401 SEC+ Exam Guaranteed Pass: Questions from
Renowned Educators & World-Class Academics with
Comprehensive Explanations to Boost Your Grades
After recovering from a data breach in which customer data was lost, the legal team meets with
the Chief Security Officer (CSO) to discuss ways to better protect the privacy of customer data.
Which of the following controls support this goal?
A. Contingency planning
B. Encryption and stronger access control
C. Hashing and non-repudiation
D. Redundancy and fault tolerance - -correct ans- -Answer: B
Explanation:
Encryption is used to protect data/contents/documents. Access control refers to controlling who
accesses any data/contents/documents and to exercise authorized control to the accessing of
that data.
A security audit identifies a number of large email messages being sent by a specific user from
their company email account to another address external to the company. These messages
were sent prior to a company data breach, which prompted the security audit. The user was
one of a few people who had access to the leaked data. Review of the suspect's emails show
they consist mostly of pictures of the user at various locations during a recent vacation. No
suspicious activities from other users who have access to the data were discovered.
Which of the following is occurring?
A. The user is encrypting the data in the outgoing messages.
B. The user is using steganography.
C. The user is spamming to obfuscate the activity.
D. The user is using hashing to embed data in the emails. - -correct ans- -Answer: B
,Explanation:
Steganography is the process of hiding one message in another. Steganography may also be
referred to as electronic watermarking. It is also the process of hiding a message in a medium
such as a digital image, audio fi le, or other fi le. In theory, doing this prevents analysts from
detecting the real message. You could encode your message in another file or message and use
that file to hide your message
A system administrator has been instructed by the head of security to protect their data atrest.
Which of the following would provide the strongest protection?
A. Prohibiting removable media
B. Incorporating a full-disk encryption system
C. Biometric controls on data center entry points
D. A host-based intrusion detection system - -correct ans- -Answer: B
Explanation:
Full disk encryption can be used to encrypt an entire volume with 128-bit encryption. When the
entire volume is encrypted, the data is not accessible to someone who might boot another
operating system in an attempt to bypass the computer's security. Full disk encryption is
sometimes referred to as hard drive encryption. This would be best to protect data that is at
rest
Several departments within a company have a business need to send high volumes of
confidential information to customers via email. Which of the following is the BEST solution to
mitigate unintentional exposure of confidential information?
A. Employ encryption on all outbound emails containing confidential information.
B. Employ exact data matching and prevent inbound emails with Data Loss Prevention.
C. Employ hashing on all outbound emails containing confidential information.
D. Employ exact data matching and encrypt inbound e-mails with Data Loss Prevention. -
correct ans- -Answer: A
Explanation:
, Encryption is used to ensure the confidentiality of information and in this case the outbound
email that contains the confidential information should be encrypted
A security analyst has been notified that trade secrets are being leaked from one of the
executives in the corporation. When reviewing this executive's laptop they notice several
pictures of the employee's pets are on the hard drive and on a cloud storage network. When
the analyst hashes the images on the hard drive against the hashes on the cloud network they
do not match.
Which of the following describes how the employee is leaking these secrets?
A. Social engineering
B. Steganography
C. Hashing
D. Digital signatures - -correct ans- -Answer: B
Explanation:
Steganography is the process of hiding one message in another. Steganography may also be
referred to as electronic watermarking. It is also the process of hiding a message in a medium
such as a digital image, audio fi le, or other fi le. In theory, doing this prevents analysts from
detecting the real message. You could encode your message in another file or message and use
that file to hide your message.
Customers' credit card information was stolen from a popular video streaming company. A
security consultant determined that the information was stolen, while in transit, from the
gaming consoles of a particu lar vendor. Which of the following methods should the company
consider to secure this data in the future?
A. Application firewalls
B. Manual updates
C. Firmware version control
D. Encrypted TCP wrappers - -correct ans- -Answer: D
Renowned Educators & World-Class Academics with
Comprehensive Explanations to Boost Your Grades
After recovering from a data breach in which customer data was lost, the legal team meets with
the Chief Security Officer (CSO) to discuss ways to better protect the privacy of customer data.
Which of the following controls support this goal?
A. Contingency planning
B. Encryption and stronger access control
C. Hashing and non-repudiation
D. Redundancy and fault tolerance - -correct ans- -Answer: B
Explanation:
Encryption is used to protect data/contents/documents. Access control refers to controlling who
accesses any data/contents/documents and to exercise authorized control to the accessing of
that data.
A security audit identifies a number of large email messages being sent by a specific user from
their company email account to another address external to the company. These messages
were sent prior to a company data breach, which prompted the security audit. The user was
one of a few people who had access to the leaked data. Review of the suspect's emails show
they consist mostly of pictures of the user at various locations during a recent vacation. No
suspicious activities from other users who have access to the data were discovered.
Which of the following is occurring?
A. The user is encrypting the data in the outgoing messages.
B. The user is using steganography.
C. The user is spamming to obfuscate the activity.
D. The user is using hashing to embed data in the emails. - -correct ans- -Answer: B
,Explanation:
Steganography is the process of hiding one message in another. Steganography may also be
referred to as electronic watermarking. It is also the process of hiding a message in a medium
such as a digital image, audio fi le, or other fi le. In theory, doing this prevents analysts from
detecting the real message. You could encode your message in another file or message and use
that file to hide your message
A system administrator has been instructed by the head of security to protect their data atrest.
Which of the following would provide the strongest protection?
A. Prohibiting removable media
B. Incorporating a full-disk encryption system
C. Biometric controls on data center entry points
D. A host-based intrusion detection system - -correct ans- -Answer: B
Explanation:
Full disk encryption can be used to encrypt an entire volume with 128-bit encryption. When the
entire volume is encrypted, the data is not accessible to someone who might boot another
operating system in an attempt to bypass the computer's security. Full disk encryption is
sometimes referred to as hard drive encryption. This would be best to protect data that is at
rest
Several departments within a company have a business need to send high volumes of
confidential information to customers via email. Which of the following is the BEST solution to
mitigate unintentional exposure of confidential information?
A. Employ encryption on all outbound emails containing confidential information.
B. Employ exact data matching and prevent inbound emails with Data Loss Prevention.
C. Employ hashing on all outbound emails containing confidential information.
D. Employ exact data matching and encrypt inbound e-mails with Data Loss Prevention. -
correct ans- -Answer: A
Explanation:
, Encryption is used to ensure the confidentiality of information and in this case the outbound
email that contains the confidential information should be encrypted
A security analyst has been notified that trade secrets are being leaked from one of the
executives in the corporation. When reviewing this executive's laptop they notice several
pictures of the employee's pets are on the hard drive and on a cloud storage network. When
the analyst hashes the images on the hard drive against the hashes on the cloud network they
do not match.
Which of the following describes how the employee is leaking these secrets?
A. Social engineering
B. Steganography
C. Hashing
D. Digital signatures - -correct ans- -Answer: B
Explanation:
Steganography is the process of hiding one message in another. Steganography may also be
referred to as electronic watermarking. It is also the process of hiding a message in a medium
such as a digital image, audio fi le, or other fi le. In theory, doing this prevents analysts from
detecting the real message. You could encode your message in another file or message and use
that file to hide your message.
Customers' credit card information was stolen from a popular video streaming company. A
security consultant determined that the information was stolen, while in transit, from the
gaming consoles of a particu lar vendor. Which of the following methods should the company
consider to secure this data in the future?
A. Application firewalls
B. Manual updates
C. Firmware version control
D. Encrypted TCP wrappers - -correct ans- -Answer: D
