Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ Certification Exam Studying 2 > CompTIA Security+ Certification Exam SY0-701 Practice Test 22 > Flashcards

CompTIA Security+ Certification Exam SY0-701 Practice Test 22 Flashcards

1
Q

Which of the terms listed below refers to the process of creating and maintaining computer applications?

A) RAD
B) SDLC
C) OOP
D) SaaS

A

B) SDLC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

Which of the following terms is used to describe all aspects of software development?

A) PLC
B) SDLC
C) QA
D) SDLM

A

D) SDLM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A new-user setup checklist includes all the activities that enable a new hire to become productive. Examples of such activities (which are part of the so-called onboarding process) include setting up the hardware and software environment for the new user as well as providing all the necessary training. An end-user termination checklist deals with all the actions that should take place during the offboarding process (i.e., whenever an employee leaves the company). Examples of the checklist items include fulfilling all the required documents, removing the employee’s access to resources (e.g., company-owned devices, user accounts, etc.), and discussing their reasons for leaving and experiences with the employer during an exit interview.

A) True
B) False

A

A) True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the terms listed below best describes GDPR as an act of law?

A) Regulatory
B) Local
C) Industry-specific
D) Global

A

A) Regulatory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following terms refers to an industry-specific regulation?

A) RFC
B) ISO
C) PCI DSS
D) GDPR

A

C) PCI DSS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the answers listed below refers to an organization that develops a wide range of standards on a global level?

A) IEEE
B) ANSI
C) ISO
D) NIST

A

C) ISO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which decision-making authorities assume the responsibility for strategic direction and governance oversight at the highest level of an organization?

A) Stakeholders
B) Boards
C) Committees
D) Government entities

A

B) Boards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following answers refers to a general term used to describe a specialized group within an organization focusing on specific tasks or areas of responsibility?

A) Council
B) Advisory board
C) Committee
D) Task force

A

C) Committee

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the answers listed below refers to public sector organizations that set and enforce laws and regulations at local, regional, or national levels?

A) Government entities
B) Trade associations
C) Statutory bodies
D) Regulatory agencies

A

A) Government entities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following terms describes individuals or entities with overall accountability and authority over the data or system?

A) Custodians
B) Owners
C) Processors
D) Controllers

A

B) Owners

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the answers listed below refers to organizations or individuals responsible for ensuring compliance with data protection laws?

A) Controllers
B) Stewards
C) Owners
D) Processors

A

A) Controllers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following answers refers to entities that act on behalf of the data controller to perform specific data-related tasks?

A) Stewards
B) Owners
C) Processors
D) Controllers

A

C) Processors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the answers listed below refer(s) to individuals responsible for the day-to-day management, storage, and protection of data? (Select all that apply)

A) Processors
B) Controllers
C) Stewards
D) Owners
E) Custodians

A

C) Stewards

E) Custodians

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The process of determining potential risks that could affect an organization’s ability to achieve its objectives is called:

A) Risk assessment
B) Risk identification
C) Risk analysis
D) Risk management

A

B) Risk identification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The process of evaluating discovered risks to understand their potential impact and likelihood is referred to as:

A) Risk analysis
B) Risk assessment
C) Risk identification
D) Risk management

A

B) Risk assessment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following answers refers to a risk assessment method based on need, typically conducted in response to specific events or changes, such as after a major organizational change or a security breach?

A) Ad hoc
B) Recurring
C) One-time
D) Continuous

A

A) Ad hoc

16
Q

Which of the answers listed below refers to an example of recurring risk assessment?

A) Real-time monitoring of network security threats

B) Assessing risk after a major organizational change or a security breach

C) Quarterly or annual risk assessments

D) Risk assessment for a new product launch

A

C) Quarterly or annual risk assessments

17
Q

Which of the following answers refers to a risk assessment conducted for a specific purpose or project, without plans for regular reassessment (e.g., risk assessment for a new product launch)?

A) One-time
B) Recurring
C) Ad hoc
D) Continuous

A

A) One-time

18
Q

Which of the answers listed below refers to an example of continuous risk assessment?

A) Quarterly or annual risk assessments

B) Risk assessment for a new product launch

C) Assessing risk after a major organizational change or a security breach

D) Real-time monitoring of network security threats

A

D) Real-time monitoring of network security threats

19
Q

Assessment of risk probability and its impact based on subjective judgment falls into the category of:

A) Risk Acceptance
B) Quantitative risk assessment
C) Risk tolerance
D) Qualitative risk assessment

A

D) Qualitative risk assessment

20
Q

A calculation of SLE is an example of:

A) Quantitative risk assessment
B) Ad hoc risk assessment
C) Qualitative risk assessment
D) Recurring risk assessment

A

A) Quantitative risk assessment

21
Q

Which of the following terms is used to describe the predicted loss of value to an asset based on a single security incident?

A) SLE
B) ARO
C) ALE
D) SLA

A

A) SLE

22
Q

Which of the acronyms listed below refers to a risk assessment formula defining probable financial loss due to a risk over a one-year period?

A) ARO
B) SLE
C) ALE
D) SLA

A

C) ALE

23
Q

Which of the following answers refers to the correct formula for calculating probable financial loss due to a risk over a one-year period?

A) SLE = AV x EF
B) ALE = ARO x SLE
C) SLE = ALE x AV
D) ALE = AV x EF

A

B) ALE = ARO x SLE

24
Q

In quantitative risk assessment, this term is used for estimating the likelihood of occurrence of a future threat.

A) ALE
B) SLA
C) ARO
D) SLE

A

C) ARO

CompTIA Security+ Certification Exam Studying 2 (62 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions