CompTIA JK0-022 E2C Security+ Compliance & Operational Exam Set 5

A forensic analyst is reviewing electronic evidence after a robbery. Security cameras installed at the site were facing the wrong direction to capture the incident. The analyst ensures the cameras are turned to face the proper direction. Which of the following types of controls is being used?


Options are :

  • Corrective (Correct)
  • Deterrent
  • Detective
  • Preventive

Answer : Corrective

Human Resources (HR) would like executives to undergo only two specific security training programs a year. Which of the following provides the BEST level of security training for the executives? (Select TWO).


Options are :

  • Acceptable use of social media
  • Zero day exploits and viruses
  • Phishing threats and attacks (Correct)
  • Information security awareness (Correct)
  • Data handling and disposal
  • Clean desk and BYOD

Answer : Phishing threats and attacks Information security awareness

SY0-401 CompTIA Security+ Certification Practice Exam Set 3

Which of the following concepts is a term that directly relates to customer privacy considerations?


Options are :

  • Information classification
  • Data handling policies
  • Clean desk policies
  • Personally identifiable information (Correct)

Answer : Personally identifiable information

Joe, a security administrator, is concerned with users tailgating into the restricted areas. Given a limited budget, which of the following would BEST assist Joe with detecting this activity?


Options are :

  • Install a motion detector near the entrance.
  • Revoke all proximity badge access to make users justify access.
  • Place a full-time guard at the entrance to confirm user identity.
  • Install a camera and DVR at the entrance to monitor access. (Correct)

Answer : Install a camera and DVR at the entrance to monitor access.

Which of the following is the MOST important step for preserving evidence during forensic procedures?


Options are :

  • Chain of custody (Correct)
  • Involve law enforcement
  • Report within one hour of discovery
  • Record the time of the incident

Answer : Chain of custody

SY0-401 CompTIA Security+ Certification Practice Exam Set 8

Computer evidence at a crime scene is documented with a tag stating who had possession of the evidence at a given time. Which of the following does this illustrate?


Options are :

  • Chain of custody (Correct)
  • Record time offset
  • System image capture
  • Order of volatility

Answer : Chain of custody

An employee recently lost a USB drive containing confidential customer data. Which of the following controls could be utilized to minimize the risk involved with the use of USB drives?


Options are :

  • Asset tracking
  • HSM
  • DLP (Correct)
  • Access control

Answer : DLP

Which of the following should Jane, a security administrator, perform before a hard drive is analyzed with forensics tools?


Options are :

  • Interview witnesses
  • Capture system image (Correct)
  • Identify user habits
  • Disconnect system from network

Answer : Capture system image

SY0-401 CompTIA Security+ Certification Practice Exam Set 8

Which of the following assets is MOST likely considered for DLP?


Options are :

  • Reverse proxy
  • USB mass storage devices (Correct)
  • Print server
  • Application server content

Answer : USB mass storage devices

The Chief Information Officer (CIO) is concerned with moving an application to a SaaS cloud provider. Which of the following can be implemented to provide for data confidentiality assurance during and after the migration to the cloud?


Options are :

  • HPM technology
  • Full disk encryption
  • TPM technology
  • DLP policy (Correct)

Answer : DLP policy

The method to provide end users of IT systems and applications with requirements related to acceptable use, privacy, new threats and trends, and use of social networking is:


Options are :

  • Security awareness training. (Correct)
  • Role-based security training.
  • Legal compliance training
  • BYOD security training.

Answer : Security awareness training.

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 19

Used in conjunction, which of the following are PII? (Select TWO).


Options are :

  • Marital status
  • Favorite movie
  • Pet’s name
  • Full name (Correct)
  • Birthday (Correct)

Answer : Full name Birthday

A compromised workstation utilized in a Distributed Denial of Service (DDOS) attack has been removed from the network and an image of the hard drive has been created. However, the system administrator stated that the system was left unattended for several hours before the image was created. In the event of a court case, which of the following is likely to be an issue with this incident?


Options are :

  • Expert Witness
  • Eye Witness
  • Chain of custody (Correct)
  • Data Analysis of the hard drive

Answer : Chain of custody

Ann a technician received a spear-phishing email asking her to update her personal information by clicking the link within the body of the email. Which of the following type of training would prevent Ann and other employees from becoming victims to such attacks?


Options are :

  • Acceptable Use Policy
  • Personal Identifiable Information (Correct)
  • Information Sharing
  • User Awareness

Answer : Personal Identifiable Information

JK0-802 CompTIA A+ Certification Exam Set 6

Who should be contacted FIRST in the event of a security breach?


Options are :

  • Software vendors
  • Incident response team (Correct)
  • Internal auditors
  • Forensics analysis team

Answer : Incident response team

End-user awareness training for handling sensitive personally identifiable information would include secure storage and transmission of customer:


Options are :

  • First and last name.
  • Phone number
  • Date of birth. (Correct)
  • Employer name.

Answer : Date of birth.

The security manager received a report that an employee was involved in illegal activity and has saved data to a workstation’s hard drive. During the investigation, local law enforcement’s criminal division confiscates the hard drive as evidence. Which of the following forensic procedures is involved?


Options are :

  • Chain of custody (Correct)
  • Take hashes
  • System image
  • Order of volatility

Answer : Chain of custody

SY0-401 CompTIA Security+ Certification Practice Exam Set 10

Which of the following are Data Loss Prevention (DLP) strategies that address data in transit issues? (Select TWO).


Options are :

  • Scanning of shared drives.
  • Scanning copying of documents to USB.
  • Scanning of HTTP user traffic. (Correct)
  • Scanning of SharePoint document library
  • Scanning printing of documents.
  • Scanning of outbound IM (Instance Messaging). (Correct)

Answer : Scanning of HTTP user traffic. Scanning of outbound IM (Instance Messaging).

Several employees have been printing files that include personally identifiable information of customers. Auditors have raised concerns about the destruction of these hard copies after they are created, and management has decided the best way to address this concern is by preventing these files from being printed. Which of the following would be the BEST control to implement?


Options are :

  • Data loss prevention (Correct)
  • Clean desk policies
  • Printer hardening
  • File encryption

Answer : Data loss prevention

An incident response team member needs to perform a forensics examination but does not have the required hardware. Which of the following will allow the team member to perform the examination with minimal impact to the potential evidence?


Options are :

  • Hashing the image after capture
  • Using a software file recovery disc
  • Mounting the drive in read-only mode (Correct)
  • Imaging based on order of volatility

Answer : Mounting the drive in read-only mode

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 22

Which of the following is a best practice when a mistake is made during a forensics examination?


Options are :

  • The examiner should disclose the mistake and assess another area of the disc.
  • The examiner should document the mistake and workaround the problem. (Correct)
  • The examiner should verify the tools before, during, and after an examination.
  • The examiner should attempt to hide the mistake during cross-examination.

Answer : The examiner should document the mistake and workaround the problem.

Which of the following security strategies allows a company to limit damage to internal systems and provides loss control?


Options are :

  • Restoration and recovery strategies
  • Detection strategies
  • Deterrent strategies
  • Containment strategies (Correct)

Answer : Containment strategies

To ensure proper evidence collection, which of the following steps should be performed FIRST?


Options are :

  • Take hashes from the live system
  • Copy all compromised files
  • Capture the system image (Correct)
  • Review logs

Answer : Capture the system image

SY0-401 CompTIA Security+ Certification Practice Exam Set 2

Which of the following is a Data Loss Prevention (DLP) strategy and is MOST useful for securing data in use?


Options are :

  • Content discovery
  • Email scanning
  • Database fingerprinting
  • Endpoint protection (Correct)

Answer : Endpoint protection

Sara, a company’s security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building. Sara should immediately implement which of the following?


Options are :

  • Security awareness training (Correct)
  • Acceptable Use Policy
  • Technical controls
  • Physical security controls

Answer : Security awareness training

Matt, a security analyst, needs to implement encryption for company data and also prevent theft of company data. Where and how should Matt meet this requirement?


Options are :

  • Matt should install Truecrypt and encrypt the company server.
  • Matt should implement access control lists and turn on EFS.
  • Matt should implement DLP and encrypt the company database. (Correct)
  • Matt should install TPMs and encrypt the company database.

Answer : Matt should implement DLP and encrypt the company database.

FC0-U41 CompTIA Strata IT Fundamentals Practice Exam Set 6

A security technician wishes to gather and analyze all Web traffic during a particular time period. Which of the following represents the BEST approach to gathering the required data?


Options are :

  • Configure a VPN concentrator to log all traffic destined for ports 80 and 443.
  • Configure a NIDS to log all traffic destined for ports 80 and 443.
  • Configure a switch to log all traffic destined for ports 80 and 443.
  • Configure a proxy server to log all traffic destined for ports 80 and 443. (Correct)

Answer : Configure a proxy server to log all traffic destined for ports 80 and 443.

In which of the following steps of incident response does a team analyse the incident and determine steps to prevent a future occurrence?


Options are :

  • Identification
  • Lessons learned (Correct)
  • Preparation
  • Mitigation

Answer : Lessons learned

Sara, an employee, tethers her smartphone to her work PC to bypass the corporate web security gateway while connected to the LAN. While Sara is out at lunch her PC is compromised via the tethered connection and corporate data is stolen. Which of the following would BEST prevent this from occurring again?


Options are :

  • Disable the wireless access and implement strict router ACLs
  • Perform user rights and permissions reviews.
  • Reduce restrictions on the corporate web security gateway.
  • Security policy and threat awareness training. (Correct)

Answer : Security policy and threat awareness training.

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 6

Ann would like to forward some Personal Identifiable Information to her HR department by email, but she is worried about the confidentiality of the information. Which of the following will accomplish this task securely?


Options are :

  • Secret Key
  • Digital Signatures
  • Encryption (Correct)
  • Hashing

Answer : Encryption

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions