CompTIA Security+ 701 Practice Test 2

Question 1

Which of the following is a primary goal of the CIA triad?

A. Integrity
B. Non-repudiation
C. Authentication
D. Authorization

Answer 1

Integrity

A component of the CIA triad, which stands for Confidentiality, Integrity, and Availability.

Question 2

What is the main purpose of managerial controls?

A. To detect anomalies or intrusions
B. To mandate specific actions or processes
C. To physically secure assets
D. To establish policies and procedures

Answer 2

To establish policies and procedures

Managerial controls establish policies, procedures, and governance.

Question 3

Which of the following is an example of an operational control?

A. Incident response plan
B. Security policy
C. Access badge
D. Firewall

Answer 3

Incident response plan

An operational control as it involves day-to-day security operations.

Question 4

Which type of control is primarily focused on discouraging potential attacks?

A. Corrective
B. Deterrent
C. Detective
D. Directive

Answer 4

Deterrent

Deterrent controls focus on discouraging potential attacks.

Question 5

What type of security control is a biometric authentication system?

A. Physical
B. Managerial
C. Technical
D. Operational

Answer 5

Technical

As it involves hardware or software.

Question 6

Which of the following is NOT a component of the Zero Trust model?

A. Policy Enforcement Point
B. Policy Engine
C. Policy Administrator
D. Policy Execution Point

Answer 6

Policy Execution Point

Not a component of the Zero Trust model.

Question 7

What is the primary purpose of key stretching?

A. To revoke digital certificates.
B. To encrypt data for secure transmission.
C. To hide data within other data.
D. To increase the computational effort required to brute force a password.

Answer 7

To increase the computational effort required to brute force a password.

Key stretching is a technique used to make brute force attacks more computationally intensive and time-consuming by repeatedly hashing a password.

Question 8

What is the primary purpose of a backout plan in the change management process?

A. To schedule a specific time frame for performing maintenance or changes to the IT systems.
B. To keep track of changes made to documents, code, or other collections of information.
C. To identify and analyze the impact of the change on various stakeholders.
D. To define the steps to revert to the original state if the change is unsuccessful.

Answer 8

To define the steps to revert to the original state if the change is unsuccessful.

A backout plan is a plan that defines the steps to revert to the original state if the change is unsuccessful or causes unforeseen problems.

Question 9

What is the primary purpose of salting in cryptographic solutions?

A. To verify the integrity and authenticity of a digital message or document.
B. To replace sensitive data with non-sensitive placeholders.
C. To add randomness to a password before hashing it.
D. To securely store a copy of cryptographic keys.

Answer 9

To add randomness to a password before hashing it.

Salting is the process of adding random data, called a salt, to a password before hashing it. This ensures that the same password will produce different hash values, making it more resistant to rainbow table attacks.

Question 10

What is the primary purpose of a certificate revocation list (CRL)?

A. To securely generate, store, and manage cryptographic keys.
B. To issue digital certificates.
C. To list digital certificates that have been revoked by the certificate authority (CA).
D. To encrypt data for secure transmission.

Answer 10

To list digital certificates that have been revoked by the certificate authority.

A certificate revocation list (CRL) is a list of digital certificates that have been revoked by the certificate authority (CA) and are no longer valid.

Question 11

Which of the following is a form of obfuscation?

A. Data masking
B. Key escrow
C. Key stretching
D. Key exchange

Answer 11

Data masking

A form of obfuscation where sensitive data is replaced with fictitious or non-sensitive data.

Question 12

Which of the following best describes the motivations of a threat actor involved in data exfiltration?

A. Espionage
B. Service disruption
C. Ethical
D. Philosophical/political beliefs

Answer 12

Espionage

Involves collecting, processing, and analyzing information that is of strategic or tactical value, which includes data exfiltration.

Question 13

An attacker tricks a user into visiting a malicious website that appears to be identical to a legitimate site. Once on the site, the user unknowingly enters their login credentials, which the attacker captures. This type of attack is known as:

A. Watering hole
B. Typosquatting
C. Pretexting
D. Phishing

Answer 13

Phishing

Involves tricking a target into revealing sensitive information, often by creating fake websites that appear to be legitimate.

Question 14

Which of the following best describes the attributes of an internal threat actor?

A. Level of sophistication/capability
B. Resources/funding
C. Insider threat
D. Organized crime

Answer 14

Insider threat

This directly refers to an internal threat actor as it’s someone within the organization.

Question 15

Which of the following motivations is most commonly associated with shadow IT activities?

A. Disruption/chaos
B. Philosophical/political beliefs
C. War
D. Blackmail

Answer 15

Disruption/chaos

Shadow IT involves using unauthorized devices or software within an organization, which can lead to disruption or chaos due to lack of control and potential security risks.

Question 16

An attacker registers a domain that is a common misspelling of a legitimate domain. The attacker sets up a website on the malicious domain that appears to be identical to the legitimate site to deceive users into entering their login credentials. This type of attack is known as:

A. Phishing
B. Brand impersonation
C. Watering hole
D. Typosquatting

Answer 16

Typosquatting

Specifically involves registering domains that are similar to legitimate ones to deceive users, which matches the scenario described.

Question 17

Which cryptographic solution ensures data remains unreadable if intercepted during transmission between two parties?

A. Digital signatures
B. Transport/communication encryption
C. Hashing
D. Key stretching

Answer 17

Transport/communication encryption

Ensures data confidentiality during transmission.

Question 18

Which of the following vulnerabilities is specific to cloud infrastructure?

A. Side loading
B. Time-of-check (TOC)
C. Firmware
D. Cloud-specific

Answer 18

Cloud-specific

Pertains specifically to cloud infrastructures.

Question 19

An attacker who gains access by leveraging a gap between when a vulnerability is found and when it’s fixed is exploiting:

A. Zero-day
B. End-of-life vulnerability
C. Misconfiguration
D. Legacy vulnerability

Answer 19

Zero-day

A vulnerability that is known but not yet fixed, giving attackers this window to exploit.

Question 20

Malware designed to spread without user intervention and replicate itself is called:

A. Ransomware
B. Keylogger
C. Trojan
D. Worm

Answer 20

Worm

Designed to spread and replicate without user intervention.

Question 21

In the context of Public Key Infrastructure (PKI), what is the main function of a Certificate Authority (CA)?

A. Issuing and verifying digital certificates
B. Generating a private key for end-users
C. Creating honeypots to trap attackers
D. Obfuscating data for storage

Answer 21

Issuing and verifying digital certificates

Certificate Authorities (CAs) are responsible for issuing digital certificates and validating the entities’ identities.

Question 22

What is the primary goal of a Distributed Denial-of-Service (DDoS) attack?

A. To guess user passwords
B. To overwhelm resources and disrupt service availability
C. To intercept and modify data in transit
D. To introduce malicious code into a network

Answer 22

To overwhelm resources and disrupt service availability

DDoS attacks flood resources to disrupt services and make them unavailable.

Question 23

In the context of vulnerabilities, what does “Time-of-use (TOU)” refer to?

A. The time an application is most actively used by employees.
B. The recommended usage time of an application for optimum performance.
C. The moment a resource is accessed in a race condition.
D. The duration a software has been in use in an organization.

Answer 23

The moment a resource is accessed in a race condition.

Time-of-use (TOU) is about accessing the resource, especially when discussing race conditions.

Question 24

An administrator notices a sudden spike in system resource consumption, especially bandwidth, with no obvious reason. What might this indicate?

A. A scheduled backup process
B. Regular software updates
C. An ongoing Distributed Denial-of-Service (DDoS) attack
D. An impending hardware failure

Answer 24

An ongoing Distributed Denial-of-Service (DDoS) attack

Sudden and unexplained spikes in resource consumption, especially bandwidth, may indicate a DDoS attack.

Question 25

A security consultant recommends restricting software that can run on systems to a known list of accepted programs. This is an example of:

A. Application allow list
B. Patching
C. Configuration enforcement
D. Decommissioning

Answer 25

Application allow list

Specifies approved applications that can run on systems.

Question 26

Which of the following is NOT a mitigation technique used to secure an enterprise?

A. Least privilege
B. Access control
C. Side loading
D. Hardening techniques

Answer 26

Side loading

Related to mobile devices, not a mitigation technique.

Question 27

What distinguishes a serverless architecture?

A. Offloading server management tasks to cloud providers and only focusing on application code.
B. Only using physical servers.
C. The complete absence of servers in the infrastructure.
D. The use of virtual machines instead of physical servers.

Answer 27

Offloading server management tasks to cloud providers and only focusing on application code.

Serverless architectures allow developers to focus on code, while the cloud provider manages server provisioning and scaling.

Question 27

When designing a cloud infrastructure, which of the following best describes “Infrastructure as Code” (IaC)?

A. Applying real-time patches to cloud servers.
B. Utilizing third-party software for infrastructure management.
C. Managing and provisioning computing resources using machine-readable definition files.
D. The use of cloud services for database storage.

Answer 27

Managing and provisioning computing resources using machine-readable definition files.

Infrastructure as Code (IaC) allows for automatic setup, modification, and management of infrastructure using code.

Question 27

A type of malware that holds user data hostage by encrypting it and demanding payment for the decryption key is known as:

A. Worm
B. Logic bomb
C. Spyware
D. Ransomware

Answer 27

Ransomware

Encrypts data and demands payment for decryption.

Question 27

Which of the following best defines software-defined networking (SDN)?

A. It is a protocol used for web traffic encryption.
B. A networking approach where network control is decoupled from forwarding hardware and is given to a software application.
C. It involves the use of physical switches and routers only.
D. A network solely built for high availability.

Answer 27

A networking approach where network control is decoupled from forwarding hardware and is given to a software application.

SDN allows dynamic, programmatically efficient network configuration.

Question 28

For an organization that needs to manage its own hardware and have complete control over its data, which architecture is most appropriate?

A. Microservices
B. Serverless
C. Hybrid
D. On-premises

Answer 28

On-premises

Solutions that give organizations complete control over their hardware and data.

Question 29

A security engineer is trying to ensure a particular service is only active when needed and not continuously running. Which principle is he emphasizing?

A. Responsiveness
B. Cost-effectiveness
C. High availability
D. Scalability

Answer 29

Cost-effectiveness

By ensuring services only run when needed, the engineer can reduce unnecessary costs.

Question 30

In securing an enterprise infrastructure, why is the concept of “Attack surface” critical?

A. It relates to the physical placement of network devices.
B. It represents all the potential vulnerabilities and entry points an attacker could exploit.
C. It determines the maximum traffic a network can handle.
D. It defines the list of approved devices for a network.

Answer 30

It represents all the potential vulnerabilities and entry points an attacker could exploit.

Minimizing the attack surface helps to reduce the potential risks and vulnerabilities.

Question 30

Which of the following firewall types focuses specifically on the security of web applications by inspecting HTTP traffic?

A. Layer 4 firewall
B. Next-generation firewall (NGFW)
C. Unified threat management (UTM)
D. Web application firewall (WAF)

Answer 30

Web application firewall (WAF)

Specifically designed to inspect web traffic and protect web applications.

Question 31

What primary security benefit does an Extensible Authentication Protocol (EAP) provide?

A. It actively blocks malicious web traffic.
B. It offers a framework for secure authentication on wireless networks and Point-to-Point connections.
C. It defines network zones.
D. It encrypts data at rest.

Answer 31

It offers a framework for secure authentication on wireless networks and Point-to-Point connections.

Extensible Authentication Protocol (EAP) provides support for multiple authentication mechanisms and is widely used in wireless networks.

Question 32

A company needs a solution to ensure its remote workers can securely access the corporate network. Which of the following is best suited for this purpose?

A. Load balancer
B. Software-defined wide area network (SD-WAN)
C. Virtual private network (VPN)
D. Intrusion prevention system (IPS)

Answer 32

Virtual private network (VPN)

Allow remote workers to securely connect to corporate networks over the internet.

Question 33

In the event of a network device failure, which mode ensures that no traffic is allowed through the device?

A. Inline
B. Tap/monitor mode
C. Fail-open
D. Fail-closed

Answer 33

Fail-closed

The device will stop all traffic when it fails to ensure security.

Question 33

In a cloud environment, which practice ensures that only necessary services are running, limiting the potential attack surface?

A. Using heat maps for deployment.
B. Implementing a BYOD policy.
C. Establishing a secure baseline.
D. Enabling all available plugins.

Answer 33

Establishing a secure baseline.

Defines a standard for a secure state of systems and ensures only necessary services run.

Question 34

Which wireless security protocol provides the strongest encryption and security capabilities as of the most recent standards?

A. WPA.
B. Open authentication.
C. WEP.
D. WPA3.

Answer 34

WPA3.

The latest and most secure version of the Wi-Fi Protected Access protocol.

Question 35

Why might an organization opt for a Corporate-owned, personally enabled (COPE) model for mobile devices?

A. To maintain tighter control over device security while allowing personal use.
B. To completely restrict personal use of the device.
C. To ensure employees pay for their own devices.
D. To allow employees to pick any device they prefer.

Answer 35

To maintain tighter control over device security while allowing personal use.

COPE devices are company-owned but can still be used for personal tasks.

Question 36

If a company needs to ensure that old hard drives are entirely unreadable, which process would be the most thorough?

A. Physical destruction.
B. Deleting all files.
C. Renaming the drive.
D. Formatting the drive.

Answer 36

Physical destruction.

Physically damaging the drive makes it virtually impossible to recover data.

Question 37

Which process in software development aims to identify potential security flaws by examining the application’s code without executing it?

A. Static code analysis.
B. Penetration testing.
C. Dynamic analysis.
D. Input validation.

Answer 37

Static code analysis.

Examining the source code without running the application.

Question 38

In vulnerability management, which component would provide real-time updates on emerging threats and vulnerabilities?

A. Static code analysis.
B. Penetration testing report.
C. Threat feed.
D. System/process audit.

Answer 38

Threat feed.

Provides continuous data streams about new and emerging threats and vulnerabilities.

Question 39

How does the Common Vulnerability Scoring System (CVSS) assist organizations in vulnerability management?

A. It lists all software without vulnerabilities.
B. It identifies new vulnerabilities.
C. It offers a standardized method for rating the severity of vulnerabilities.
D. It provides patches for known vulnerabilities.

Answer 39

It offers a standardized method for rating the severity of vulnerabilities.

CVSS provides a framework for assessing vulnerability impact.

Question 40

An organization that cannot immediately address a vulnerability due to operational requirements might issue a formal document to allow its temporary existence. What is this document called?

A. Exception.
B. Remediation protocol.
C. Validation report.
D. Risk appetite statement.

Answer 40

Exception.

A formal allowance for non-compliance or deviation from expected security controls.

Question 41

What is the primary goal of a Responsible Disclosure Program?

A. To rank companies based on their security posture.
B. To provide a structured process for reporting vulnerabilities to organizations.
C. To publicly shame companies with vulnerabilities.
D. To monetize vulnerabilities.

Answer 41

To provide a structured process for reporting vulnerabilities to organizations.

Encourages ethical behavior in reporting and allows organizations to address them securely.

Question 42

In order to enhance web security, a company wants to filter web traffic based on website reputation. Which tool or feature should they employ?

A. Email security gateway
B. Firewall rules
C. Network segmentation
D. Web filter reputation

Answer 42

Web filter reputation

Categorizes and filters web traffic based on the reputation of websites.

Question 42

Given an application that regularly experiences performance degradation, which tool would be best suited to gather long-term performance data for analysis?

A. Simple Network Management Protocol (SNMP) traps
B. Antivirus
C. Security Content Automation Protocol (SCAP)
D. File integrity monitoring

Answer 42

Simple Network Management Protocol (SNMP) traps

Can provide alerts and gather data about performance and other system metrics.

Question 42

When an organization allows employees to access corporate resources using their personal devices, which tool would be crucial to ensuring security and policy compliance for these devices?

A. Group Policy
B. File integrity monitoring
C. Network access control (NAC)
D. URL scanner

Answer 42

Network access control (NAC)

Determines which devices can connect to the network based on compliance with security policies.

Question 43

In a scenario where you need to enforce security settings across multiple Windows machines in an enterprise, which tool would be most appropriate?

A. NAC
B. Group Policy
C. SNMP traps
D. Security Content Automation Protocol (SCAP)

Answer 43

Group Policy

Allows administrators to implement specific configurations for users and computers within an Active Directory environment.

Question 43

Which of the following ensures that the sender of an email has permission to send emails on behalf of a domain and reduces the chance of spoofing?

A. Endpoint detection and response (EDR)
B. Sender Policy Framework (SPF)
C. Data loss prevention (DLP)
D. DMARC

Answer 43

Sender Policy Framework (SPF)

Verifies if the mail server sending the email is authorized to send emails for the domain.

Question 44

A user has been given temporary elevated access to a database for a specific task. Which concept best describes this kind of permission granting?

A. Role-based access control
B. Multifactor authentication
C. Discretionary access control
D. Just-in-time permissions

Answer 44

Just-in-time permissions

Involves providing elevated permissions temporarily.

Question 45

Which of the following is NOT a type of access control?

A. Rule-based access control
B. Traffic-based access control
C. Mandatory access control
D. Discretionary access control

Answer 45

Traffic-based access control

No common access control type with this name.

Question 45

For which of the following reasons might an organization use a password vault?

A. To securely store multiple passwords
B. To monitor network traffic
C. To implement single sign-on
D. To enhance password complexity

Answer 45

To securely store multiple passwords

Designed to keep various passwords in an encrypted format.

Question 45

An organization wishes to enable single sign-on (SSO) capabilities to streamline access to multiple applications. Which protocol is commonly associated with this functionality?

A. Security Assertions Markup Language (SAML)
B. Multifactor authentication
C. Lightweight Directory Access Protocol (LDAP)
D. DMARC

Answer 45

Security Assertions Markup Language (SAML)

Provides a standard for exchanging authentication and authorization data between parties and is commonly used for SSO.

Question 46

Which of the following accurately describes the “Something you are” factor in multifactor authentication?

A. A security key
B. A password or PIN
C. A specific gesture or voice command
D. A fingerprint or retina scan

Answer 46

A fingerprint or retina scan

You are your fingerprint/retinal pattern.

Question 47

When implementing multifactor authentication, what describes the “Something you have” factor?

A. Security key
B. PIN
C. Fingerprint
D. Password

Answer 47

Security key

A physical item or device a user possesses, relating to the “Something you have” factor.

Question 48

When considering automation in security operations, which term refers to automatically granting a new user the appropriate access rights and resources?

A. Ticket creation
B. Continuous integration and testing
C. User provisioning
D. Guard rails

Answer 48

User provisioning

Refers to the creation and management of user accounts and access rights within systems.

Question 49

In the incident response process, what is the primary objective during the “containment” phase?

A. Gathering digital evidence for legal actions
B. Analyzing the root cause of the incident
C. Preventing the incident from causing further damage
D. Restoring affected systems to their normal function

Answer 49

Preventing the incident from causing further damage

The containment phase aims to limit the spread of an incident.

Question 50

When considering the benefits of automation in security operations, which advantage focuses on the ability of automation to replicate the workload of many employees with fewer resources?

A. Workforce multiplier
B. Scaling in a secure manner
C. Enforcing baselines
D. Efficiency/time saving

Answer 50

Workforce multiplier

Signifies achieving more with fewer resources due to automation.

Question 51

Which of the following log types would provide the most direct insights into a suspicious application’s behavior on a specific host?

A. Application logs
B. Firewall logs
C. IPS/IDS logs
D. Network logs

Answer 51

Application logs

Provide detailed information about specific application behaviors and activities.

Question 52

During a digital forensic investigation, ensuring that digital evidence remains intact and unchanged during collection is known as maintaining what?

A. Chain of custody
B. Legal hold
C. E-discovery
D. Reporting

Answer 52

Chain of custody

Ensures that evidence remains untouched and is transferred and stored correctly.

Question 53

What aspect of automation can potentially introduce new challenges or issues if not managed properly?

A. Enforcing baselines
B. Workforce multiplier
C. Efficiency/time saving
D. Complexity

Answer 53

Complexity

Over-automation or poorly planned automation can introduce unnecessary complexities.

Question 54

An organization is trying to understand the vulnerabilities present in their network. Which of the following data sources would be most appropriate for this purpose?

A. OS-specific security logs
B. Firewall logs
C. Network logs
D. Vulnerability scans

Answer 54

Vulnerability scans

Specifically identify and report potential vulnerabilities within a network.

Question 55

In the context of governance structures, which of the following is responsible for ensuring the integrity, reliability, and accuracy of data within an organization?

A. Owner
B. Controller
C. Custodian/steward
D. Processor

Answer 55

Custodian/steward

Responsible for the day-to-day management and protection of data.

Question 55

Which part of the incident response process involves a systematic process to identify and address the underlying cause of an incident?

A. Eradication
B. Containment
C. Detection
D. Recovery

Answer 55

Eradication

Removing the root cause of the incident.

Question 56

Which document would an organization use to establish guidelines for acceptable behavior by users of the company’s IT resources?

A. Acceptable use policy (AUP)
B. Password policy
C. Onboarding/offboarding procedure
D. Change management procedure

Answer 56

Acceptable use policy (AUP)

Establishes what behaviors are acceptable when using the company’s IT resources.

Question 57

When conducting a risk assessment, which method focuses on the potential financial losses associated with risks?

A. Qualitative
B. Recurring
C. Quantitative
D. Ad hoc

Answer 57

Quantitative

Evaluates risks based on numerical values, often representing financial figures.

Question 58

Which risk management strategy is implemented when an organization buys insurance to cover potential losses from a specific risk?

A. Accept
B. Transfer
C. Mitigate
D. Avoid

Answer 58

Transfer

The organization is passing the financial burden of a risk to another entity, like an insurance company.

Question 59

In third-party risk assessment, what term describes the explicit boundaries and behaviors that should be followed during a penetration test?

A. Right-to-audit clause
B. Questionnaires
C. Rules of engagement
D. Vendor selection criteria

Answer 59

Rules of engagement

Defines the scope, methods, and boundaries during assessments like penetration testing.

Question 60

An organization has a predetermined level at which risks need immediate attention and possible action. This level is known as:

A. Risk analysis
B. Risk threshold
C. Risk identification
D. Risk appetite

Answer 60

Risk threshold

Represents a boundary beyond which risks require immediate attention.

Question 61

When an organization decides to stop a project or close a business segment to avoid a potential risk, they are employing which risk management strategy?

A. Avoid
B. Transfer
C. Mitigate
D. Accept

Answer 61

Avoid

Taking action to ensure the risk doesn’t materialize.

Question 62

In the context of third-party risk assessment, which document provides a detailed understanding between two organizations without a legally binding commitment?

A. Service-level agreement (SLA)
B. Memorandum of understanding (MOU)
C. Master service agreement (MSA)
D. Work order (WO)

Answer 62

Memorandum of understanding (MOU)

Signifies a mutual understanding between parties without legal obligations.

Question 62

Which concept in risk management helps an organization to identify how much total financial loss they can expect over a year due to potential risks?

A. Risk scenario
B. Annualized loss expectancy (ALE)
C. Risk factor
D. Single loss expectancy (SLE)

Answer 62

Annualized loss expectancy (ALE)

Quantifies the expected financial loss over a year.

Question 63

An organization has a policy that requires employees to lock their computer screens when they are away from their desks. This policy is primarily aimed at preventing which of the following?

A. Malware infections
B. Data breaches from external attackers
C. Unauthorized access by internal entities
D. Hardware theft

Answer 63

Unauthorized access by internal entities

Locking screens prevents opportunistic or malicious access by co-workers or other internal personnel.

Question 64

A company wants to determine where personal data is stored, processed, and transmitted within its environment. This process is best described as:

A. Data inventory
B. Data categorization
C. Data masking
D. Data attestation

Answer 64

Data inventory

Identifying and cataloging data within an organization.

Question 64

If an individual wants to ensure their personal data is deleted from an online service’s database, this is termed as:

A. Data retention
B. Right to be forgotten
C. Data masking
D. Data categorization

Answer 64

Right to be forgotten

An individual’s right to have their personal data deleted.

Question 65

A third-party organization is employed by a bank to review its financial transactions to ensure there’s no fraud or anomalies. This is an example of:

A. Self-assessment
B. Attestation
C. Independent third-party audit
D. Internal audit

Answer 65

Independent third-party audit

An external party reviewing an organization’s operations.

Question 66

An organization periodically sends its employees simulated phishing emails to test their ability to recognize malicious attempts. This is an example of:

A. Phishing campaigns
B. Data masking
C. Reporting and monitoring
D. Anomalous behavior recognition

Answer 66

Phishing campaigns

Simulated attempts to test users’ ability to recognize phishing.

Question 67

During penetration testing, the testers only have knowledge about the specific IT systems they are supposed to test. This scenario is termed as:

A. Active reconnaissance
B. Unknown environment
C. Partially known environment
D. Known environment

Answer 67

Partially known environment

Testers have knowledge about certain systems but not everything.

Question 68

What is the main goal of conducting external examinations in an organization?

A. To verify the organization’s compliance with external regulations.
B. To review the organization’s marketing strategies.
C. To promote employees internally.
D. To hire new employees.

Answer 68

To verify the organization’s compliance with external regulations.

External examinations aim to ensure compliance with regulations.

Question 69

When an employee is taught the dangers of writing down passwords or storing them in easily accessible locations, this training is primarily to prevent which type of threat?

A. Social engineering
B. Insider threat
C. Phishing campaigns
D. Anomalous behavior

Answer 69

Insider threat

Encompasses threats posed by individuals within an organization, such as employees mishandling sensitive information.

Question 70

In the context of privacy, which entity primarily determines how personal data is stored and for how long?

A. Processor
B. IT administrator
C. Controller
D. Data subject

Answer 70

Controller

Decide how personal data should be stored and the duration for the same.

Question 71

During a security awareness session, employees are informed of the dangers of disclosing their work details in online forums or social media. This training aims to mitigate which of the following threats?

A. Password attacks
B. Operational security breaches
C. Insider threat
D. Phishing

Answer 71

Operational security breaches

Maintaining operational information, including non-disclosure of sensitive operational details.

Question 71

If an organization is seeking to understand the potential consequences of not adhering to a newly implemented data protection regulation, they are primarily concerned with:

A. Privacy implications
B. Data inventory
C. Compliance reporting
D. Consequences of non-compliance

Answer 71

Consequences of non-compliance

Focuses on understanding the repercussions of not adhering to regulations.

Question 72

Which cryptographic method involves hiding a message within another message or image, such that it’s not detectable?

A. Tokenization
B. Full-disk encryption
C. Steganography
D. Key exchange

Answer 72

Steganography

The technique of hiding data within other data.