Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CompTIA Security+, Questions > Pg 12 > Flashcards

Pg 12 Flashcards

1
Q

Which of the following phases of an incident response involves generating reports?

A. Recovery
B. Preparation
C. Lessons learned
D. Containment

A

Lessons learned

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following methods would most likely be used to identify legacy systems?

A. Bug bounty program
B. Vulnerability scan
C. Package monitoring
D. Dynamic analysis

A

Vulnerability scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Employees located off-site must have access to company resources in order to complete their assigned tasks. These employees utilize a solution that allows remote access without interception concerns. Which of the following best describes this solution?

A. Proxy server
B. NGFW
C. VPN
D. Security zone

A

VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A company allows customers to upload PDF documents to its public e-commerce website. Which of the following would a security analyst most likely recommend?

A. Utilizing attack signatures in an IDS
B. Enabling malware detection through a UTM
C. Limiting the affected servers with a load balancer
D. Blocking command injections via a WAF

A

Enabling malware detection through a UTM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A security analyst developed a script to automate a trivial and repeatable task. Which of the following best describes the benefits of ensuring other team members understand how the script works?

A. To reduce implementation cost
B. To identify complexity
C. To remediate technical debt
D. To prevent a single point of failure

A

To prevent a single point of failure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A company is decommissioning its physical servers and replacing them with an architecture that will reduce the number of individual operating systems. Which of the following strategies should the company use to achieve this security requirement?

A. Microservices
B. Containerization
C. Virtualization
D. Infrastructure as code

A

Containerization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An administrator needs to perform server hardening before deployment. Which of the following steps should the administrator take? (Choose two.)

A. Disable default accounts.
B. Add the server to the asset inventory.
C. Remove unnecessary services.
D. Document default passwords.
E. Send server logs to the SIEM.
F. Join the server to the corporate domain.

A

Disable default accounts.
Remove unnecessary services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A Chief Information Security Officer would like to conduct frequent, detailed reviews of systems and procedures to track compliance objectives. Which of the following will be the best method to achieve this objective?

A. Third-party attestation
B. Penetration testing
C. Internal auditing
D. Vulnerability scans

A

Internal auditing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following security concepts is accomplished with the installation of a RADIUS server?

A. CIA
B. AAA
C. ACL
D. PEM

A

AAA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

After creating a contract for IT contractors, the human resources department changed several clauses. The contract has gone through three revisions. Which of the following processes should the human resources department follow to track revisions?

A. Version validation
B. Version changes
C. Version updates
D. Version control

A

Version control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The executive management team is mandating the company develop a disaster recovery plan. The cost must be kept to a minimum, and the money to fund additional internet connections is not available. Which of the following would be the best option?

A. Hot site
B. Cold site
C. Failover site
D. Warm site

A

Cold site

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

An administrator at a small business notices an increase in support calls from employees who receive a blocked page message after trying to navigate to a spoofed website. Which of the following should the administrator do?

A. Deploy multifactor authentication.
B. Decrease the level of the web filter settings.
C. Implement security awareness training.
D. Update the acceptable use policy.

A

mplement security awareness training.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following teams is best suited to determine whether a company has systems that can be exploited by a potential, identified vulnerability?

A. Purple team
B. Blue team
C. Red team
D. White team

A

Red team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A company is reviewing options to enforce user logins after several account takeovers. The following conditions must be met as part of the solution:

  • Allow employees to work remotely or from assigned offices around the world.
  • Provide a seamless login experience.
  • Limit the amount of equipment required.

Which of the following best meets these conditions?

A. Trusted devices
B. Geotagging
C. Smart cards
D. Time-based logins

A

Trusted devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following methods can be used to detect attackers who have successfully infiltrated a network? (Choose two.)

A. Tokenization
B. CI/CD
C. Honeypots
D. Threat modeling
E. DNS sinkhole
F. Data obfuscation

A

Honeypots
DNS sinkhole

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A company wants to ensure that the software it develops will not be tampered with after the final version is completed. Which of the following should the company most likely use?

A. Hashing
B. Encryption
C. Baselines
D. Tokenization

17
Q

An organization completed a project to deploy SSO across all business applications last year. Recently, the finance department selected a new cloud-based accounting software vendor. Which of the following should most likely be configured during the new software deployment?

A. RADIUS
B. SAML
C. EAP
D. OpenID

18
Q

A user, who is waiting for a flight at an airport, logs in to the airline website using the public Wi-Fi, ignores a security warning and purchases an upgraded seat. When the flight lands, the user finds unauthorized credit card charges. Which of the following attacks most likely occurred?

A. Replay attack
B. Memory leak
C. Buffer overflow attack
D. On-path attack

A

. On-path attack

19
Q

A network engineer deployed a redundant switch stack to increase system availability. However, the budget can only cover the cost of one ISP connection. Which of the following best describes the potential risk factor?

A. The equipment MTBF is unknown.
B. The ISP has no SLA.
C. An RPO has not been determined.
D. There is a single point of failure.

A

There is a single point of failure.

20
Q

A network team segmented a critical, end-of-life server to a VLAN that can only be reached by specific devices but cannot be reached by the perimeter network. Which of the following best describe the controls the team implemented? (Choose two.)

A. Managerial
B. Physical
C. Corrective
D. Detective
E. Compensating
F. Technical
G. Deterrent

A

E. Compensating
F. Technical

CompTIA Security+, Questions (29 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions