CompTIA Security+ Certification Exam SY0-701 Practice Test 13 Flashcards
PHI stands for what?
Protected Health Information
PIV stands for what?
Personal Identity Verification
PII stands for what?
Personally Identifiable Information
Which of the answers listed below refers to a protocol used to set up secure connections and exchange of cryptographic keys in IPsec VPNs?
A) SSL
B) IKE
C) ESP
D) DHE
B) IKE
Which part of the IPsec protocol suite provides data integrity and authentication but not encryption?
A) CRC
B) AH
C) IKE
D) AES
B) AH
Which part of IPsec provides confidentiality, data integrity, and authentication?
A) AES
B) SHA
C) AH
D) ESP
D) ESP
Which of the IPsec modes provides entire packet encryption?
A) Tunnel
B) Payload
C) Transport
D) Default
A) Tunnel
An IPsec mode providing encryption only for the payload (the data part of the packet) is referred to as:
A) Protected mode
B) Tunnel mode
C) Transport mode
D) Safe mode
C) Transport mode
The term “SD-WAN” refers to a network technology that uses software to manage and optimize network connections that extend over large geographic areas.
A) True
B) False
A) True
Which of the following answers refers to a cybersecurity framework that combines network and security functions into a single cloud-based service?
A) SASE
B) SWG
C) CASB
D) SD-WAN
A) SASE
Which of the answers listed below refers to any type of information pertaining to an individual that can be used to uniquely identify that person?
A) PHI
B) Biometrics
C) ID
D) PII
D) PII
Which of the following regulates personal data privacy of the EU citizens?
A) PHI
B) HIPAA
C) PCI DSS
D) GDPR
D) GDPR
The US Health Insurance Portability and Accountability Act (HIPAA) provides privacy protection for:
A) PII
B) PI
C) PHI
D) PIV
C) PHI
The purpose of PCI DSS is to provide protection for:
A) Credit cardholder data
B) Licensed software
C) User passwords
D) Personal health information
A) Credit cardholder data
Which of the answers listed below refer(s) to encryption method(s) used to protect data at rest? (Select all that apply)
A) FDE
B) SED
C) IPsec
D) TLS
E) VPN
F) EFS
A) FDE
B) SED
F) EFS
Encryption methods used to protect data in transit include: (Select all that apply)
A) NFS
B) VPN
C) SED
D) IPsec
E) FDE
F) TLS
B) VPN
D) IPsec
F) TLS
Which of the following data states typically requires data to be processed in an unencrypted form?
A) Data in motion
B) Data at rest
C) Data in transit
D) Data in use
D) Data in use
Which of the answers listed below refer to examples of non-human readable data types? (Select 2 answers)
A) Binary code
B) XML files
C) Machine language
D) HTML code
E) SQL queries
A) Binary code
C) Machine language
Which of the following answers refers to an individual or role responsible for overseeing and ensuring compliance with data protection laws and policies within an organization?
A) CTO
B) DPO
C) CIO
D) CSO
B) DPO
A mobile device’s built-in functionality enabling the usage of locator applications is known as:
A) WPS
B) GSM
C) SIM
D) GPS
D) GPS
Which of the following converts plaintext data into ciphertext using an algorithm and a key?
A) Encryption
B) Masking
C) Tokenization
D) Obfuscation
A) Encryption
Which of the answers listed below refers to a technology that provides control over the usage of a mobile device within a designated area?
A) Geofencing
B) Device tracking
C) Perimeter security
D) Geolocation
A) Geofencing
Which of the answers listed below refers to a technique that enables converting input data into a fixed-size string, making it difficult to reverse or retrieve the original data?
A) Obfuscation
B) Tokenization
C) Hashing
D) Encryption
C) Hashing
Which of the following modifies data or code to make it difficult to understand or reverse-engineer, but without necessarily encrypting or hiding the data?
A) Tokenization
B) Encryption
C) Obfuscation
D) Hashing
C) Obfuscation
Which of the following answers refer to data masking? (Select 2 answers)
A) Replaces sensitive data with fictitious or modified data while retaining its original format
B) Allows for data manipulation in environments where the actual values are not needed
C) Transforms data into an unreadable format using an algorithm and an encryption key
D) Creates a unique, fixed-length string from the original data
E) Replaces sensitive data with a non-sensitive identifier that has no meaning or value outside the specific system
F)
A) Replaces sensitive data with fictitious or modified data while retaining its original format
B) Allows for data manipulation in environments where the actual values are not needed
Which of the answers listed below refers to a situation where sensitive data is stored in a separate location and can be retrieved with a non-sensitive replacement that can also be processed just like the original data without the risk of revealing the contents of original data?
A) Masking
B) Obfuscation
C) Encryption
D) Tokenization
D) Tokenization
Which of the answers listed below refer to the advantages of segmentation as a method for securing data? (Select 3 answers)
A) Enhances security by limiting the spread of cyberattacks
B) Helps organizations comply with data regulatory requirements by isolating and protecting specific data types
C) Provides security for data in transit with the use of encryption
D) Guarantees data recovery in case of accidental deletion or system failures
E) Provides better control over user access to sensitive data
A) Enhances security by limiting the spread of cyberattacks
B) Helps organizations comply with data regulatory requirements by isolating and protecting specific data types
E) Provides better control over user access to sensitive data
ACL, FACL, DAC, MAC, and RBAC are all access control mechanisms that can be used to manage user permissions and protect the confidentiality, integrity, and availability of data.
A) True
B) False
A) True
