Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CompTIA Security+, Questions > Pg 13 > Flashcards

Pg 13 Flashcards

1
Q

A threat actor was able to use a username and password to log in to a stolen company mobile device. Which of the following provides the best solution to increase mobile data security on all employees’ company mobile devices?

A. Application management
B. Full disk encryption
C. Remote wipe
D. Containerization

A

Remote wipe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following best describes the risk present after controls and mitigating factors have been applied?

A. Residual
B. Avoided
C. Inherent
D. Operational

A

Residual

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A software development team asked a security administrator to recommend techniques that should be used to reduce the chances of the software being reverse engineered. Which of the following should the security administrator recommend?

A. Digitally signing the software
B. Performing code obfuscation
C. Limiting the use of third-party libraries
D. Using compile flags

A

Performing code obfuscation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following is a possible factor for MFA?

A. Something you exhibit
B. Something you have
C. Somewhere you are
D. Someone you know

A

Something you have

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Easy-to-guess passwords led to an account compromise. The current password policy requires at least 12 alphanumeric characters, one uppercase character, one lowercase character, a password history of two passwords, a minimum password age of one day, and a maximum password age of 90 days. Which of the following would reduce the risk of this incident from happening again? (Choose two.)

A. Increasing the minimum password length to 14 characters.
B. Upgrading the password hashing algorithm from MD5 to SHA-512.
C. Increasing the maximum password age to 120 days.
D. Reducing the minimum password length to ten characters.
E. Reducing the minimum password age to zero days.
F. Including a requirement for at least one special character.

A

Including a requirement for at least one special character.

Increasing the minimum password length to 14 characters.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A user downloaded software from an online forum. After the user installed the software, the security team observed external network traffic connecting to the user’s computer on an uncommon port. Which of the following is the most likely explanation of this unauthorized connection?

A. The software had a hidden keylogger.
B. The software was ransomware.
C. The user’s computer had a fileless virus.
D. The software contained a backdoor.

A

The software contained a backdoor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A utility company is designing a new platform that will host all the virtual machines used by business applications. The requirements include:

  • A starting baseline of 50% memory utilization
  • Storage scalability
  • Single circuit failure resilience

Which of the following best meets all of these requirements?

A. Connecting dual PDUs to redundant power supplies
B. Transitioning the platform to an IaaS provider
C. Configuring network load balancing for multiple paths
D. Deploying multiple large NAS devices for each host

A

Transitioning the platform to an IaaS provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following best describes a use case for a DNS sinkhole?

A. Attackers can see a DNS sinkhole as a highly valuable resource to identify a company’s domain structure.
B. A DNS sinkhole can be used to draw employees away from known-good websites to malicious ones owned by the attacker.
C. A DNS sinkhole can be used to capture traffic to known-malicious domains used by attackers.
D. A DNS sinkhole can be set up to attract potential attackers away from a company’s network resources

A

A DNS sinkhole can be used to capture traffic to known-malicious domains used by attackers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

An incident analyst finds several image files on a hard disk. The image files may contain geolocation coordinates. Which of the following best describes the type of information the analyst is trying to extract from the image files?

A. Log data
B. Metadata
C. Encrypted data
D. Sensitive data

A

Metadata

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following most likely describes why a security engineer would configure all outbound emails to use S/MIME digital signatures?

A. To meet compliance standards
B. To increase delivery rates
C. To block phishing attacks
D. To ensure non-repudiation

A

To ensure non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

During a recent company safety stand-down, the cyber-awareness team gave a presentation on the importance of cyber hygiene. One topic the team covered was best practices for printing centers. Which of the following describes an attack method that relates to printing centers?

A. Whaling
B. Credential harvesting
C. Prepending
D. Dumpster diving

A

Dumpster diving

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following considerations is the most important regarding cryptography used in an IoT device?

A. Resource constraints
B. Available bandwidth
C. The use of block ciphers
D. The compatibility of the TLS version

A

Resource constraints

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A coffee shop owner wants to restrict internet access to only paying customers by prompting them for a receipt number. Which of the following is the best method to use given this requirement?

A. WPA3
B. Captive portal
C. PSK
D. IEEE 802.1X

A

. Captive portal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

While performing digital forensics, which of the following is considered the most volatile and should have the contents collected first?

A. Hard drive
B. RAM
C. SSD
D. Temporary files

A

RAM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A hosting provider needs to prove that its security controls have been in place over the last six months and have sufficiently protected customer data. Which of the following would provide the best proof that the hosting provider has met the requirements?

A. NIST CSF
B. SOC 2 Type 2 report
C. CIS Top 20 compliance reports
D. Vulnerability report

A

SOC 2 Type 2 report

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A city municipality lost its primary data center when a tornado hit the facility. Which of the following should the city staff use immediately after the disaster to handle essential public services?

A. BCP
B. Communication plan
C. DRP
D. IRP

17
Q

Which of the following is considered a preventive control?

A. Configuration auditing
B. Log correlation
C. Incident alerts
D. Segregation of duties

A

Segregation of duties

18
Q

A security team has been alerted to a flood of incoming emails that have various subject lines and are addressed to multiple email inboxes. Each email contains a URL shortener link that is redirecting to a dead domain. Which of the following is the best step for the security team to take?

A. Create a blocklist for all subject lines.
B. Send the dead domain to a DNS sinkhole.
C. Quarantine all emails received and notify all employees.
D. Block the URL shortener domain in the web proxy.

A

Send the dead domain to a DNS sinkhole.

19
Q

A security administrator is working to secure company data on corporate laptops in case the laptops are stolen. Which of the following solutions should the administrator consider?

A. Disk encryption
B. Data loss prevention
C. Operating system hardening
D. Boot security

A

Disk encryption

CompTIA Security+, Questions (29 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions