Security+ Practice Test 3 – Free Tech Exams

A security administrative has arranged for a penetration test without getting prior permission. A technical team member, who is unaware of the test, performs an attack against the testers. Which of the following attacks is performed by the technical team member here?

A. Wireless attack

B. Zero-day attack

C. Retaliation attack

D. Rainbow table attack

If you are building an application that will communicate with a database, which areas should be of your concern in the context of data security? [Choose two that apply.]

A. Database

B. Communication

C. Local files

D. User accounts

You have recently configured a wireless access point. All users with laptops now connect to the wireless network. You usually have visitors coming in for meetings who demand wireless connectivity. As per the IT Security Policy, you cannot connect the visitors to the corporate network. You need to still ensure that they are given access to the Internet and with minimum administrative effort and without additional cost. What should you do?

A. Purchase separate Internet dongles from a service provider

B. Install another wireless access point for visitors

C. Purchase a new DSL line and configure a new wireless access point on the same

D. Create a guest zone in the existing wireless access point

You have been working on an important research report. One morning, when you attempt to open the research report, the antivirus, which you had downloaded from the Internet, flashes a message that file is corrupt and cannot be opened unless you upgrade the antivirus. What could be the probable cause?

A. The file extension has been changed.

B. The antivirus is corrupt and needs to be repaired.

C. The laptop is infected with ransomware.

D. A temporary file is preventing the file from opening.

You are a security tester in your organization and are specialized in application testing. You have been handed over a new application in which you have to test the application for crashes, failing built-in code assertions, and memory leaks. What should you do?

A. Perform White-Box Testing

B. Perform Vulnerability Assessment

C. Perform Fuzzing

D. Perform Penetration

An attacker compromises a web server on a network, and using that server, attacks the other devices on that network. Which of the following attacks is performed by the attacker here?

A. Persistence

B. Active reconnaissance

C. Pivot

D. Passive reconnaissance

You have recently setup SFTP that your partner organization will be using for file transfer. However, when they try to access, they are not able to connect. You internally test the connection over the network and can connect using the same account. What could be the probable cause?

A. The account being used does not have enough permissions.

B. Port 22 on the firewall is blocked

C. SFTP service is in a hang state.

D. Port 25 on the firewall is blocked

You need to implement a new wireless network for a media organization. Most of the users will be working with video streaming. Which of the wireless standard should you select in this scenario?

A. 802.11n

B. 802.11g

C. 802.11a

D. 802.11b

E. 802.11ac

If you intend to use Trusted Platform Module (TPM) to store the cryptographic keys used to encrypt data, which type of attack are you trying to prevent?

A. Certificate cracking

B. Dictionary

C. Brute-force

D. DDoS

An organization has a smart card access system for authorizing the entry of employees. As the system has failed recently, the company introduces biometric access control to mitigate any security risks. Which of the following control measure is taken by the organization in this case?

A. Prevention

B. Compensating

C. Deterrent

D. Corrective