Set 1 CompTIA Security+ Practice Questions

Approved & Edited by ProProfs Editorial Team

The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.

Learn about Our Editorial Process

| By Vaibhav Agarwal

Vaibhav Agarwal

Community Contributor

Quizzes Created: 58 | Total Attempts: 616,551

Questions: 20 | Attempts: 11,274 | Updated: Mar 21, 2022

Questions

Settings

Feedback

During the Quiz End of Quiz

Difficulty

Sequential Easy First Hard First

Play as

Quiz Flashcard

Create your own Quiz

Share on Facebook Share on Twitter Share on Whatsapp Share on Pinterest Share on Email Copy to Clipboard Embed on your website

Set 1 CompTIA Security+ Practice Questions - Quiz

Comptia Security+ Practice Questions covering the exam objective: Concepts of Security. You can take these for practice or take it as a topic wise practice exam. Feedback and comments are welcome!

Questions and Answers

1.

Who is responsible for access control in the MAC model?
- A.
  
  Mandatory Access Control
- B.
  
  Discretionary Access Control
- C.
  
  Role Based Access Control
- D.
  
  Any of the above
Correct Answer
A. Mandatory Access Control

Explanation
System administrator is responsible for access control in the MAC model. The owner will be responsible for DAC. The RBAC is dependent on the role played by the user in the organization.

Rate this question:
2.

Access Control list contains information relating to user to resource access mapping. T/F?
- A.
  
  True
- B.
  
  False
Correct Answer
A. True

Explanation
The information of mapping users to their permissions for resource access would be available in the ACL.

Rate this question:
3.

MAC allows dynamic sharing of resources. T/F?
- A.
  
  True
- B.
  
  False
Correct Answer
B. False

Explanation
MAC uses a static or predefined set of access privileges and hence cannot allow dynamic sharing of resources.

Rate this question:

1
0
4.

Which of the following would provide security for Web site access?
- A.
  
  Anonymous logon
- B.
  
  Digital signature
- C.
  
  Certificate
- D.
  
  Token
Correct Answer
C. Certificate

Explanation
Certificates are best used during WAN access. For ex: when using web sites that require you to provide confidential information about yourself, or when you are logging in to the Intranet, from an unknown location.

Rate this question:
5.

Which of the following use clear text password for authentication?
- A.
  
  PAP
- B.
  
  CHAP
- C.
  
  Certificate
- D.
  
  None of the above
Correct Answer
A. PAP

Explanation
PAP uses clear text and is a two-way handshake protocol.

Rate this question:
6.

A token is authentication protocol. T/F?
- A.
  
  True
- B.
  
  False
Correct Answer
B. False

Explanation
A token is generated when a user has been successfully authenticated. This token is attached to the users� session and will be destroyed once the session is terminated or after the user has logged out. This token will contain user access permission assigned on the network resources for that user. Token is a system and not a protocol.

Rate this question:
7.

Which of the following is a key component in the Kerberos system?
- A.
  
  Key Distribution Center
- B.
  
  Token
- C.
  
  RAS server
- D.
  
  Certificate Server
Correct Answer
A. Key Distribution Center

Explanation
The Kerberos system requires a Key Distribution Center (KDC) which is responsible for authenticating any network user, Computer or Service. Depending on whether the authentication fails or succeeds the ticket will be granted to the end user, Computer or Service.

Rate this question:
8.

Which of the following does relates to Biometricsy?
- A.
  
  Finger print
- B.
  
  Residential address
- C.
  
  User password
- D.
  
  User ID card
Correct Answer
A. Finger print

Explanation
The Biometrics uses finger prints, retinal scan and some times the DNA structure too to establish user Id.

Rate this question:
9.

To allow access to a campus you would use smart card. T/F?
- A.
  
  True
- B.
  
  False
Correct Answer
A. True

Explanation
To allow access to a campus you would use smart cards.

Rate this question:
10.

Which of the following is an advantage with clear text authentication?
- A.
  
  Advantage is that it is easy to remember passwords
- B.
  
  Advantage is that it is easy to implement
- C.
  
  Advantage is it is free of errors
- D.
  
  None of the above
Correct Answer
B. Advantage is that it is easy to implement

Explanation
Clear text authentication is very simple and easy to implement and verify. But a network that has implemented clear text security is not very secure as it is very easy to decipher clear text passwords.

Rate this question:
11.

Which of the following is the best way to ascertain unique identification of an employee?
- A.
  
  Smart Card
- B.
  
  Username/Password
- C.
  
  Biometric
- D.
  
  Credit Card
Correct Answer
C. Biometric

Explanation
Biometric will authenticate or establish User ID depending on the physical attribute of the user. For ex: Finger print, hand scan or retina scan.

Rate this question:
12.

RADIUS is a dial-up protocol. T/F?
- A.
  
  True
- B.
  
  False
Correct Answer
B. False

Explanation
RADIUS is a RAS authentication Service.

Rate this question:
13.

Which of the following is used to establish an error free IP-based network?
- A.
  
  DNS
- B.
  
  DHCP
- C.
  
  RAS
- D.
  
  None of the above
Correct Answer
B. DHCP

Explanation
It is imperative that users be assigned IP addresses for the purpose of connecting to the company resources. This dynamic allocation will be possible only with the help of DHCP service.

Rate this question:
14.

Which of the following services when placed on the edge of the network, will provide security to the entire network?
- A.
  
  Firewall
- B.
  
  Router
- C.
  
  Antivirus
- D.
  
  None of the above
Correct Answer
A. Firewall

Explanation
Router is a gateway and antivirus resides on all systems. Firewall is meant to safe guard the network from external attacks.

Rate this question:
15.

Which of the following is a disadvantage when using a Wireless LAN?
- A.
  
  Loss of signal strength
- B.
  
  Eavesdropping
- C.
  
  Blackout
- D.
  
  EMI
Correct Answer
B. Eavesdropping

Explanation
Wireless LANs is dependent on frequency for transmission and reception. This makes the media very susceptible to overhearing or eavesdropping.

Rate this question:
16.

Which of the following is an example of the DoS?
- A.
  
  A computer on your network has crashed
- B.
  
  Your router is unable to find a destination outside of your network
- C.
  
  Your Web server has gone into a loop trying to service a client request.
- D.
  
  You keyboard is no longer responding.
Correct Answer
C. Your Web server has gone into a loop trying to service a client request.

Explanation
DoS is a way of engaging a Web Server continuously in one specific task by outing it on a loop and ensuring it is unable to respond to any further requests.

Rate this question:
17.

DDoS is a best way for testing Web server vulnerabilities. T/F?
- A.
  
  True
- B.
  
  False
Correct Answer
A. True

Explanation
DDoS (Distributed DoS) would test for more vulnerabilities on the server than the DoS would.

Rate this question:

1
1
18.

When debugging an Operating system, a programmer would make use of a back door door. T/F?
- A.
  
  True
- B.
  
  False
Correct Answer
A. True

Explanation
A programmer makes use of back doors in the program for the purpose of debugging or observing the performance of the program.

Rate this question:
19.

Which of the following services relates to acknowledgment-less data transfer?
- A.
  
  ARP
- B.
  
  FTP
- C.
  
  TFTP
- D.
  
  DHCP
Correct Answer
C. TFTP

Explanation
TFTP (trivial File Transfer Protocol) uses UDP for data transfer and hence does not facilitate acknowledgements.

Rate this question:
20.

To transfer mails between email servers and respective clients you would require POP3 service. T/F?
- A.
  
  True
- B.
  
  False
Correct Answer
A. True

Explanation
To transfer mails between email servers and their respective clients POP3 (Post Office Protocol Version 3) is used.

Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Mar 21, 2022

Quiz Edited by
ProProfs Editorial Team
Nov 18, 2006

Quiz Created by
Vaibhav Agarwal

Set 1 CompTIA Security+ Practice Questions

Who is responsible for access control in the MAC model?

Access Control list contains information relating to user to resource access mapping. T/F?

MAC allows dynamic sharing of resources. T/F?

Which of the following would provide security for Web site access?

Which of the following use clear text password for authentication?

A token is authentication protocol. T/F?

Which of the following is a key component in the Kerberos system?

Which of the following does relates to Biometricsy?

To allow access to a campus you would use smart card. T/F?

Which of the following is an advantage with clear text authentication?

Which of the following is the best way to ascertain unique identification of an employee?

RADIUS is a dial-up protocol. T/F?

Which of the following is used to establish an error free IP-based network?

Which of the following services when placed on the edge of the network, will provide security to the entire network?

Which of the following is a disadvantage when using a Wireless LAN?

Which of the following is an example of the DoS?

DDoS is a best way for testing Web server vulnerabilities. T/F?

When debugging an Operating system, a programmer would make use of a back door door. T/F?

Which of the following services relates to acknowledgment-less data transfer?

To transfer mails between email servers and respective clients you would require POP3 service. T/F?