You have been hired as a security analyst for your organization. As you begin your job, you are asked to identify new
administrative controls that should be implemented by your organization. Which of the following controls should you list?
(Choose all that apply.)
Options are :
Your organization must comply with several industry and governmental standards to protect private and confidential
information. You must analyze which standards to implement. Which standards should you consider?
Options are :
Your company is merging with a larger organization. Which of the following is not a responsibility of the due diligence team?
Options are :
SY0-401 CompTIA Security+ Certification Practice Exam Set 7
Your company has recently decided to switch Internet service providers. The new provider has provided a document that lists all the guaranteed performance levels of the new connection. Which document contains this information?
Options are :
Which statement is not true regarding an organization’s database administrator?
Options are :
What design measure is the solution to most XSS and CSRF attacks?
Options are :
CompTIA JK0-022 Security Cryptography Certification Exam Set 5
As part of a new security initiative, you have been asked to provide data classifications for all organizational data that is stored
on servers. As part of your research, you must interview the data owners. Which staff are most likely to be considered data owners?
Options are :
Your organization has experienced several security issues in the past year, and management has adopted a plan to periodically assess its information security awareness. You have been asked to lead this program. Which program are you leading?
Options are :
You are working with a project team to deploy several new firewalls. The initiation stage is complete, and now the team is
engaged in the acquisition stage. Which step should the team complete as part of this stage?
Options are :
JK0-802 CompTIA A+ Certification Exam Set 2
Your company has decided to deploy network access control (NAC) on the enterprise to ensure that all devices comply with
corporate security policies. Which of the following should be done first?
Options are :
Which statement is not true regarding an organization’s sales staff?
Options are :
Which of the following statements regarding the security requirements and responsibilities for personnel is true?
Options are :
FC0-U41 CompTIA Strata IT Fundamentals Practice Exam Set 9
You have been hired as a security analyst for your organization. As you begin your job, you are asked to identify new physical
controls that should be implemented by your organization. Which of the following controls should you list?
Options are :
What documents the security requirements that a new asset must meet?
Options are :
Which of the following is a standard that the security automation community uses to enumerate software flaws and configuration issues?
Options are :
JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 13
You implemented a procedure whereby a testing team was provided with limited knowledge of the network systems and
devices and could use publicly available information. The organization’s security team was NOT informed that an attack was coming. What type of test have you implemented?
Options are :
Which technology uses chips and receivers to manage inventory?
Options are :
You have been hired as a security analyst for your organization. As you begin your job, you are asked to identify new technical
controls that should be implemented by your organization. Which of the following controls should you list? (Choose all that apply.)
Options are :
CompTIA JK0-015 E2C Security+ Certification Practice Test Set 3
You have been asked to document the different threats to an internal file server. As part of that documentation, you need to
include the monetary impact of each threat occurrence. What should you do?
Options are :
Which SCAP component contains methods for describing and classifying operating systems?
Options are :
A development team has recently completed the deployment of a new learning management system (LMS) that will replace the current legacy system. The team successfully deploys the new LMS, and it is fully functional. Users are satisfied with the new system. What stage of the SDLC should you implement for the old system?
Options are :
CompTIA Security+ SY0-501 Questions & Answers Set 2
You have been hired as a security analyst for your company. Recently, several assets have been marked to be removed from the enterprise. You need to document the steps that should be taken in relation to security. Which of the following guidelines should be implemented?
Options are :
Management expresses concerns about using multitenant public cloud solutions to store organizational data. You explain that tenant data in a multitenant solution is quarantined from other tenants’ data, using tenant IDs in the data labels. What is the term for this process?
Options are :
During the design of a new data center, several questions arise as to the use of raised flooring and dropped ceiling that are part of the blueprint. Which personnel are most likely to provide valuable information in this area?
Options are :
CompTIA Cloud Essentials Cert Exam Prep CL0-002 Set 3
Your organization has decided to formally adopt a change management process, and you have been asked to design the
process. Which of the following guidelines should be part of this new process?
Options are :
You have been asked to participate in the deployment of a new firewall. The project has just started and is still in the initiation
stage. Which step should be completed as part of this stage?
Options are :
Which of the following is a social engineering attack that involves sending a mass email that appears to come from a trusted party, such as the recipient’s bank?
Options are :
SY0-401 CompTIA Security+ Certification Practice Exam Set 7
Which of the following outline goals but do not give any specific ways to accomplish the stated goals?
Options are :
Which of the following is a uniquely identifiable subset of the system that represents the smallest portion to be subject to an
independent configuration control procedure?
Options are :
During the design of a new application, the programmers need to determine the performance and security impact of the new
application on the enterprise. Who should collaborate with the programmers to determine this information?
Options are :
HT0-201 CEA- CompTIA DHTI+ Certification Practice Exam Set 4