CompTIA Cremaster CE Security+ Domain
1.0 General Security Concepts Assessment
Questions and Answers Rated A.
A user in a company wants a new USB flash drive. Rather than requesting one
through the proper channel, the user obtains one from one of the company's
storage closets. Upon approaching the closet door, the user notices a warning
sign indicating cameras are in use. What is the control objective of the observed
sign?
Verified Answer -C. Deterrent
A cybersecurity analyst implements security measures for a financial
institution's infrastructure. The analyst explores different technologies to
enhance security and must select the appropriate technology to strengthen
security within the organization's infrastructure. Which technology should the
cybersecurity analyst choose to enhance security for executing sensitive
operations and protecting critical data in the financial institution's infrastructure?
Verified Answer -A. Secure enclave
An organization changes its security posture after a breach and wants to
enhance encryption by putting measures in place to mitigate risk exposures that
cannot be directly eliminated by the cyber security team. What type of control is
being observed in this situation?
Verified Answer -B. Compensating
The organization's engineering team observes a system failure during the
implementation of new software patching. From a conceptual standpoint, what
can the team use to restore the system to its original state?
Verified Answer -(A. Test results
B. Maintenance windows incorrect)
, A software organization enhances its cyber security by using deception
technologies to capture attacker tactics and tools. How can a honeytoken assist
in the organization's strategy?
Verified Answer -A. It creates false credentials, login credentials, or other data
types to distract and gain insight into attackers.
The IT department of a corporation evaluates its security mechanisms to identify
areas lacking sufficient protection. Which of the following techniques should the
IT department employ?
Verified Answer -D. Gap analysis
An organization frequently implements changes, reconfigurations, and patches
to enhance its IT infrastructure's security and efficiency. The cybersecurity
analyst must carefully analyze dependencies between services, applications,
and interfaces to avoid unintended outages and disruptions during service
restarts or downtime events. How does understanding dependencies impact the
change management process? (Select the three best options.)
Verified Answer -A. Knowing dependencies helps avoid unintended outages
and disruptions during service restarts or downtime events.
B. Understanding dependencies guides the development of effective backout
plans and downtime contingencies.
C. Understanding dependencies supports the development of post-change
performance monitoring to validate system functionality and quickly detect
issues.
After encountering a cyber attack, an organization uses a monitoring solution
that automatically restarts services after it has detected the system has crashed.
What type of functional security control is the company implementing?
Verified Answer -(C. Technical incorrect)
A cyber security analyst wants to reduce the attack surface for a computer that
contains top secret data. The analyst installs a cryptoprocessor as a module
within the central processing unit (CPU) on the designated computer to
1.0 General Security Concepts Assessment
Questions and Answers Rated A.
A user in a company wants a new USB flash drive. Rather than requesting one
through the proper channel, the user obtains one from one of the company's
storage closets. Upon approaching the closet door, the user notices a warning
sign indicating cameras are in use. What is the control objective of the observed
sign?
Verified Answer -C. Deterrent
A cybersecurity analyst implements security measures for a financial
institution's infrastructure. The analyst explores different technologies to
enhance security and must select the appropriate technology to strengthen
security within the organization's infrastructure. Which technology should the
cybersecurity analyst choose to enhance security for executing sensitive
operations and protecting critical data in the financial institution's infrastructure?
Verified Answer -A. Secure enclave
An organization changes its security posture after a breach and wants to
enhance encryption by putting measures in place to mitigate risk exposures that
cannot be directly eliminated by the cyber security team. What type of control is
being observed in this situation?
Verified Answer -B. Compensating
The organization's engineering team observes a system failure during the
implementation of new software patching. From a conceptual standpoint, what
can the team use to restore the system to its original state?
Verified Answer -(A. Test results
B. Maintenance windows incorrect)
, A software organization enhances its cyber security by using deception
technologies to capture attacker tactics and tools. How can a honeytoken assist
in the organization's strategy?
Verified Answer -A. It creates false credentials, login credentials, or other data
types to distract and gain insight into attackers.
The IT department of a corporation evaluates its security mechanisms to identify
areas lacking sufficient protection. Which of the following techniques should the
IT department employ?
Verified Answer -D. Gap analysis
An organization frequently implements changes, reconfigurations, and patches
to enhance its IT infrastructure's security and efficiency. The cybersecurity
analyst must carefully analyze dependencies between services, applications,
and interfaces to avoid unintended outages and disruptions during service
restarts or downtime events. How does understanding dependencies impact the
change management process? (Select the three best options.)
Verified Answer -A. Knowing dependencies helps avoid unintended outages
and disruptions during service restarts or downtime events.
B. Understanding dependencies guides the development of effective backout
plans and downtime contingencies.
C. Understanding dependencies supports the development of post-change
performance monitoring to validate system functionality and quickly detect
issues.
After encountering a cyber attack, an organization uses a monitoring solution
that automatically restarts services after it has detected the system has crashed.
What type of functional security control is the company implementing?
Verified Answer -(C. Technical incorrect)
A cyber security analyst wants to reduce the attack surface for a computer that
contains top secret data. The analyst installs a cryptoprocessor as a module
within the central processing unit (CPU) on the designated computer to
