Domain 1: General Security Concepts Flashcards
CompTIA Exam
Question 1.
In the process of obtaining a digital certificate, which entity may a certificate authority rely on to perform the validation of the certificate signing request (CSR)?
answer
Root authority
Certificate revocation list
Registration authority
Online Certificate Status Protocol
Correct Answer:
Registration authority
Question 2.
Which of the following is a method of implementing security controls?
answer
Managerial controls
Financial controls
Marketing controls
Sales controls
Correct Answer:
Managerial controls
Question 3.
Which of the following terms means a cryptography mechanism that hides secret communications within various forms of data?
answer
Algorithm
Ciphertext
Cryptanalysis
Steganography
Correct Answer:
Steganography
Question 4.
A company wants to improve the physical security at its headquarters. They need a solution that can help regulate access to the building and deter potential intruders during nighttime.
Which physical security measure should they prioritize?
answer
Closed-circuit television (CCTV)
Access control vestibule
Perimeter fencing
Enhanced lighting
Correct Answer:
Access control vestibule
Question 5.
Which of the following controls is an example of a physical access control method?
answer
Smart cards
Locks on doors
Access control lists with permissions
Hiring background checks
Passwords
Correct Answer:
Locks on doors
Question 6.
You want to use CCTV to increase your physical security, and you want the ability to remotely control the camera position.
Which camera type should you choose?
answer
C-mount
PTZ
Dome
Bullet
Correct Answer:
PTZ
Question 7.
The network administrator for an international e-commerce company that operates multiple online stores must ensure secure communication across various subdomains.
To streamline secure sockets layer/transport layer security (SSL/TLS) certificate management and implement a robust public key infrastructure (PKI), the network administrator must identify the most suitable solution for efficiently securing the company’s numerous subdomains within the PKI.
What is the MOST suitable solution for efficiently securing the multiple subdomains of the company’s online stores within the PKI?
answer
Certificate pinning
Incorrect answer:
Certificate revocation lists (CRLs)
Wildcard certificates
Self-signed certificates
Correct Answer:
Wildcard certificates
Question 8.
A data center must enhance its security measures to prevent unauthorized access to its facility. The center are considering different methods to achieve this goal.
What should the data center implement first to ensure a strong physical barrier against intrusions?
answer
Biometric authentication
Fencing
Video surveillance
Security guard patrols
Correct Answer:
Fencing
Question 10.
A properly implemented change plan for an international company helps keep business operations moving forward. Restarts, dependencies, and downtime are hand-in-hand with change management.
When is the BEST time to implement changes? (Select two.)
answer
Off-peak times
Maintenance windows
During holidays
Peak times
After the work day
Correct Answer:
Off-peak times
Correct Answer:
Maintenance windows
Question 11.
Combining encryption with steganography involves several steps.
What are the steps in this process in the correct order.
Step 1Correct Answer:
Encrypt plaintext with a private key to generate ciphertext.
Step 2 Correct Answer:
The ciphertext is hidden inside of a media file, such as an image, using steganography.
Step 3 Correct Answer:
The recipient extracts the ciphertext and decrypts it using the matching public key.
Step 4 Correct Answer:
Anyone intercepting the message would have to know its there before being able to decrypt it.
Question 12.
Which of the following was the first big use of blockchain cryptography process?
answer
Contracts
Records
Cryptocurrency
Food
Correct Answer:
Cryptocurrency
Question 13.
A company moved its office supplies to another room and instituted a new security system for entry. The company implemented this after a recent server outage.
What category of security control BEST describes the function of this recent implementation?
answer
Operational
Detective
Preventive
Corrective
Correct Answer:
Corrective
Question 14.
Which of the following are key weaknesses of using smart cards? (Select two.)
answer
=They require a constant power supply to function.
=They are incapable of performing their own cryptographic functions.
=They are unable to store digital signatures, cryptography keys, and identification codes.
=They are vulnerable to eavesdropping that captures transmission data produced by the card as it is used.
=They are susceptible to software attacks that exploit vulnerabilities in the card’s protocols or encryption methods.
Correct Answer:
They are vulnerable to eavesdropping that captures transmission data produced by the card as it is used.
Correct Answer:
They are susceptible to software attacks that exploit vulnerabilities in the card’s protocols or encryption methods.
Question 15.
The cybersecurity team at a multinational corporation is collaborating with the facilities department to design a new data center. The team seeks to integrate top-tier physical security controls into the site layout to maximize protection against potential threats.
The discussions revolve around the BEST strategies to ensure the safety of the data center.
When designing the physical security controls for the site layout of the new data center, which strategy would be MOST effective in deterring unauthorized access and providing a comprehensive security layer?
answer
-Implementing a single, fortified main entrance
-Distributing security personnel evenly throughout the premises
-Establishing a security perimeter with layered access controls
-Placing all servers near windows for easy maintenance
Correct Answer:
Establishing a security perimeter with layered access controls
Question 16.
A user copies files from her desktop computer to a USB flash device and puts the device into her pocket.
Which of the following security risks is MOST pressing?
answer
Integrity
Non-repudiation
Availability
Confidentiality
Correct Answer:
Confidentiality
Question 17.
The chief security officer (CSO) at a financial organization wants to implement additional detective security controls.
Which of the following would BEST represent this type of control?
answer
=Enforcement of access control mechanisms.
=Implementation of biometric authentication systems.
=Performing regular system backups.
=Installation of surveillance camera.
Correct Answer:
Installation of surveillance camera.
Question 18.
Which of the following BEST describes compensating controls?
answer
-Monitors network activity and informs the security team of a potential security event.
-Attempts to fix any controls that aren’t working properly.
-Partial control solution that is implemented when a control cannot fully meet a requirement.
-Discourages malicious actors from attempting to breach a network
Correct Answer:
Partial control solution that is implemented when a control cannot fully meet a requirement.
Question 19.
What is the process of controlling access to resources such as computers, files, or printers called?
answer
Conditional access
Mandatory access control
Authorization
Authentication
Correct Answer
Authorization
Question 20.
Given the need to prioritize cost-effective solutions for enhancing the company’s cybersecurity posture, a global corporation’s chief security officer (CSO) considers implementing technical controls over physical controls.
Which of the following options is a technical control?
answer
Setting up a network intrusion detection system
Installing a building access control system
Conducting employee cybersecurity training
Implementing a risk identification tool
Correct Answer:
Setting up a network intrusion detection system
Question 9.
As part of enhancing its data protection strategy, a corporation’s IT manager aims to ensure defense-in-depth by integrating a technical control alongside existing managerial and operational controls.
Which measure BEST exemplifies a technical security control according to the classification scheme?
answer
Installing a building access control system
Conducting employee cybersecurity training
Implementing a risk identification tool
Setting up a network intrusion detection system
Correct Answer:
Setting up a network intrusion detection system