Random Questions 81 - 100

Question 1

Question 81:
A company is configuring a multi-factor authentication system for its remote employees using Azure Active Directory (Azure AD). The configuration requires setting up an application proxy and configuring the authentication settings.

{
“settings”: {
“applicationProxy”: true,
“authenticationMethods”: [
“mfa”,
“SMS”
]
}
}

Options:

A. Enable Azure AD Application Proxy.

B. Disable multi-factor authentication for remote access.

C. Configure the SMS as an additional MFA method.

D. Set up a custom domain for email services.

E. Disable application proxy and use on-premises servers only.

Answer 1

**Correct Answer: A, C **

Explanation: To enable multi-factor authentication (MFA) with Azure AD Application Proxy for remote employees, both the application proxy must be enabled and SMS as an additional MFA method should be configured.

Question 2

Question 82:

An organization has a policy that requires all data transmitted between their web server and clients to be encrypted. They are using HTTPS but want to implement stronger security measures.

{
“settings” : {
“sslVersion”: “TLSv1.3”,
“cipherSuite”: [“ECDHE-ECDSA-AES256-GCM-SHA384”, “ECDHE-RSA-AES256-GCM-SHA384”]
}
}

Options:
A. Upgrade SSL/TLS version to TLS 1.3.

B. Use weaker encryption ciphers like AES128.

C. Disable HTTP Strict Transport Security (HSTS).

D. Configure a reverse proxy for load balancing.

E. Enable plaintext fallbacks.

Answer 2

Correct Answer: A

Explanation:

To enhance the security of data transmitted between the web server and clients, upgrading the SSL/TLS version to TLS 1.3 is necessary as it provides better security compared to older versions.

Question 3

Question 83:

A network administrator needs to secure a remote access solution that involves multiple layers of authentication and encryption for securing communications.

Options:

A. Use SSH with public key authentication.

B. Implement a simple username/password login.

C. Configure WPA2 on the Wi-Fi network for better security.

D. Enable two-factor authentication (2FA) using RSA tokens.

E. Disable all non-essential services to minimize attack surface.

Answer 3

Correct Answer: A, D

Explanation:

For securing remote access with multiple layers of authentication and encryption, using SSH with public key authentication and enabling two-factor authentication using RSA tokens are recommended practices as they provide strong security measures.

Question 4

Question 84:

In a recent update of CompTIA Security+ (SYO-701), which two-factor authentication methods are now emphasized as critical for securing network access?

Options:

A. Biometric Fingerprint Scanning and USB Tokens

B. SMS One-Time Password (OTP) and FIDO2

C. Email Verification and Smart Cards

D. Physical Keys and Static Passwords

E. QR Code Authentication and Bluetooth Low Energy Tags

Answer 4

** Correct Answer: B **

Explanation: The current CompTIA Security+ exam highlights the importance of modern authentication methods like SMS OTP and FIDO2 for secure network

Question 5

Question 85:

An organization needs to implement a threat intelligence platform. Which two components should be prioritized based on current CISSP exam standards?

Options:

A. Web filtering

B. User behavior analytics (UBA)

C. Intrusion detection systems (IDS)

D. Security information and event management
(SIEM)

E. Antivirus software

Answer 5

Correct Answer: B, D

Explanation:

UBA and SIEM are critical for advanced threat detection and monitoring.

Question 6

Question 86:

A company is configuring its network to enhance security. Which two protocols should be used to secure file transfers over the Internet?

Options:

А. НТТР

B. HTTPS

C. FTP

D. SFTP

E. SMTP

Answer 6

Correct Answer: B, D

Explanation:

Secure Hypertext Transfer Protocol (HTTPS) and Secure File Transfer Protocol (SFTP) ensure data integrity and confidentiality during file.

Question 7

Question 87:

An organization is facing frequent phishing attacks. Which two strategies should be implemented to mitigate this risk?

Options:

A. Email filtering

B. Strong password policies

C. Multi-factor authentication (MFA)

D. Regular patch management

E. Employee training

Answer 7

Correct Answer: A, E

Explanation:

Implementing email filtering and providing regular employee training can significantly reduce the incidence of phishing attacks.

Question 8

Question 88:

The network administrator needs to configure a firewall rule for a new application server that requires outbound traffic only to a specific external IP address. Which configuration should be used?

Options:

A. Allow all inbound traffic

B. Deny all inbound traffic

C. Allow all outbound traffic

D. Allow outbound traffic to < external_|P>

E. Deny outbound traffic

Answer 8

Correct Answer: D

Explanation: The rule should allow outbound traffic only to the specific external IP

Question 9

Question 89:

A company wants to implement a Zero Trust Architecture (ZTA) for its cloud services. Which two components are essential in ZTA?

Options:

A. Multi-factor authentication (MFA)

B. Network segmentation

C. Continuous monitoring

D. Intrusion detection systems (IDS)

E. Regular security audits

Answer 9

Correct Answer: A, B

Explanation:

MFA and network segmentation are fundamental to Zero Trust Architecture, ensuring that only authorized entities can access resources.

Question 10

Question 90:

During a security assessment, a security analyst discovers multiple instances where sensitive data is being transmitted between internal networks using an unencrypted protocol. The organization has a strict policy requiring encryption for all sensitive data transmission, but implementing encryption would require significant infrastructure changes. Which TWO control types would be most appropriate to implement immediately while planning for a long-term solution?

Options:

A. Detective controls to monitor data transmission patterns.

B. Compensating controls to provide alternative security measures.

C. Directive controls to enforce new security policies.

D. Corrective controls to fix the encryption issues.

E. Deterrent controls to discourage unauthorized access.

Answer 10

Correct Answer: A, B

Explanation:

Detective controls monitor transmissions to identify potential breaches, while compensating controls provide alternative security measures when primary controls cannot be immediately implemented. These are most suitable as temporary solutions while planning infrastructure changes.

Question 11

Question 91:

A security team is implementing deception technology to detect advanced persistent threats. The CISO wants to maximize the effectiveness of this implementation across multiple network segments. Which approach would provide the most comprehensive threat intelligence while minimizing the risk of adversaries detecting the deception?

Options:

A. Deploy multiple identical honeypots across all network segments.

B. Implement a single sophisticated honeynet in the DMZ.

C. Place honeytokens throughout different systems and monitor their usage.

D. Create one high-interaction honeypot per network segment.

Answer 11

Correct Answer: C

Explanation:

Honeytokens distributed throughout systems provide wide coverage, are difficult for attackers to identify as fake, and offer valuable threat intelligence while requiring minimal resources and reducing detection risk.

Question 12

Question 92:

An organization’s incident response team is analyzing a potential security breach where attackers might have gained unauthorized access to multiple systems. The team needs to determine the exact scope of the compromise while ensuring business continuity. Which type of security control would be most effective in identifying the extent of the breach without disrupting operations?

Options:

A. Preventive controls to block further unauthorized access.

B. Detective controls with enhanced logging and monitoring.

C. Corrective controls to remove compromised accounts.

D. Compensating controls to restrict system access.

Answer 12

Correct Answer: B

Explanation:

Detective controls with enhanced logging and monitoring allow continuous analysis of system activities to determine breach scope while maintaining normal operations, providing visibility without disrupting business processes.

Question 13

Question 93:

A large enterprise is experiencing frequent security incidents across different departments. After investigation, the security team discovers that TWO critical factors are contributing to these incidents. Which combination of issues most likely represents the root causes that need immediate attention?

Options:

A. Inadequate security awareness training program implementation.

B. Outdated intrusion detection systems.

C. Gaps in third-party risk management processes.

D. Limited network bandwidth.

E. Inconsistent security policy enforcement across departments.

Answer 13

Correct Answer: A, E

Explanation:
Inadequate security awareness training leads to human errors and security breaches, while inconsistent policy enforcement creates security gaps across departments.

These fundamental issues directly impact overall security posture and require immediate attention for effective risk reduction.

Question 14

Question 95:

An organization’s security team is investigating a potential data breach where sensitive information might have been exfiltrated. The incident response team needs to determine the attack vector while maintaining chain of custody. Which sequence of incident response processes would be most appropriate?

Options:

A. Recovery, Analysis, Containment, Documentation.

B. Detection, Eradication, Lessons Learned, Preparation.

C. Detection, Analysis, Containment, Eradication.

D. Containment, Analysis, Recovery, Preparation.

Answer 14

Correct Answer: C

Explanation: The sequence of Detection (identifying the breach), Analysis (determining attack vector), Containment (preventing further damage), and Eradication (removing threat) represents the correct logical progression while maintaining proper incident handling procedures.

Detection –> Analysis –> Containment –> Eradication.

Question 14

Question 94:

During a business continuity planning session, the risk management team identifies a critical business process that requires 99.999% uptime. The process handles sensitive financial transactions but has recently experienced multiple disruptions. Which approach would best address both the availability and security requirements?

Options:

A. Implement load balancers with basic failover capabilities.

B. Deploy redundant systems with real-time synchronization and zero trust principles.

C. Increase system monitoring without architectural changes.

D. Add more security controls to existing infrastructure.

Answer 14

Correct Answer: B

Explanation: Redundant systems with real-time synchronization ensure high availability (99.999% uptime), while zero trust principles provide comprehensive security for sensitive financial transactions, addressing both critical requirements simultaneously.

Question 15

Question 96:

A multinational corporation is implementing a zero trust architecture while transitioning to cloud services. Given the complex environment, which TWO components are most critical to ensure proper security control implementation across both control and data planes?

Options:

A. Continuous monitoring and verification of all access requests.

B. Implementation of traditional perimeter-based security.

C. Dynamic policy enforcement based on real-time context.

D. Regular backup of cloud resources.

E. Static access control lists.

Answer 15

Correct Answer: A, C

Explanation: In zero trust architecture, continuous monitoring, and verification of all access requests ensure proper authentication, while dynamic policy enforcement based on real-time context maintains security across both planes by adapting to changing conditions and threats.

Question 16

Question 97:

During a security audit, an organization discovers that their current security metrics fail to accurately represent their security posture to executive management. Which approach would most effectively address this gap while aligning with security program management best practices?

Options:

A. Implement technical security controls without metrics.

B. Create metrics focused solely on system uptime.

C. Develop risk-based metrics aligned with business objectives.

D. Report raw security event logs to management.

Answer 16

Correct Answer: C

Explanation: Risk-based metrics aligned with business objectives provide meaningful insights to executive management, demonstrating security program effectiveness in business terms while supporting informed decision-making.

Question 17

Question 98:

A security team identifies suspicious activity indicating a potential advanced persistent threat (APT) in their network. The organization needs to gather intelligence about the attacker’s techniques while preventing data exfiltration. Which deception technology strategy would be most effective?

Options:

A. Deploy a basic honeypot with limited interaction capabilities.

B. Implement a sophisticated honeynet with monitored services.

C. Place security cameras in the server room.

D. Install additional firewalls.

Answer 17

Correct Answer: B

Explanation: A sophisticated honeynet with monitored services provides detailed intelligence about APT tactics while safely containing and observing attacker activities, enabling better threat analysis and response strategies.

Question 18

Question 99:

A healthcare organization has experienced multiple social engineering attacks targeting different departments. Analysis reveals that TWO key vulnerabilities are consistently being exploited. Which combination of issues most likely represents these critical vulnerabilities?

Options:

A. Insufficient verification procedures for urgent requests.

B. Outdated antivirus software.

C. Lack of role-based social engineering awareness training.

D. Weak network passwords.

E. Inconsistent incident reporting

Answer 18

Correct Answer: A, C

Explanation: Insufficient verification procedures allow attackers to exploit urgency in their social engineering attempts, while lack of role-based awareness training leaves employees unprepared for department-specific social engineering tactics targeting their particular roles.

Question 19

Question 100:

An organization implements a comprehensive physical security system for their new data center. After a security assessment, which combination of physical security measures would provide the most effective defense-in-depth protection while maintaining efficient access for authorized personnel?

Options:

A. Multiple security guards with access badges.

B. Integrated system of bollards, access control vestibule, and multi-factor authentication.

C. Standard door locks with CCTV cameras.

D. Basic keypad entry with motion

Answer 19

Correct Answer: B

Explanation:

An integrated system combining bollards (perimeter protection), access control vestibule (controlled entry point), and multi-factor authentication provides comprehensive physical security through multiple layers while maintaining efficient authorized access.