Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CompTIA Security+, Questions > Pg 20 > Flashcards

Pg 20 Flashcards

1
Q

A network administrator wants to ensure that network traffic is highly secure while in transit.

Which of the following actions best describes the actions the network administrator should take?

A. Ensure that NAC is enforced on all network segments, and confirm that firewalls have updated policies to block unauthorized traffic.
B. Ensure only TLS and other encrypted protocols are selected for use on the network, and only permit authorized traffic via secure protocols.
C. Configure the perimeter IPS to block inbound HTTPS directory traversal traffic, and verify that signatures are updated on a daily basis.
D. Ensure the EDR software monitors for unauthorized applications that could be used by threat actors, and configure alerts for the security team.

A

Ensure only TLS and other encrypted protocols are selected for use on the network, and only permit authorized traffic via secure protocols.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following definitions best describes the concept of log correlation?

A. Combining relevant logs from multiple sources into one location
B. Searching and processing data to identify patterns of malicious activity
C. Making a record of the events that occur in the system
D. Analyzing the log files of the system components

A

Searching and processing data to identify patterns of malicious activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

An enterprise security team is researching a new security architecture to better protect the company’s networks and applications against the latest cyberthreats. The company has a fully remote workforce. The solution should be highly redundant and enable users to connect to a VPN with an integrated, software-based firewall. Which of the following solutions meets these requirements?

A. IPS
B. SIEM
C. SASE
D. CASB

A

SASE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following is the best way to validate the integrity and availability of a disaster recovery site?

A. Lead a simulated failover.
B. Conduct a tabletop exercise.
C. Periodically test the generators.
D. Develop requirements for database encryption.

A

Lead a simulated failover

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following allows an exploit to go undetected by the operating system?

A. Firmware vulnerabilities
B. Side loading
C. Memory injection
D. Encrypted payloads

A

Memory injection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A malicious insider from the marketing team alters records and transfers company funds to a personal account. Which of the following methods would be the best way to secure company records in the future?

A. Permission restrictions
B. Hashing
C. Input validation
D. Access control list

A

Permission restrictions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An organization is required to provide assurance that its controls are properly designed and operating effectively. Which of the following reports will best achieve the objective?

A. Red teaming
B. Penetration testing
C. Independent audit
D. Vulnerability assessment

A

Independent audit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A systems administrator successfully configures VPN access to a cloud environment. Which of the following capabilities should the administrator use to best facilitate remote administration?

A. A jump host in the shared services security zone
B. An SSH server within the corporate LAN
C. A reverse proxy on the firewall
D. An MDM solution with conditional access

A

A jump host in the shared services security zone

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following best describes the concept of information being stored outside of its country of origin while still being subject to the laws and requirements of the country of origin?

A. Data sovereignty
B. Geolocation
C. Intellectual property
D. Geographic restrictions

A

Data sovereignty

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

An audit reveals that cardholder database logs are exposing account numbers inappropriately. Which of the following mechanisms would help limit the impact of this error?

A. Segmentation
B. Hashing
C. Journaling
D. Masking

A

Masking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A security analyst attempts to start a company’s database server. When the server starts, the analyst receives an error message indicating the database server did not pass authentication. After reviewing and testing the system, the analyst receives confirmation that the server has been compromised and that attackers have redirected all outgoing database traffic to a server under their control. Which of the following MITRE ATT&CK techniques did the attacker most likely use to redirect database traffic?

A. Browser extension
B. Process injection
C. Valid accounts
D. Escape to host

A

Escape to host

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A penetration tester enters an office building at the same time as a group of employees despite not having an access badge. Which of the following attack types is the penetration tester performing?

A. Tailgating
B. Shoulder surfing
C. RFID cloning
D. Forgery

A

Tailgating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following enables the ability to receive a consolidated report from different devices on the network?

A. IPS
B. DLP
C. SIEM
D. Firewall

A

SIEM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following should an organization focus on the most when making decisions about vulnerability prioritization?

A. Exposure factor
B. CVSS
C. CVE
D. Industry impact

A

. CVSS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

An organization needs to monitor its users’ activities in order to prevent insider threats. Which of the following solutions would help the organization achieve this goal?

A. Behavioral analytics
B. Access control lists
C. Identity and access management
D. Network intrusion detection system

A

Behavioral analytics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A customer of a large company receives a phone call from someone claiming to work for the company and asking for the customer’s credit card information. The customer sees the caller ID is the same as the company’s main phone number. Which of the following attacks is the customer most likely a target of?

A. Phishing
B. Whaling
C. Smishing
D. Vishing

17
Q

A security analyst is reviewing logs to identify the destination of command-and-control traffic originating from a compromised device within the on-premises network. Which of the following is the best log to review?

A. IDS
B. Antivirus
C. Firewall
D. Application

18
Q

When trying to access an internal website, an employee reports that a prompt displays, stating that the site is insecure. Which of the following certificate types is the site most likely using?

A. Wildcard
B. Root of trust
C. Third-party
D. Self-signed

A

Self-signed

19
Q

Which of the following would most likely be deployed to obtain and analyze attacker activity and techniques?

A. Firewall
B. IDS
C. Honeypot
D. Layer 3 switch

20
Q

Which of the following objectives is best achieved by a tabletop exercise?

A. Familiarizing participants with the incident response process
B. Deciding red and blue team rules of engagement
C. Quickly determining the impact of an actual security breach
D. Conducting multiple security investigations in parallel

A

Familiarizing participants with the incident response process

CompTIA Security+, Questions (29 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions