26 (65%)
Instructions: Answer all questions. Write your answers in the spaces provided. Marks are
shown in brackets [ ] at the end of each question.
Section A: Multiple Choice (10 marks)
Circle the correct answer.
1. Which of the following symmetric encryption algorithms is currently considered the most
secure and widely used?
A) DES
B) 3DES
C) AES
D) RSA
[1 mark]
2. A security analyst sees multiple failed login attempts from a single IP address over a short
period. This is most likely:
A) A DDoS attack
B) A brute force attack
C) A man-in-the-middle attack
D) SQL injection
[1 mark]
3. Which technology allows an organisation to securely extend its internal network across the
internet?
A) Firewall
B) IDS
C) VPN (Virtual Private Network)
D) Proxy server
[1 mark]
4. What is the primary purpose of a Digital Signature?
A) To encrypt a message
B) To provide integrity and non-repudiation
C) To compress large files
, D) To hide the contents of a message
[1 mark]
5. Which of the following is an example of defence in depth?
A) Using only a firewall
B) Relying solely on antivirus software
C) Combining a firewall, IDS, antivirus, and security awareness training
D) Using a single, very strong password
[1 mark]
6. Which protocol provides encrypted remote access to a server's command line?
A) Telnet
B) FTP
C) SSH (Secure Shell)
D) HTTP
[1 mark]
7. A man-in-the-middle (MITM) attack can be prevented by using:
A) Strong passwords
B) Antivirus software
C) TLS (Transport Layer Security) / HTTPS
D) A firewall
[1 mark]
8. Which of the following is a cryptographic hash function?
A) AES
B) RSA
C) SHA-256
D) ECC
[1 mark]
9. What is the purpose of a SIEM (Security Information and Event Management) system?
A) To block malicious traffic
B) To centrally collect, analyse, and correlate security logs
C) To encrypt sensitive email
D) To manage user passwords
[1 mark]
10. An organisation wants to ensure that sensitive data is not copied to a USB drive. Which
control should they use?
A) DLP (Data Loss Prevention)
B) IDS
C) VPN
D) HIDS
[1 mark]
Level 2 – Intermediate (Exam 2)
Time allowed: 1 hour
Total marks: 40
Pass mark: 26 (65%)
Instructions: Answer all questions. Write your answers in the spaces provided. Marks are
shown in brackets [ ] at the end of each question.
Section A: Multiple Choice (10 marks)
Circle the correct answer.
1. Which of the following symmetric encryption algorithms is currently considered the most
secure and widely used?
A) DES
B) 3DES
C) AES
D) RSA
[1 mark]
2. A security analyst sees multiple failed login attempts from a single IP address over a short
period. This is most likely:
A) A DDoS attack
B) A brute force attack
C) A man-in-the-middle attack
D) SQL injection
[1 mark]
3. Which technology allows an organisation to securely extend its internal network across the
internet?
A) Firewall
B) IDS
C) VPN (Virtual Private Network)
D) Proxy server
[1 mark]
4. What is the primary purpose of a Digital Signature?
A) To encrypt a message
B) To provide integrity and non-repudiation
C) To compress large files
, D) To hide the contents of a message
[1 mark]
5. Which of the following is an example of defence in depth?
A) Using only a firewall
B) Relying solely on antivirus software
C) Combining a firewall, IDS, antivirus, and security awareness training
D) Using a single, very strong password
[1 mark]
6. Which protocol provides encrypted remote access to a server's command line?
A) Telnet
B) FTP
C) SSH (Secure Shell)
D) HTTP
[1 mark]
7. A man-in-the-middle (MITM) attack can be prevented by using:
A) Strong passwords
B) Antivirus software
C) TLS (Transport Layer Security) / HTTPS
D) A firewall
[1 mark]
8. Which of the following is a cryptographic hash function?
A) AES
B) RSA
C) SHA-256
D) ECC
[1 mark]
9. What is the purpose of a SIEM (Security Information and Event Management) system?
A) To block malicious traffic
B) To centrally collect, analyse, and correlate security logs
C) To encrypt sensitive email
D) To manage user passwords
[1 mark]
10. An organisation wants to ensure that sensitive data is not copied to a USB drive. Which
control should they use?
A) DLP (Data Loss Prevention)
B) IDS
C) VPN
D) HIDS
[1 mark]
