CERTMASTER CE SECURITY+ DOMAIN 4.0 SECURITY OPERATION
Questions with Correct Answers
100% Verified Graded A+
1. The chief information officer (CIO) wants to expand the company's ability to accurately
identify vulnerabilities across the company.The CIO wants to be able to scan client PCs,
mobile devices, servers, routers, and switches. What type of scanner are they looking to
institute?
Answer: A. Network vulnerability scanner
2. A financial services company is decommissioning many servers that con- tain highly
sensitive financial information.The company's data protection pol- icy stipulates the need
to use the most secure data destruction methods and comply with strict regulatory
requirements. The company also has a signifi- cant environmental sustainability
commitment and seeks to minimize waste wherever possible. What should the
company's primary course of action be during this process?
Answer: D. Degaussing the servers, rendering the data irretrievable, followed by reselling or
recycling the servers after certification
3. A cyber technician pulls logs on the new Apple iMacs to ensure the com- pany's
,employees adhere to the policy. What log can provide the technician with the computer's
attempted logins or denial when an employee attempts to access a file?
Answer: B. Operating system-specific security logs
4. A large multinational company uses a cloud-based document storage sys- tem. The
system provides access to documents by considering a combina- tion of factors
the user's department, geographic location, the document's sensitivity level, and the
current date and time. For example, only the finance department of a specific region can
access its financial reports, and they can do so only during business hours.Which access
control model does the com- pany MOST likely use to manage this complex access con
Answer: C. Attribute-based access control
5. The IT team at a medium-sized company is upgrading its wireless network security to
protect sensitive data and ensure secure communication between devices. They have
decided to implement Wi-Fi Protected Access 3 (WPA3). What is the primary purpose of
implementing WPA3 on the company's wire- less network?
Answer: C .To enhance wireless network security with the latest encryption standards
6. A security specialist is drafting a memorandum on secure data destruction for the
organization after a recent breach. What benefit does the certification concept offer
when evaluating appropriate disposal/decommissioning?
,Answer: B. It refers to the documentation and verification of the data sanitization or
destruction process.
7. The IT security team at a large company is implementing more robust authentication
measures to safeguard sensitive data and systems. The team is exploring multifactor
authentication (MFA) options to bolster security. The company deals with highly
confidential information and requires a robust
solution. The team has narrowed the choices and is evaluating which aligns BEST with thei
security needs. Which multi-factor authentication method utilizes unique physical
characteristics of individuals to
Answer: C. Biometrics
8. Following an incident in which a company's incident response plan (IRP) failed, the
response team made several updates and changes to the IRP. The CEO wants to test the
IRP with a realistic incident that allows for hands-on demonstrations without engaging in
a full-blown simulation and that doesn't require extensive investment and planning.
Which IRP exercise is the BEST option for this company?
Answer: D. Walkthrough
9. A technology firm's network security specialist notices a sudden increase in unidentified
activities on the firm's Security Event and Incident Management (SIEM) incident tracking
, system. An unknown entity or process also increases the number of reported incidents.
The specialist decides to investigate these incidents. Which combination of data sources
would provide a balanced per- spective to support the investigation?
Answer: B. System-specific security logs, which track system-level operations; logs
generated by applications running on hosts; and real-time reports from the SIEM solution,
summarizing incidents.
10. A proprietary software remains mission-critical ten years after its in-house creation.
The software requires an exception to the rules as it cannot use
the latest in-use operating system (OS) version. How can the IT department protect this
mission-critical software and reduce its exposure factor? (Select the two best options.)
Answer: A. Network segmentation
C. Compensating controls
11. A system administrator has seen repeated positive vulnerability messages only to
discover that no vulnerability exists.The vulnerability messages repeat daily for several
days, causing the system administrators to ignore them.What can the system
administrator do to combat false positives? (Select the two best options.)
Answer: A. Review logs
B. Use different scanners
Questions with Correct Answers
100% Verified Graded A+
1. The chief information officer (CIO) wants to expand the company's ability to accurately
identify vulnerabilities across the company.The CIO wants to be able to scan client PCs,
mobile devices, servers, routers, and switches. What type of scanner are they looking to
institute?
Answer: A. Network vulnerability scanner
2. A financial services company is decommissioning many servers that con- tain highly
sensitive financial information.The company's data protection pol- icy stipulates the need
to use the most secure data destruction methods and comply with strict regulatory
requirements. The company also has a signifi- cant environmental sustainability
commitment and seeks to minimize waste wherever possible. What should the
company's primary course of action be during this process?
Answer: D. Degaussing the servers, rendering the data irretrievable, followed by reselling or
recycling the servers after certification
3. A cyber technician pulls logs on the new Apple iMacs to ensure the com- pany's
,employees adhere to the policy. What log can provide the technician with the computer's
attempted logins or denial when an employee attempts to access a file?
Answer: B. Operating system-specific security logs
4. A large multinational company uses a cloud-based document storage sys- tem. The
system provides access to documents by considering a combina- tion of factors
the user's department, geographic location, the document's sensitivity level, and the
current date and time. For example, only the finance department of a specific region can
access its financial reports, and they can do so only during business hours.Which access
control model does the com- pany MOST likely use to manage this complex access con
Answer: C. Attribute-based access control
5. The IT team at a medium-sized company is upgrading its wireless network security to
protect sensitive data and ensure secure communication between devices. They have
decided to implement Wi-Fi Protected Access 3 (WPA3). What is the primary purpose of
implementing WPA3 on the company's wire- less network?
Answer: C .To enhance wireless network security with the latest encryption standards
6. A security specialist is drafting a memorandum on secure data destruction for the
organization after a recent breach. What benefit does the certification concept offer
when evaluating appropriate disposal/decommissioning?
,Answer: B. It refers to the documentation and verification of the data sanitization or
destruction process.
7. The IT security team at a large company is implementing more robust authentication
measures to safeguard sensitive data and systems. The team is exploring multifactor
authentication (MFA) options to bolster security. The company deals with highly
confidential information and requires a robust
solution. The team has narrowed the choices and is evaluating which aligns BEST with thei
security needs. Which multi-factor authentication method utilizes unique physical
characteristics of individuals to
Answer: C. Biometrics
8. Following an incident in which a company's incident response plan (IRP) failed, the
response team made several updates and changes to the IRP. The CEO wants to test the
IRP with a realistic incident that allows for hands-on demonstrations without engaging in
a full-blown simulation and that doesn't require extensive investment and planning.
Which IRP exercise is the BEST option for this company?
Answer: D. Walkthrough
9. A technology firm's network security specialist notices a sudden increase in unidentified
activities on the firm's Security Event and Incident Management (SIEM) incident tracking
, system. An unknown entity or process also increases the number of reported incidents.
The specialist decides to investigate these incidents. Which combination of data sources
would provide a balanced per- spective to support the investigation?
Answer: B. System-specific security logs, which track system-level operations; logs
generated by applications running on hosts; and real-time reports from the SIEM solution,
summarizing incidents.
10. A proprietary software remains mission-critical ten years after its in-house creation.
The software requires an exception to the rules as it cannot use
the latest in-use operating system (OS) version. How can the IT department protect this
mission-critical software and reduce its exposure factor? (Select the two best options.)
Answer: A. Network segmentation
C. Compensating controls
11. A system administrator has seen repeated positive vulnerability messages only to
discover that no vulnerability exists.The vulnerability messages repeat daily for several
days, causing the system administrators to ignore them.What can the system
administrator do to combat false positives? (Select the two best options.)
Answer: A. Review logs
B. Use different scanners
