Security Plus 200 Questions and Answers Test Prep
Security Plus 200 Questions and Answers Test Prep
Security Plus 200 Questions and Answers Test Prep
com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
2. What type of attack involves intercepting and modifying communication between two parties?
A. Phishing
B. Man-in-the-middle
C. DDoS
D. Brute force
1
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
11. Which of the following is a common method for securely erasing data on a hard drive?
A. Overwriting
B. Degaussing
C. Shredding
D. All of the above
2
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
16. What type of malware typically spreads itself through network connections?
A. Worm
B. Virus
C. Trojan
D. Spyware
3
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
18. What is the primary purpose of a Security Information and Event Management (SIEM) system?
A. Encrypting data
B. Centralizing and analyzing log data from various sources
C. Controlling access to network resources
D. Detecting malware
22. What is the primary purpose of a Data Loss Prevention (DLP) solution?
A. Detecting and preventing unauthorized data transfers
B. Encrypting data at rest and in transit
C. Monitoring network traffic
D. Scanning for malware
23. What type of attack involves overwhelming a target system with traffic or requests?
A. Man-in-the-middle
B. DDoS
C. Brute force
D. Phishing
4
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
24. Which of the following is a best practice for secure password management?
A. Use of complex, unique passwords for each account
B. Sharing passwords with trusted colleagues
C. Writing passwords on sticky notes for easy access
D. Using the same password for all accounts
25. What type of attack involves an attacker sending malformed or malicious data to a target application?
A. Buffer overflow
B. SQL injection
C. Cross-site scripting (XSS)
D. Brute force
26. Which security concept ensures that data is only accessible to authorized users?
A. Confidentiality
B. Integrity
C. Availability
D. Non-repudiation
27. What type of backup strategy involves creating a copy of only the data that has changed since the last full
backup?
A. Incremental backup
B. Differential backup
C. Full backup
D. Snapshot backup
28. Which of the following is a secure email protocol that encrypts both messages and attachments?
A. SMTP
B. IMAP
C. POP3
D. S/MIME
5
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
29. Which of the following is a type of hardware-based security technology that isolates and protects sensitive data
on a device?
A. HSM
B. TPM
C. BIOS
D. UTM
30. What type of attack involves an attacker sending unsolicited messages to a large number of recipients?
A. DDoS
B. Brute force
C. Spam
D. Phishing
33. Which type of cryptography uses two keys, one for encryption and one for decryption?
A. Symmetric-key cryptography
B. Asymmetric-key cryptography
C. Hash function
D. Digital signature
6
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
36. What is the primary purpose of a Network Access Control (NAC) system?
A. Encrypt data
B. Monitor network traffic
C. Control access to network resources based on device compliance
D. Detect malware
37. Which type of malware typically requires user interaction to execute and spread?
A. Worm
B. Virus
C. Trojan
D. Ransomware
40. Which type of security testing involves a tester with limited knowledge of the target system?
A. White box testing
B. Gray box testing
C. Black box testing
D. Red team testing
7
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
42. Which of the following is an example of a security control that provides redundancy?
A. Firewall
B. Intrusion detection system (IDS)
C. Backup generator
D. VPN
44. What type of disaster recovery strategy involves running systems and applications at a secondary site after a
disaster?
A. Cold site
B. Warm site
C. Hot site
D. Mobile site
46. Which type of attack involves exploiting a vulnerability in a system or application before the developer can fix it?
A. Brute force
B. DDoS
C. Zero-day exploit
D. Man-in-the-middle
8
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
49. What type of attack involves an attacker repeatedly attempting to guess a user's login credentials?
A. Man-in-the-middle
B. Brute force
C. DDoS
D. Phishing
51. Which of the following best describes an Information Security Management System (ISMS)?
A. A hardware device for securing data
B. A software tool for detecting security incidents
C. A framework for managing and protecting information assets
D. A set of guidelines for responding to security incidents
9
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
54. Which of the following is a best practice for securing wireless networks?
A. Using weak encryption protocols
B. Disabling SSID broadcasting
C. Allowing open guest networks
D. Not using a pre-shared key
57. Which type of authentication factor category does a fingerprint scanner belong to?
A. Something you know
B. Something you have
C. Something you are
D. Somewhere you are
10
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
60. What type of attack involves an attacker gaining unauthorized access to a system by exploiting a vulnerability?
A. Man-in-the-middle
B. Brute force
C. DDoS
D. Exploit
61. What type of malware is designed to encrypt a victim's files and demand a ransom for decryption?
A. Worm
B. Virus
C. Trojan
D. Ransomware
62. Which of the following is a standard for securely exchanging authentication and authorization data between
parties?
A. OAuth
B. SAML
C. OpenID Connect
D. All of the above
11
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
64. Which of the following is a type of security control that deters attackers by increasing the perceived effort or risk
of an attack?
A. Preventative
B. Detective
C. Corrective
D. Deterrent
65. What type of security testing involves a tester with full knowledge of the target system?
A. White box testing
B. Gray box testing
C. Black box testing
D. Red team testing
67. Which of the following is a type of encryption algorithm that provides both authentication and encryption?
A. RSA
B. AES-GCM
C. DES
D. 3DES
68. What type of attack involves the unauthorized use of a user's session identifier to gain access to their account?
A. Session hijacking
B. Brute force
C. DDoS
D. Phishing
12
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
69. What type of network security device combines multiple security functions into a single appliance?
A. Intrusion Detection System (IDS)
B. Firewall
C. Unified Threat Management (UTM)
D. Data Loss Prevention (DLP)
72. What type of cybersecurity incident involves an attacker exploiting a web application to send malicious code to a
user's browser?
A. SQL injection
B. Cross-site scripting (XSS)
C. CSRF
D. Buffer overflow
74. Which of the following is a best practice for managing vendor risks?
A. Assessing vendors' security controls and practices
B. Providing vendors with unrestricted access to systems and data
C. Ignoring vendor risks
D. Relying solely on the vendor's reputation
13
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
77. What type of security testing involves a simulated attack on an organization's systems to assess their security
posture?
A. White box testing
B. Gray box testing
C. Black box testing
D. Red team testing
78. Which of the following is an example of a host-based intrusion detection system (HIDS)?
A. Snort
B. OSSEC
C. Suricata
D. Bro
79. What type of biometric authentication method involves analyzing a user's typing rhythm and patterns?
A. Fingerprint recognition
B. Iris recognition
C. Voice recognition
D. Keystroke dynamics
80. Which of the following is an example of a network-based intrusion detection system (NIDS)?
A. Snort
B. OSSEC
C. Suricata
D. Bro
14
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
81. What is the primary purpose of a Security Information and Event Management (SIEM) system?
A. Encrypt data
B. Aggregate, analyze, and correlate security event data from multiple sources
C. Control access to network resources
D. Detect malware
82. Which type of security control involves creating a baseline of normal system behavior and alerting when
deviations occur?
A. Preventative
B. Detective
C. Corrective
D. Deterrent
86. What type of attack involves an attacker intercepting and altering communication between two parties without
their knowledge?
A. Man-in-the-middle
B. Brute force
C. DDoS
D. Phishing
15
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
87. Which of the following is a type of incident that typically triggers the activation of a disaster recovery plan?
A. Hardware failure
B. Natural disaster
C. Cyberattack
D. All of the above
88. What is the primary purpose of a demilitarized zone (DMZ) in a network architecture?
A. Encrypt data
B. Monitor network traffic
C. Create a buffer zone between an organization's internal network and the internet
D. Detect malware
90. What type of malware often disguises itself as legitimate software or is included in legitimate software that has
been tampered with?
A. Worm
B. Virus
C. Trojan
D. Ransomware
16
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
94. Which type of attack involves an attacker flooding a network with malformed packets?
A. Man-in-the-middle
B. Brute force
C. DDoS
D. Fragmentation attack
96. Which of the following is an example of a data loss prevention (DLP) solution?
A. Digital Rights Management (DRM)
B. Encryption
C. Network monitoring
D. All of the above
97. What is the primary purpose of a secure software development lifecycle (SDLC) process?
A. Encrypt data
B. Monitor network traffic
C. Ensure that security is integrated throughout the software development process
D. Detect malware
17
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
99. Which of the following is an example of a mobile device management (MDM) solution?
A. Apple Configurator
B. Microsoft Intune
C. MobileIron
D. All of the above
100. What is the primary purpose of a network intrusion detection system (NIDS)?
A. Encrypt data
B. Monitor network traffic for signs of malicious activity
C. Control access to network resources
D. Detect malware
101. Which of the following is an example of a network access control (NAC) solution?
A. Cisco ISE
B. Microsoft Intune
C. MobileIron
D. Apple Configurator
104. Which type of attack involves an attacker sending unsolicited messages to a large number of recipients, often
for the purpose of spreading malware or phishing?
A. Man-in-the-middle
B. Brute force
C. DDoS
D. Spam
18
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
105. Which of the following is a type of network segmentation used to isolate different types of network traffic?
A. Subnetting
B. VLAN
C. DMZ
D. All of the above
108. Which of the following is an example of a secure communication protocol for remote administration?
A. Telnet
B. RDP
C. SSH
D. VNC
109. What type of security control involves restricting access to sensitive information based on a user's role or job
function?
A. Access control
B. Role-based access control (RBAC)
C. Discretionary access control (DAC)
D. Mandatory access control (MAC)
110. Which type of attack involves an attacker attempting to gain unauthorized access to an account by guessing or
cracking the password?
A. Password attack
B. Brute force
A. DDoS
B. Phishing
19
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
115. What type of attack involves an attacker exploiting a DNS server to redirect traffic to a malicious site?
A. Man-in-the-middle
B. DNS poisoning
C. DDoS
D. Phishing
20
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
121. Which type of security control involves the implementation of physical barriers to prevent unauthorized
access to a facility?
A. Physical
B. Technical
C. Administrative
D. Preventative
21
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
128. What type of attack involves an attacker intercepting and forwarding network traffic between two parties?
A. Man-in-the-middle
B. Replay attack
C. DDoS
D. Phishing
22
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
23
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
139. What type of security control is a security incident and event management (SIEM) system?
A. Preventative
B. Detective
C. Corrective
D. Deterrent
24
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
140. What type of attack involves an attacker flooding a network with an excessive amount of traffic,
overwhelming its resources and causing a denial of service?
A. Man-in-the-middle
B. Brute force
C. DDoS
D. Phishing
143. What is the primary purpose of an identity and access management (IAM) system?
A. Encrypt data
B. Manage and control user access to resources and data within an organization
C. Monitor network traffic
D. Detect malware
145. What type of attack involves an attacker encrypting a victim's data and demanding payment in exchange for
the decryption key?
A. Man-in-the-middle
B. Brute force
C. DDoS
D. Ransomware
25
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
148. Which type of security control is a data loss prevention (DLP) solution?
A. Preventative
B. Detective
C. Corrective
D. Deterrent
26
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
153. What type of attack involves an attacker sending a large number of SYN packets to a target system, causing it
to allocate resources for connections that will never be completed?
A. Man-in-the-middle
B. SYN flood
C. DDoS
D. Phishing
27
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
161. What type of security control is a host-based intrusion detection system (HIDS)?
A. Preventative
B. Detective
C. Corrective
D. Deterrent
162. What is the primary purpose of a security information and event management (SIEM) system?
A. Encrypt data
B. Aggregate, analyze, and correlate log data from various sources to detect and respond to security
incidents
C. Control access to network resources
D. Detect malware
163. Which of the following is an example of a cloud access security broker (CASB)?
A. Microsoft Cloud App Security
B. McAfee MVISION Cloud
C. Netskope
E. All of the above
28
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
164. What type of security control is a secure software development lifecycle (SDLC) process?
A. Physical
B. Technical
C. Administrative
D. Preventative
165. Which type of attack involves an attacker compromising a legitimate website to serve malicious content or
exploit user vulnerabilities?
A. Man-in-the-middle
B. Brute force
C. DDoS
D. Watering hole
29
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
172. What type of security control is a network intrusion detection system (NIDS)?
A. Preventative
B. Detective
C. Corrective
D. Deterrent
30
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
177. What type of attack involves an attacker sending a large number of ICMP echo request packets to a target
system, causing it to respond with an equal number of echo reply packets, overwhelming its resources?
A. Ping flood
B. SYN flood
C. DDoS
D. Phishing
31
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
184. Which of the following is an example of a mobile device management (MDM) solution?
A. AirWatch
B. MobileIron
C. Microsoft Intune
D. All of the above
187. Which of the following is an example of a virtual private network (VPN) protocol?
A. PPTP
B. L2TP
C. IPSec
D. All of the above
32
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
189. Which type of attack involves an attacker using multiple systems to target a single system with a flood of
network packets?
A. Man-in-the-middle
B. Brute force
C. Distributed denial of service (DDoS)
D. Phishing
190. What is the primary purpose of an authentication, authorization, and accounting (AAA) system?
A. Ensure that users are who they claim to be, grant appropriate access, and track user activities
B. Detect and prevent network intrusions
C. Control access to network resources
D. Detect malware
33
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
194. Which of the following is an example of a network access control (NAC) solution?
A. Cisco ISE
B. Forescout CounterACT
C. Aruba ClearPass
D. All of the above
196. What is the primary purpose of a secure socket layer (SSL) certificate?
A. Encrypt data and authenticate the identity of a website
B. Detect and prevent network intrusions
C. Control access to network resources
D. Detect malware
199. Which type of attack involves an attacker attempting to gain unauthorized access to a system by trying every
possible combination of characters until the correct password is found?
A. Man-in-the-middle
B. Brute force
C. DDoS
D. Phishing
34
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
35
Ron Sharon (www.ronsharon.com)
200 SECURITY PLUS QUESTIONS AND ANSWERS
36