Fill-the-gaps questions really test your knowledge, and can be quite vague at times. In the CompTIA Security+ examination, some of the test questions can also be quite vague, hence the value of this section.
Complete the answers that you can, then make a list of those topics that you are getting wrong, as you need to revise these areas before you take the test. Best of luck.
In the following questions, fill in the gaps to make the statement. Each underlined section of the sentence represents one word—for example, ___________ means that one word is missing; ________ ___________ means that two words are missing:
1. Both the _______ and _________ use ACLs to block traffic by port, protocol, or IP address.
2. Where the router or firewall has no allow rule for a particular type of traffic, the traffic is blocked by a technique called ________ ____.
3. When setting up IPSec across the internet, it is used in _________ mode but when it is used in the LAN between client and server or server to server, it is known as ___________ mode.
4. I have installed a _________ ________ is my DMZ so that it will decrypt incoming traffic so that my firewall or inline NIPS can __________ the traffic.
5. If I disable the SSID on my wireless access point, it can be discovered by a ___________ _________ _________ as the SSID is included in the packet or an SSID _______ device.
6. The role of the VPN concentrator is to set up the _________ ________ before the exchange of data.
7. _____ ___________ is used to prevent someone plugging a laptop into my network; however, ________ is used to prevent a rogue access point being plugged into my network as it authenticates the user or device itself.
8. A __________ is a device that is used by cybersecurity administrators so that they can observe the attack method used by hackers. This will then enable them to prevent these types of attacks in the future.
9. A security administrator has noticed in the SIEM system log files that an attack was detected on Server 1 but when they manually inspected the server, the attack was not shown; this is known as a ______ ___________.
10. One of the reasons why a SIEM system records a false positive is because the wrong ______ _________ were being used, therefore it was monitoring the wrong type of attack.
11. An ________ NIPS has traffic flowing through it; however, the NIDS is known as ________ and relies on sensors and collectors to discover new attacks.
12. _________ __________ inspects traffic going to a website, whereas a _______ ________ inspects traffic across the network.
13. Banner grabbing uses tools such as Dimitri, _____, ________, and ________.
14. __________ shows established connections in a Windows environment, whereas _________ shows established connections in a Linux/Unix environment.
15. A _____ system correlates security logs from various devices such as servers and firewalls. The security administrator has decided to store the logs into a _______ drive so that they can be read but not tampered with as they may be needed as evidence at a later date.
16. A company could use a ____-__-____ VPN instead of an expensive lease line or even more expensive dark fiber, but it must be set to _______ - ___ mode.
17. A _____ ________ could be used as a spam filter and a ____ solution to prevent PII and sensitive information from leaving the company.
18. Both ____ and a ______ can detect when new hosts have been added to your internal network.
19. A __________-______ NIDS/NIPS uses a known database and is reliant on regular updates where _______- _____ NIDS/NIPS start with a known database but can identify new variants.
20. A security administrator changes the default _________ and _________, disables the SSID, and enables ______ filtering to make a wireless access point more secure.
21. A security administrator sets up a wireless access point by inserting a password that will be used by ____. The user can now access the WAP by simply pushing a button; however, this could be subject to a ______-______ password attack.
22. An auditor reports to a security administrator that the company's wireless network could be detected on the footpath outside of the premises. The security administrator then uses ___ ______ __________ antenna to mitigate the risk of being attacked by an external threat actor.
23. A new company has an increasing amount of people coming to its website; therefore, it can use a ______ _________ or ___ ______ _____ to ensure that incoming web requests were dealt in a timely manner.
24. A company installed a _________ firewall to deal with DDoS traffic trying to attack their company's website.
25. A company has set up account lockout with three attempts. An attacker tries to log in once to three separate hosts but finds himself locked out. This is because a ______ system has a ______ engine.
26. If a company was to use weak passwords, they would set them with a low minimum _________ _____ to mitigate the risk of being attacked or could use a _____ _____ ____-_______ ___________ as a compensating control.
27. There have been attacks on the company's virtual machine network, therefore, the security administrator has installed a _____ on each machine to protect them.
28. A company has set a policy of using mobile device management (MDM) to _______ ______ lost or stolen machine to mitigate the risk of data falling into the wrong hands.
29. _______ can be used to stop PII and sensitive information from leaving the company via email or being exported onto a USB drive.
30. The security team in a company are now using ___________ to ensure that company laptops can remain within the company's premises. Another method would be RFID.
31. One of the company's employees uses ________/_____________ so that they can unlock a mobile phone. They now want to install a third-party application. This is known as ___________.
32. _____ is a secure protocol that can be used to run remote commands securely on routers or directory services. It can also use a graphical user interface.
33. If an application cannot run on a desktop, it could well be that the application is just not on the _________. It does not necessarily need to be on the blacklist. It may not be on any list.
34. If I want to restrict a user's ability to log in to ensure that they can only authenticate when they are in the United States of America and ensure that they cannot authenticate from any other location. This form of authentication is known as ________-
_______ _______________.
35. _____ is first and foremost a firewall, but it can also carry out the functions of URL and content inspection and _________ ___________.
36. An organization was suffering from DNS poisoning and decided to use _________ to encrypt the DNS traffic with TLS. This produced both DNSKEY and ________ records.
37. When two people wish to send digitally signed and encrypted emails, they could use _________ for email integrity and PGP for ___________.
38. When people decide to leave the company for a highly paid job, we should carry out ___ __________ to ensure that the company CYOD equipment has been returned, followed by an _____ ____________ by the human resources department.
39. A company has decided that instead of the sales staff traveling to the head office for weekly meetings, they will use videoconferencing. The videoconferencing should be secure, therefore they will use the _________ protocol.
40. The company has decided to keep the employees' personal data separate from the business data by using either __________________ or storage _______________.
41. When the bandwidth coming into your company is being reduced and the space on one of your company servers is being aggressively reduced, this is a sign of downloading ____________ ____________.
42. You are a directory services administrator and use LDAP to create, search for, and find objects. The CISO has now written a policy requiring you to secure your session with the directory services. Therefore, you will use the ______ protocol and TCP port ____.
43. Security administrators can use ______ _________ to prevent anyone using a CD ROM or any other form of removable media to mitigate the risk of spreading a virus or stealing data.
44. Recently, data has been compromised from a mobile phone, and the CEO has asked the security team to come up with a solution to protect data at rest. The security team are going to use _____ _____ ____________ to protect the data at rest and ________ ______ to prevent access to the mobile phones.
45. There have been certificate trust errors for the company website. The security team is going to check that the certificate is _______ and has been added to the _________ ______ certification authorities store on the web server.
46. Over the past year, a hospital has lost about 25 laptops from the consultant's offices when they were visiting the patients during ward rounds. The security team has now rolled out ____________ to prevent the theft of these laptops.
47. A network team has rolled out ______ __________ to prevent unauthorized rogue DHCP servers from operating on the company network.
48. The CEO of a publishing company has told the IT team that they can no longer use FTP to download books as they need to adopt a protocol that can download large books securely. The chosen protocol was ______ as it is encrypted and uses two ports to download data.
49. A company has recently started using _______ to check the health of the remote user's laptop to ensure that they cannot spread a virus to the company's network.
50. The best method for sanitizing a hard drive is by ___________ it. However, the best way of disposing of paper documents containing PII information is to ________ them.