Geschreven door studenten die geslaagd zijn Direct beschikbaar na je betaling Online lezen of als PDF Verkeerd document? Gratis ruilen 4,6 TrustPilot
logo-home
Tentamen (uitwerkingen)

COMPTIA SECURITY + EXAM 2025 QUESTIONS AND ANSWERS

Beoordeling
-
Verkocht
-
Pagina's
55
Cijfer
A+
Geüpload op
08-07-2025
Geschreven in
2024/2025

COMPTIA SECURITY + EXAM 2025 QUESTIONS AND ANSWERS

Instelling
FEDVTE
Vak
FEDVTE

Voorbeeld van de inhoud

COMPTIA SECURITY + EXAM 2025
QUESTIONS AND ANSWERS


Reconnaissance - ....ANSWER ...-Reconnaissance is the process of gathering

information about an organization, including:

System hardware information

Network configuration

Individual user information


Social Engineering - ....ANSWER ...-Social engineering is the process of

manipulating others to give you sensitive information such as:

Intimidation

Sympathy


Technical - ....ANSWER ...-A technical approach is using software or utilities to

find vulnerabilities in a system.

Port scan

Ping sweep


Breach - ....ANSWER ...-A breach is the penetration of system defenses, achieved

through information gathered by reconnaissance to penetrate the system defenses and

gain unauthorized access.


...©️ 2025, ALL RIGHTS RESERVED 1

,Escalate Privileges - ....ANSWER ...-Escalating privileges is one of the primary

objectives of an attacker and can be achieved by configuring additional (escalated) rights

to do more than just breaching the system.


Create a Backdoor - ....ANSWER ...-Creating a backdoor is an alternative method

of accessing an application or operating system for troubleshooting. Hackers often

create backdoors to exploit a system without being detected.


Stage - ....ANSWER ...-Staging a computer involves preparing it to perform

additional tasks in the attack, such as installing software designed to attack other

systems. This is an optional step.


Exploit - ....ANSWER ...-An exploitation takes advantage of known vulnerabilities

in software and systems. Types of exploitation include:

Stealing information

Denying services

Crashing systems

Modifying/Altering information


Layering - ....ANSWER ...-Layering involves implementing multiple security

strategies to protect the same asset. Defense in depth or security in depth is the premise

that no single layer is completely effective in securing the assets. The most secure

system/network has many layers of security and eliminates single points of failure.


Principle of Least Privilege - ....ANSWER ...-The principle of least privilege states

that users or groups are given only the access they need to do their job and nothing




...©️ 2025, ALL RIGHTS RESERVED 2

,more. When assigning privileges, be aware that it is often easier to give a user more

access when they need it than to take away privileges that have already been granted.


Variety - ....ANSWER ...-Defensive layers should have variety and be diverse;

implementing multiple layers of the exact same defense does not provide adequate

strength against attacks.


Randomness - ....ANSWER ...-Randomness in security is the constant change in

personal habits and passwords to prevent anticipated events and exploitation.


Simplicity - ....ANSWER ...-Security measures should provide protection, but not

be so complex that you do not understand and use them.


Sophisticated Attacks - ....ANSWER ...-Sophisticated attacks are complex, making

them difficult to detect and thwart. Sophisticated attacks:

Use common internet tools and protocols, making it difficult to distinguish an attack

from legitimate traffic.

Vary their behavior, making the same attack appear differently each time.


Proliferation of Attack Software - ....ANSWER ...-A wide variety of attack tools are

available on the internet, allowing anyone with a moderate level of technical knowledge

to download the tools and run an attack.


Attack Scale and Velocity - ....ANSWER ...-The scale and velocity of an attack can

grow to millions of computers in a matter of minutes or days due to its ability to

proliferate on the internet. Because modern attacks are not limited to user interactions,

such as using a floppy disk, to spread an attack from machine to machine, the attacks

often affect very large numbers of computers in a relatively short amount of time.



...©️ 2025, ALL RIGHTS RESERVED 3

, Confidentiality - ....ANSWER ...-Ensures that data is not disclosed to unintended

persons. This is provided through encryption, which converts the data into a form that

makes it less likely to be usable by an unintended recipient.


Integrity - ....ANSWER ...-ensures that data is not modified or tampered with. This

is provided through hashing.


Availability - ....ANSWER ...-which ensures the uptime of the system so that data

is available when needed


Non-repudiation - ....ANSWER ...-provides validation of a message's origin. For

example, if a user sends a digitally signed email, they cannot claim later that the email

was not sent. Non-repudiation is enforced by digital signatures.


CIA of Security - ....ANSWER ...-refers to confidentiality, integrity, and availability.

These are often identified as the three main goals of security.


Physical security - ....ANSWER ...-which includes all hardware and software

necessary to secure data, such as firewalls and antivirus software.


Users and administrators - ....ANSWER ...-which are the people who use the

software and the people who manage the software, respectively.


Policies - ....ANSWER ...-which are the rules an organization implements to

protect information.


Risk management - ....ANSWER ...-is the process of identifying security issues and

deciding which countermeasures to take in reducing risk to an acceptable level. The

main objective is to reduce the risk for an organization to a level that is deemed

acceptable by senior management.


...©️ 2025, ALL RIGHTS RESERVED 4

Geschreven voor

Instelling
FEDVTE
Vak
FEDVTE

Documentinformatie

Geüpload op
8 juli 2025
Aantal pagina's
55
Geschreven in
2024/2025
Type
Tentamen (uitwerkingen)
Bevat
Vragen en antwoorden

Onderwerpen

$13.99
Krijg toegang tot het volledige document:

Verkeerd document? Gratis ruilen Binnen 14 dagen na aankoop en voor het downloaden kun je een ander document kiezen. Je kunt het bedrag gewoon opnieuw besteden.
Geschreven door studenten die geslaagd zijn
Direct beschikbaar na je betaling
Online lezen of als PDF


Ook beschikbaar in voordeelbundel

Thumbnail
Voordeelbundel
FEDVTE Bundled Exams 2025 (Questions and Answers)
-
10 2025
$ 37.45 Meer info

Maak kennis met de verkoper

Seller avatar
De reputatie van een verkoper is gebaseerd op het aantal documenten dat iemand tegen betaling verkocht heeft en de beoordelingen die voor die items ontvangen zijn. Er zijn drie niveau’s te onderscheiden: brons, zilver en goud. Hoe beter de reputatie, hoe meer de kwaliteit van zijn of haar werk te vertrouwen is.
EmilyCharlene Teachme2-tutor
Bekijk profiel
Volgen Je moet ingelogd zijn om studenten of vakken te kunnen volgen
Verkocht
506
Lid sinds
2 jaar
Aantal volgers
138
Documenten
22979
Laatst verkocht
3 dagen geleden
Charlene\'s Scholastic Emporium.

Your Actual and Virtual Exam Tests Excellent Tutor.

3.6

113 beoordelingen

5
51
4
18
3
17
2
7
1
20

Waarom studenten kiezen voor Stuvia

Gemaakt door medestudenten, geverifieerd door reviews

Kwaliteit die je kunt vertrouwen: geschreven door studenten die slaagden en beoordeeld door anderen die dit document gebruikten.

Niet tevreden? Kies een ander document

Geen zorgen! Je kunt voor hetzelfde geld direct een ander document kiezen dat beter past bij wat je zoekt.

Betaal zoals je wilt, start meteen met leren

Geen abonnement, geen verplichtingen. Betaal zoals je gewend bent via iDeal of creditcard en download je PDF-document meteen.

Student with book image

“Gekocht, gedownload en geslaagd. Zo makkelijk kan het dus zijn.”

Alisha Student

Bezig met je bronvermelding?

Maak nauwkeurige citaten in APA, MLA en Harvard met onze gratis bronnengenerator.

Bezig met je bronvermelding?

Veelgestelde vragen