CompTIA Security+ (SY0-701) Exam 6 Flashcards
A company is reviewing their cloud service provider’s responsibility matrix before migrating their applications. Which of the following is typically the customer’s responsibility in both IaaS and SaaS models?
Network controls
Physical security
Hardware maintenance
Application layer security
In both Infrastructure as a Service (IaaS) and Software as a Service (SaaS) models, the customer is usually responsible for application layer security. This includes ensuring that applications are developed securely and are free from vulnerabilities. Physical security, network controls, and hardware maintenance are typically the responsibility of the cloud service provider, especially in a SaaS model.
A company’s proprietary software code is secretly copied and sold to a competing firm. This scenario is most indicative of:
Organized crime
Insider threat
Shadow IT
Nation-state
The unauthorized copying and selling of proprietary software code to a competitor is a clear example of an insider threat. This action likely involves someone within the company who has access to sensitive information and chooses to exploit it for personal gain or to benefit another entity. Unlike organized crime or nation-states, which might target a company for financial or strategic reasons but from an external position, or shadow IT, which involves unauthorized technology use within an organization, this scenario specifically points to the risks posed by those within the organization.
A company conducts regular security awareness training for its employees to inform them about potential security threats and the importance of following company security policies. This initiative is an example of which type of control?
Preventive
Compensating
Deterrent
Directive
Security awareness training is a directive control. Directive controls aim to guide individuals’ actions toward compliance with the organization’s policies and procedures through instructions or guidelines. By educating employees about security threats and the necessity of adhering to company policies, the organization directs behavior to reduce the risk of security incidents. This form of control is distinct from preventive or deterrent controls, which either stop incidents before they happen or dissuade attackers, and from detective or compensating controls, which identify incidents after they occur or provide alternative measures to deal with security vulnerabilities.
An organization implements a firewall to monitor and control incoming and outgoing network traffic based on predetermined security rules. Under which control type does this action fall?
Corrective
Deterrent
Detective
Preventive
The implementation of a firewall is a preventive control measure. Preventive controls are designed to stop unauthorized actions or events from occurring by setting up barriers or safeguards. A firewall actively prevents unauthorized access to a network by filtering traffic based on established security rules, thereby blocking potentially harmful traffic before it can penetrate the network. This approach is proactive, aiming to mitigate risks by preventing security breaches ahead of time, distinguishing it from other controls that may detect, deter, correct, or compensate for security incidents after they occur.
To protect data on USB drives used by employees for transferring work-related documents, a company implements encryption. What level of encryption ensures that the entire contents of the USB drive are protected?
Partition
File
Full-disk
Volume
Full-disk encryption is the level of encryption that ensures the entire contents of USB drives are protected. This type of encryption secures all data on the drive, including files, folders, and system files, making it inaccessible without the correct decryption key. This approach is ideal for removable media like USB drives, as it provides comprehensive protection against unauthorized access, regardless of the device the drive is connected to. Partition, file, and volume encryption offer varying levels of granularity and might not secure the entire drive as effectively as full-disk encryption.
In the context of data disposal and decommissioning, why is data sanitization considered more secure than simply deleting files?
It removes the data in a way that makes recovery impossible.
It encrypts data so that it cannot be accessed without a key.
It ensures data is backed up before deletion.
It involves physically destroying the storage media
Data sanitization is considered more secure than merely deleting files because it removes the data in such a manner that it cannot be recovered, even with advanced data recovery tools. This method is essential for protecting sensitive information from unauthorized access after the disposal of storage media. While physical destruction and encryption are methods of securing data, sanitization specifically refers to the process of making data irrecoverable, offering a distinct advantage over simple deletion or backup strategies.
Which site consideration option involves having infrastructure ready to use with power and cooling but no operational servers?
Cold
Hot
Warm
Geographic dispersion
A cold site is a location with infrastructure like power and cooling in place but no operational servers. It’s a cost-effective option for organizations needing quick recovery without continuous operation. Hot and warm sites both involve operational servers, with hot sites being fully equipped for immediate use and warm sites requiring some setup time. Geographic dispersion refers to spreading resources across different locations for redundancy.
A company wants to ensure the authenticity and integrity of emails sent from its domain. Which combination of email security mechanisms should be implemented?
DMARC and DKIM
DMARC and TLS
SPF, DKIM, and DMARC
SPF and DKIM
Implementing SPF, DKIM, and DMARC together provides a robust solution for ensuring the authenticity and integrity of emails. SPF allows the receiver to check that incoming mail from a domain comes from a host authorized by that domain’s administrators. DKIM provides an encryption key and digital signature that verifies that an email message was not tampered with in transit. DMARC ties SPF and DKIM together with a set of policies, providing instructions to the receiving mail server on how to deal with emails that fail the SPF and DKIM checks, thereby improving the security of email communications.
A company is reviewing their cloud service provider’s responsibility matrix before migrating their applications. Which of the following is typically the customer’s responsibility in both IaaS and SaaS models?
Physical security
Network controls
Hardware maintenance
Application layer security
In both Infrastructure as a Service (IaaS) and Software as a Service (SaaS) models, the customer is usually responsible for application layer security. This includes ensuring that applications are developed securely and are free from vulnerabilities. Physical security, network controls, and hardware maintenance are typically the responsibility of the cloud service provider, especially in a SaaS model.
An organization wants to encrypt sensitive files stored on its internal network to protect them from unauthorized access. Which encryption type is most efficient for encrypting large volumes of data at rest?
Asymmetric
Algorithms
Key exchange
Symmetric
Symmetric encryption is the most efficient type for encrypting large volumes of data at rest. It uses the same key for both encryption and decryption, which makes the process faster and less resource-intensive compared to asymmetric encryption. This efficiency is particularly important for encrypting large files or datasets, where performance and speed are critical. Symmetric encryption ensures a high level of security while maintaining performance, making it ideal for protecting data stored within an organization’s network.
An organization is considering updates to its legacy systems. Which of the following solutions provides the best balance between modernization and security for its aging infrastructure?
On-premises hardware upgrades
Containerization
Real-time operating system updates
Decentralized systems
Containerization provides the best balance between modernization and security for aging infrastructure as it allows legacy applications to be encapsulated in containers, making them portable, more secure, and easier to manage without the need for immediate, extensive hardware upgrades or the complexities of decentralized systems.
A company is evaluating protocols for secure remote access. Which protocol provides strong encryption and is widely regarded as the most secure option for establishing a VPN?
PPTP
SSH
L2TP
IPSec
IPSec (Internet Protocol Security) is widely regarded as the most secure option for establishing a VPN, providing robust encryption for securing internet protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. While SSH (Secure Shell) also provides strong encryption, it is typically used for secure command execution and file transfers rather than VPN connections. PPTP (Point-to-Point Tunneling Protocol) and L2TP (Layer 2 Tunneling Protocol) are older and less secure compared to IPSec, making IPSec the preferred choice for secure remote access.
Your company plans to migrate its on-premises data center to a cloud service. As a security professional, you must advise on the security implications. Which of the following models would likely require your company to retain the most control over security?
PaaS
IaaS
SaaS
Hybrid cloud
In an Infrastructure as a Service (IaaS) model, the cloud provider offers basic infrastructure services such as physical or virtual servers and storage. The customer is responsible for managing aspects including the operating systems, applications, and data. This model requires the company to retain the most control over security compared to PaaS or SaaS, where the provider assumes more responsibility for managing the infrastructure.
To access their online banking services, a bank’s customers must enter a password and authenticate through a one-time code sent to their mobile phones. This practice exemplifies which security strategy?
Enhanced password policy
Biometric security
Your answer is incorrect
Two-factor authentication
Dual verification process
This security strategy, requiring both a password and a one-time code sent to a mobile phone, exemplifies two-factor authentication. It incorporates two distinct forms of verification: something the user knows (the password) and something the user possesses (the mobile phone to receive the code). This dual-layer security significantly strengthens defenses against unauthorized access, as it complicates potential breaches by requiring attackers to compromise more than just a single piece of user information.
A technology firm is exploring options to enhance their data center’s resilience to failures. Which of the following would best ensure high availability of their services?
Decentralized architecture
Real-time operating system
Your answer is incorrect
SDN-enabled infrastructure
Embedded systems
A decentralized architecture best ensures high availability of services as it distributes resources and services across multiple locations, reducing the impact of a single point of failure, unlike embedded systems or real-time operating systems, which may not directly contribute to the high availability of services across a network.
