Idea Questions.

Here are some Question to help you get and Idea of what to expect.

Page 1 of 16

This practice test contains 15 questions and answer explanations, excerpted from Mike Meyers' CompTIA Security+™ Certification Passport, Third Edition (Exam SY0-301), (McGraw-Hill, 2011) with permission from McGraw-Hill.
Question 1:
It has been discovered that a former member of the IT department who switched to the development team still has administrative access to many major network infrastructure devices and servers. Which of the following mitigation techniques should be implemented to help reduce the risk of this event recurring?

A. DLP
B. Incident management and response policy
C. Change management notifications
D. Regular user permission and rights reviews

Security+ SY0-301 Practice Quiz

Page 2 of 16

Question 2:
You are collecting forensic evidence from a recent network intrusion, including firewall logs, access logs, and screen captures of the intruder’s activity. Which of the following concepts describes the procedures for preserving the legal ownership history of evidence from the security incident?

A. Damage control
B. Audit trail
C. Escalation
D. Chain of custody

Page 3 of 16

Question 3:
You have implemented a backup plan for your critical file servers, including proper media rotation, backup frequency, and offsite storage. Which of the following must be performed on a regular basis to ensure the validity and integrity of your backup system?

A. Periodic testing of restores
B. Multiple monthly backup media
C. Purchasing of new media
D. Updating the backup application software

When you connect to a secure HTTPS web page, which of the following actions is performed first?

A. The username and password are sent for authentication.
B. A digital certificate establishes the web site identity to the browser.
C. The web page is displayed, and then authentication is performed.
D. The client establishes its identity to the web server.

Question 5:
You need to renew your company’s certificate for its public web server. When should you renew the certificate?

A. On its expiry date
B. After it expires
C. After it’s revoked
D. Thirty days before expiry

Question 6:
You have had a rash of hacking incidents where weak employee passwords are being hacked through brute-force methods and unauthorized users are gaining access to the network. Which of the following security policies is most efficient for preventing brute-force hacking attempts on employee passwords?

A. Password rotation
B. Password length and complexity restrictions
C. Password expiration
D. Limiting logon attempts

Question 7:
You are setting up a single sign-on authentication system for a large, enterprise network of 5000 users. Which of the following authentication methods would you use?

A. Local login and password database
B. Login and password with a security token
C. LDAP server
D. Smart card with PIN number

Question 8:
You have been tasked by your manager to perform an evaluation of the benefits of using virtualization in your QA testing environment. Which of the following is an advantage of using virtual machines in terms of security and cost efficiency?

A. It reduces the need to install OS software updates.
B. Multiple operating systems can be installed and run in their own separate, secure area on a single hardware device.
C. It helps secure the hardware from unauthorized access.
D. Antivirus and other security software only have to be installed once.

Question 9:
During a denial-of-service attack, a network administrator blocks the source IP with the firewall, but the attack continues. What is the most likely cause of the problem?

A. The denial-of-service worm has already infected the firewall locally.
B. The attack is coming from multiple, distributed hosts.
C. A firewall can’t block denial-of-service attacks.
D. Antivirus software needs to be installed.

Page 10 of 16

Question 10:
To further secure your wireless network, you implement MAC address filtering. Which of the following statements describes the wireless network behavior after you enable MAC address filtering?
A. It allows wireless access only for specified MAC addresses.
B. It prevents wireless access only from specified MAC addresses.
C. It encrypts only specified wireless device MAC addresses.
D. It encrypts only MAC addresses not specified.