Chapter 01 – Mastering Security Basics!

CompTIA Security+ (SY0-701) – Chapter 1

1 / 195

Which log file in a Linux system contains entries generated during system boot-up?

2 / 195

In the context of network logs, what does the ’status’ refer to?

3 / 195

What is the purpose of the ’journalctl –list-boots’ command in Linux system?

4 / 195

What role do security guards play as a type of preventative control?

5 / 195

What is the CIA security triad in the context of organizational security principles?

6 / 195

What method is used to provide assurance that data has not changed and thus providing integrity?

7 / 195

Which of the following best describes the combination of control categories and types based on the provided excerpt?

8 / 195

What is the purpose of compensating controls in a security framework?

9 / 195

What information does the ’Netstat –r’ command on a system provide?

10 / 195

What is a compensating control as described in the context of network security?

11 / 195

Which log of the operating system records events related to the functioning of the operating system such as when it starts, when it shuts down, and information on services starting and stopping?

12 / 195

What information does the ’Netstat -a’ command display on a system?

13 / 195

Which command is used to search for a specific text in a file?

14 / 195

What is the purpose of redundancy in networking?

15 / 195

What does the ’bytes’ denote in the Common Log format standardized by the World Wide Web Consortium (W3C)?

16 / 195

What is the content of the NIST SP 800-53 Revision 5?

17 / 195

Why might organizations choose not to encrypt all of their data despite the increase in security?

18 / 195

What does the ’Netstat -n’ command do?

19 / 195

What does the ’ifconfig eth0’ command in a Linux-based system do?

20 / 195

What is included in ’Physical and environmental protection’ as an operational control?

21 / 195

What does the ’ip -s link’ command do on Linux systems?

22 / 195

What is the purpose of network reconnaissance in the context of network security?

23 / 195

What is the primary task of the ’Log Monitoring’ as part of the detective controls?

24 / 195

What does the ’logger Backup started’ command do according to the text?

25 / 195

What is the function of the ’ip link show’ command?

26 / 195

What do log entries in a system help administrators and security investigators determine?

27 / 195

Which of the following is NOT a control type listed by CompTIA in the Security+ objectives?

28 / 195

What type of events does the Application log record in a Windows operating system?

29 / 195

What does the ESTABLISHED state in the netstat command output indicate?

30 / 195

What is the purpose of the command ’sudo cat /var/log/auth.log | grep ’authentication failure’’ in a Linux system?

31 / 195

What does the ’Netstat -s’ command do?

32 / 195

What are the three types of permissions that can be modified with the chmod command on Linux system files and folders?

33 / 195

What is the function of a correlation engine in a SIEM system?

34 / 195

What does the command ’sudo head /var/log/syslog’ do?

35 / 195

What is the purpose of operational controls in organization’s overall security plan?

36 / 195

Which of the following methods is used to ensure confidentiality by scrambling data, thereby making it unreadable to unauthorized personnel?

37 / 195

How can you limit the output of the journalctl command to only logs from the last hour?

38 / 195

What is the purpose of User Behavior Analysis in a SIEM system?

39 / 195

Why might a ping command fail even if a system is operational and reachable?

40 / 195

What are the key elements of access controls?

41 / 195

What does the command ’sudo cat /var/log/auth.log’ do in Linux?

42 / 195

Which of the following options accurately describes technical controls, as per the CompTIA Security+ objectives?

43 / 195

What does the ’CLOSE_WAIT’ state indicate when using the netstat command?

44 / 195

What does the ’ifconfig eth0 promisc’ command do on a Linux system?

45 / 195

Which media protection control best ensures the security of data on physical media like USB flash drives or backup tapes?

46 / 195

According to the ’Place Order’ use case, who are classified as the ’actors’?

47 / 195

What is the role of Authentication in maintaining confidentiality as per the given text?

48 / 195

What are the two common managerial controls mentioned in the text?

49 / 195

Which of the following is a NOT a common feature of a SIEM system?

50 / 195

What is the function of video surveillance as a detective control in a security setting?

51 / 195

What is the role of ’Data Inputs’ in a Security Information and Event Management (SIEM) system?

52 / 195

What does Hardening mean in the context of preventative controls?

53 / 195

What does the ’ping 192.168.1.1’ command do?

54 / 195

What does the ’arp -a’ command do in the context of a Windows operating system?

55 / 195

What does the ’LISTEN’ state in the netstat command indicate?

56 / 195

What does the TIME_WAIT state indicate in the netstat command?

57 / 195

What is the primary function of an Intrusion prevention system (IPS) in the context of preventative controls?

58 / 195

What is the function of the ’ipconfig /flushdns’ command?

59 / 195

What is the role of antivirus software as a technical control?

60 / 195

Which of the following statements best describes a ’precondition condition’ within the context of use cases?

61 / 195

Which command provides a comprehensive listing of TCP/IP configuration for each NIC, including MAC address, address of assigned DNS servers and address of a DHCP server?

62 / 195

What is event deduplication in the context of a Security Information and Event Management (SIEM) system?

63 / 195

What is the purpose of the pipe operator (|) in the command ’sudo cat /var/log/auth.log | more’?

64 / 195

What is the ’host’ in the context of Network logs and Common Log Format?

65 / 195

What does the ’ifconfig eth0 allmulti’ command enable?

66 / 195

What are the two types of common managerial controls in an organization’s written security policy, according to the given text?

67 / 195

Which of the following accurately describes a common capability of a SIEM system?

68 / 195

What is the purpose of power redundancies in ensuring a system’s availability?

69 / 195

What does the ’more’ command do when used in conjunction with the ’cat’ command in a Linux environment?

70 / 195

What is the primary purpose of a cable lock as a deterrent control?

71 / 195

What type of control can a lock be classified as, in addition to being a physical control?

72 / 195

Which of the following is a function that firewalls perform as a technical control?

73 / 195

What are the key elements of access controls that help ensure the confidentiality of data?

74 / 195

Which is the correct description of the command ’ip link set eth0 up’ as per the text above?

75 / 195

What does the authuser field in a web server log typically record?

76 / 195

What does the command ’chmod 760 filename’ represent in Linux?

77 / 195

Which of the following is NOT an example of a technical control?

78 / 195

What does the /var/log/messages log contain in a Linux environment?

79 / 195

What is one of the methods utilized by organizations to keep their systems available?

80 / 195

What does /var/log/httpd/ directory contain in Linux as pointed out by CompTIA Security+ exam?

81 / 195

What is the purpose of the correlation engine in a Security Information and Event Management (SIEM) system?

82 / 195

What is the primary function of the ’head’ command in the context of log files?

83 / 195

What is the primary function of managerial controls in a security structure?

84 / 195

What is a key benefit of using a centralized security information and event management (SIEM) system in a large organization?

85 / 195

Which is NOT a correct definition of a particular control type according to CompTIA?

86 / 195

Which of the following statements is true about the sensitivity levels in a SIEM system?

87 / 195

What is one key feature of NXLog Enterprise Edition that is not included in the Community Edition?

88 / 195

What is the primary goal of corrective and recovery controls?

89 / 195

What is the definition of risk in the context of IT security?

90 / 195

What is the purpose of an ’Account disablement policy’?

91 / 195

What does the ’netstat -p tcp’ command do?

92 / 195

What principle ensures that systems are available when needed and often addresses single points of failure in network systems?

93 / 195

What are some capabilities of the hping command?

94 / 195

What is the main function of detective controls in an organization’s security control system?

95 / 195

Which of the following best describes the function of disk redundancies in the context of availability and fault tolerance?

96 / 195

What is the role of ’request’ in the data logged by a web server?

97 / 195

What is the function of ARP?

98 / 195

What is the purpose of using the command ’sudo grep “authentication failure”/var/log/auth.log’?

99 / 195

Which of the following is NOT an example of a preventative control type?

100 / 195

Which of the following best describes automated triggers in the context of a SIEM system?

101 / 195

Which of the following accurately describes a function provided by security information and event management (SIEM) systems?

102 / 195

What does the command ’ping gcgapremium.com’ do?

103 / 195

What does the SYN_SENT state indicate when using the netstat command?

104 / 195

Which of the following commands enables promiscuous mode on the first Ethernet interface of a Linux-based system?

105 / 195

What does sentiment analysis refer to within a SIEM system?

106 / 195

What is used to query the Linux system logging utility (journald) and why?

107 / 195

What does the term ’least privilege’ in the context of technical controls refer to?

108 / 195

Which of the following techniques can be used to ensure data confidentiality?

109 / 195

How can a systems administrator use the ’ping’ command to assess organizational security?

110 / 195

What is the role of ’Deterrent controls’ in Organization’s security policy?

111 / 195

What information does the auth.log contain in a Linux system?

112 / 195

What does the command ’arp -a 192.168.1.1’ do?

113 / 195

Which of the following is NOT an example of a detective control?

114 / 195

What does a security incident refer to in IT security?

115 / 195

What is the primary difference between scalability and elasticity in terms of system availability?

116 / 195

A network log entry in the Common Log format standardized by the W3C typically contains which of the following details?

117 / 195

What types of intrusions can the intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) monitor?

118 / 195

What is a common goal of fault tolerance and redundancy techniques in an information system?

119 / 195

Which of the following is strongly recommended if you do not have a Linux system, according to the information given in the text above?

120 / 195

What is the purpose of using the ping command to check name resolution based on the provided passage?

121 / 195

What are the features of Syslog-ng as an extension of syslogd on Linux-like systems?

122 / 195

What does a protocol analyzer do in a SIEM system?

123 / 195

What type of information does the ’date’ field record in the Common Log format standardized by the World Wide Web Consortium (W3C)?

124 / 195

What is the primary function of the ’ping -t 192.168.1.1’ command on a Windows system?

125 / 195

What is the purpose of motion detection as a detective control in terms of security?

126 / 195

Which of the following best describes Detective controls, in terms of security controls?

127 / 195

Which statement best describes the meaning of the ’ping -c 4 192.168.1.1’ command?

128 / 195

What does the correlation engine in a SIEM system do?

129 / 195

What is the primary use of the ’Netstat -n’ command?

130 / 195

What does the acronym LAMP stand for in the context of web hosting?

131 / 195

What does the ’Netstat -p protocol’ command do?

132 / 195

What are two common types of managerial controls described in the given text?

133 / 195

What is the role of a syslog collector?

134 / 195

What is risk in the context of IT security?

135 / 195

What does log aggregation in a Security Information and Event Management (SIEM) system refer to?

136 / 195

What is the function of the ’logger’ command in the CompTIA Security+ context?

137 / 195

What is the primary function of backups and system recovery in corrective and recovery controls?

138 / 195

Which of the following is an example of deterrent control in terms of physical security?

139 / 195

What would be the effect of the ’chmod o-x filename’ command on a Linux system?

140 / 195

Which Windows log type records auditable events, such as a user’s success or failure in performing actions like logging on or deleting a file, by default?

141 / 195

What does the /var/log/faillog Linux log file contain information about?

142 / 195

What type of information does the ’var/log/syslog’ file contain on a Linux system?

143 / 195

What does the command netstat -anp tcp show you?

144 / 195

Which of the following best describes the purpose of preventative controls in IT security?

145 / 195

What does ’WORM’ refer to in the context of a security information and event management (SIEM) system?

146 / 195

Which of the following is NOT an example of a corrective or recovery control?

147 / 195

In a use case, what is meant by ’Postcondition’?

148 / 195

Which statement describes operational controls in the context of organizational security?

149 / 195

What is stored in the var/log/messages file?

150 / 195

Which of the following best describes what Corrective controls do according to the CompTIA?

151 / 195

What is a common goal of fault tolerance and redundancy techniques in server redundancies?

152 / 195

What does the ’SYN_RECEIVED’ state in Netstat mean?

153 / 195

What does the Linux ’chmod g=r filename’ command do?

154 / 195

What is the primary purpose of using physical locks as a part of security controls?

155 / 195

What does the ’journalctl -1’ command do in a Linux system?

156 / 195

What are the key elements of access controls?

157 / 195

What is the difference between scalability and elasticity in terms of system availability?

158 / 195

What are response controls in the context of security?

159 / 195

What is a key function of Security information and event management (SIEM) systems as a detective control?

160 / 195

Why is time synchronization important in a SIEM system?

161 / 195

What does the /var/log/kern.log file do in Linux?

162 / 195

What does the ’tail’ command in Unix or Linux do by default?

163 / 195

Most SIEM systems include multiple built-in reports. What do these reports typically cover?

164 / 195

What is the purpose of using encryption as a technical control?

165 / 195

What starts the use case in the scenario of Lisa purchasing an item online?

166 / 195

What is a discriminating feature about the NXLog Community Edition compared to other log management tools?

167 / 195

What does the command sudo ifconfig eth0 do on Linux systems?

168 / 195

Which tool helps in detecting malicious traffic after it enters a network in the context of detective controls?

169 / 195

Which of the following is NOT an example of a detective control?

170 / 195

What is the result of running the command ’sudo cat /var/log/auth.log’ in a Linux system?

171 / 195

What type of information does the /var/log/auth.log file contain on a Linux system?

172 / 195

In the context of security controls, what purpose does change management serve?

173 / 195

What does the ’-n 15’ switch specify when used with the ’sudo tail’ command in relation to the /var/log/messages file?

174 / 195

What does the ’ipconfig /displaydns’ command do in a Windows system?

175 / 195

What is the primary function of the ’ipconfig’ command on a Windows system?

176 / 195

Which of the following is NOT included in operational controls?

177 / 195

What is the primary function of the ’cat’ command in Linux?

178 / 195

What does the ’user-identifier’ field in the Common Log Format represent?

179 / 195

What is a major feature of the Rsyslog software utility that differentiates it from Syslog-ng as mentioned in the provided text?

180 / 195

What are the key features of NXLog Enterprise Edition as compared to the Community Edition?

181 / 195

What is the main purpose of a tracert, or traceroute, command?

182 / 195

What does the pathping -n command do in network administration?

183 / 195

What is the function of sensors in a Security Information and Event Management (SIEM) system?

184 / 195

What is a major function of a ’Log collector’ as it pertains to a Security Information and Event Management (SIEM)?

185 / 195

What is the definition of risk in IT security context?

186 / 195

What is the unique functionality that Rsyslog provides as an improvement over Syslog-ng?

187 / 195

What does the pathping command do?

188 / 195

What does the command ’journalctl — since “1 hour ago”’ do in the context of the Linux system logging utility journald?

189 / 195

What does the ’Netstat -e’ command do?

190 / 195

What are some examples of preventative controls?

191 / 195

What is the correct naming strategy for a use case in systems analysis and software development?

192 / 195

What is the function of the ’-c’ switch when used with the ping command on a Linux system?

193 / 195

What is the primary function of the Security log in a Windows system?

194 / 195

In the context of a use case, what does the term ’Normal flow’ refer to?

195 / 195

What does the ’Alternate flow’ element in a use case describe?

Your score is

Boost Your Skills with Free Anki Flashcards

Click the download button to get the CompTIA Security+ Anki deck.

Anki deck of CompTIA A+ Practice Questions images

Free CompTIA Security+ Practice Test – Chapter 01: Mastering Security Basics

Mastering Security Basics for CompTIA Security+ is essential for anyone pursuing the certification. This chapter offers free practice questions to help you strengthen your foundational security knowledge. Boost your IT skills with our free CompTIA Security+ practice test focusing on Chapter 01: Mastering Security Basics. Whether you’re entering the IT industry or advancing in cyber security, our resources are here to help you succeed in the CompTIA Exam.

Why Choose Our CompTIA Security+ Practice Test?

  • Skill Enhancement: Covers essential security basics and concepts crucial for the CompTIA Exam and vulnerability management.
  • Career Advancement: Passing the CompTIA Security+ exam can open doors to new job opportunities and significant career changes in the IT industry.
  • Vulnerability Management: Master the art of managing security vulnerabilities, a key skill in the field of cyber security.

Free Anki Deck Download

Download our free Anki Deck, reviewed by industry expert Josh Madakor, who has extensive experience in IT and cyber security, including work with Microsoft and government sectors. Learn more about Anki on the official site.

Get Started with Your IT Career Change Today!

Visit the CompTIA Security+ official site and the CompTIA Network+ official site for more information.

 
Explore our other free practice tests:
Share the Post:

Related Posts

RSS  
  • Discover How to Work Remotely and Travel!
    Have you ever dreamed about working from beautiful places like Thailand or Japan, but weren’t sure if it’s possible? I’m here to share my adventures and some tips on how to make working remotely while exploring the world a reality.  Who Am I? My name is Josh, and I’m all about creating helpful content on […]
  • Why Contract Work in IT Can Be a Good Start for Your Career
    Hey buddies! Are you curious about what it’s like to work in IT and cyber security? Well, you’re in luck because today we’re diving into the world of contract work and how it might just be the jumpstart your career needed! Getting Into the World of Contract Work in IT Josh, an expert in IT […]
  • Is Cyber Security a Career That Will Last Forever?
    Hey everyone! Have you ever wondered if choosing a career in cyber security is a good idea for the long haul? Well, let’s dive into this topic with the help of Josh Maor’s insights, and find out why cyber security might just be one of the smartest career choices out there. What Is Cyber Security? […]
IT Course

The Affordable, Hands-On Josh Madakor IT Course that gets Results!

Ready to get started your journey?
Cyber Course

The Affordable, Hands-On Cyber Security that gets Results!

Ready to get started your journey?

JOIN OUR

NEWSLETTER

Sign up for our free newsletters.

by joining 8000+ others in my weekly newsletter 

where you’ll get a dose of my thoughts on self-improvement, career,

and life!