CompTIA CertMaster CE for Security+ -
Domain 4.0 Security Operations
Assessment with Correct Solutions
An organization needs to implement web filtering to bolster its security. The goal is to
ensure consistent policy enforcement for both in-office and remote workers. Which of
the following web filtering methods BEST meets this requirement?
A. Utilizing a centralized proxy server
B. Deploying agent-based web filtering
C. Implementing manual URL blocking
D. Relying solely on reputation-based filtering - ANSWER-B. Deploying agent-based
web filtering
A software technician delivers a presentation on the capabilities associated with
centralizing web filtering. When exploring techniques tied to centralized proxy service
employment to protect traffic, what classifies websites into various groupings, such as
social networking, webmail, or gambling sites?
A. Content categorization
B. URL scanning
C. Block rules
D. Reputation-based filtering - ANSWER-A. Content categorization
A digital forensic analyst at a healthcare company investigates a case involving a recent
data breach. In evaluating the available data sources to assist in the investigation, what
application protocol and event-logging format enables different appliances and software
applications to transmit logs or event records to a central server?
A. Dashboard
B. Endpoint log
C. Application Log
D. Syslog - ANSWER-D. Syslog
A tech company is in the process of decommissioning a fleet of old servers. It wants to
ensure that sensitive data stored on these servers is fully eliminated and is not
accessible in the event of unauthorized attempts. What primary process should the
company implement before disposing or repurposing these servers?
,A. Moving the servers to a secure storage location
B. Deleting all the files on the servers
C. Sanitizing the servers
D. Selling the servers immediately - ANSWER-C. Sanitizing the servers
During the process of merging two companies, the integrated security team is tasked
with consolidating their approaches to managing cybersecurity incidents. Which
comprehensive document should be developed to outline the overall strategy and
procedures for incident response, encompassing preparation, identification,
containment, eradication, recovery, communication protocols, and contacts and
resources for responders?
A. Playbook
B. Communication plan
C. Incident response plan
D. Incident response lifecycle - ANSWER-C. Incident response plan
A forensic analyst at an international law enforcement agency investigates a
sophisticated cyber-espionage case. The analyst must uncover the timeline of
document interactions, detect concealed or system-protected files, interpret categories
of digital events, and trace digital breadcrumbs left behind during media uploads on
social platforms. What combination of data sources would provide the MOST
comprehensive information for this multifaceted investigation?
A. File metadata and event logs
B. Network transaction logs and gateway security logs
C. File metadata with extended attributes and network transaction logs
D. Event logs and gateway security logs - ANSWER-C. File metadata with extended
attributes and network transaction logs
An organization has implemented a Bring Your Own Device (BYOD) policy, allowing
employees to use their personal mobile devices for work-related tasks. Aware of the
varying legal ramifications and privacy concerns across different jurisdictions related to
controlling personal devices, the organization seeks to enhance the security of these
devices within the constraints of these legal and privacy issues. Considering this
context, which of the following measures would be the MOST effective way to navigate
these complexities while striving to secure employees' mobile devices under the BYOD
policy?
A. Restricting all access to company resources from mobile devices
, B. Providing employees with company-owned mobile devices
C. Using MDM solutions to centrally control employees' mobile devices
D. Enforcing complex passwords for all employee mobile devices - ANSWER-C. Using
MDM solutions to centrally control employees' mobile devices
A large multinational company uses a cloud-based document storage system. The
system provides access to documents by considering a combination of factors: the
user's department, geographic location, the document's sensitivity level, and the current
date and time. For example, only the finance department of a specific region can access
its financial reports, and they can do so only during business hours. Which access
control model does the company MOST likely use to manage this complex access
control?
A. Discretionary access control
B. Rule-based access controls
C. Attribute-based access control
D. Role-based access control - ANSWER-C. Attribute-based access control
The IT security team at a large company is implementing more robust authentication
measures to safeguard sensitive data and systems. The team is exploring multifactor
authentication (MFA) options to bolster security. The company deals with highly
confidential information and requires a robust solution. The team has narrowed the
choices and is evaluating which aligns BEST with their security needs. Which multi-
factor authentication method utilizes unique physical characteristics of individuals to
verify their identity?
A. Smart cards
B. SMS-based one-time passwords
C. Biometrics
D. Passwords and PINs - ANSWER-C. Biometrics
A tech department evaluates the benefits of automation and scripting after recently
acquiring new funding. What capability within automation and scripting allows
developers to regularly merge their changes back to the main code branch and evaluate
each merge automatically to help detect and fix integration problems?
A. User provisioning
B. Guardrails
C. Continuous integration and testing
D. Resource provisioning - ANSWER-C. Continuous integration and testing
An information security manager is fine-tuning a Security Information and Event
Management (SIEM) system in a company that has recently reported a series of
Domain 4.0 Security Operations
Assessment with Correct Solutions
An organization needs to implement web filtering to bolster its security. The goal is to
ensure consistent policy enforcement for both in-office and remote workers. Which of
the following web filtering methods BEST meets this requirement?
A. Utilizing a centralized proxy server
B. Deploying agent-based web filtering
C. Implementing manual URL blocking
D. Relying solely on reputation-based filtering - ANSWER-B. Deploying agent-based
web filtering
A software technician delivers a presentation on the capabilities associated with
centralizing web filtering. When exploring techniques tied to centralized proxy service
employment to protect traffic, what classifies websites into various groupings, such as
social networking, webmail, or gambling sites?
A. Content categorization
B. URL scanning
C. Block rules
D. Reputation-based filtering - ANSWER-A. Content categorization
A digital forensic analyst at a healthcare company investigates a case involving a recent
data breach. In evaluating the available data sources to assist in the investigation, what
application protocol and event-logging format enables different appliances and software
applications to transmit logs or event records to a central server?
A. Dashboard
B. Endpoint log
C. Application Log
D. Syslog - ANSWER-D. Syslog
A tech company is in the process of decommissioning a fleet of old servers. It wants to
ensure that sensitive data stored on these servers is fully eliminated and is not
accessible in the event of unauthorized attempts. What primary process should the
company implement before disposing or repurposing these servers?
,A. Moving the servers to a secure storage location
B. Deleting all the files on the servers
C. Sanitizing the servers
D. Selling the servers immediately - ANSWER-C. Sanitizing the servers
During the process of merging two companies, the integrated security team is tasked
with consolidating their approaches to managing cybersecurity incidents. Which
comprehensive document should be developed to outline the overall strategy and
procedures for incident response, encompassing preparation, identification,
containment, eradication, recovery, communication protocols, and contacts and
resources for responders?
A. Playbook
B. Communication plan
C. Incident response plan
D. Incident response lifecycle - ANSWER-C. Incident response plan
A forensic analyst at an international law enforcement agency investigates a
sophisticated cyber-espionage case. The analyst must uncover the timeline of
document interactions, detect concealed or system-protected files, interpret categories
of digital events, and trace digital breadcrumbs left behind during media uploads on
social platforms. What combination of data sources would provide the MOST
comprehensive information for this multifaceted investigation?
A. File metadata and event logs
B. Network transaction logs and gateway security logs
C. File metadata with extended attributes and network transaction logs
D. Event logs and gateway security logs - ANSWER-C. File metadata with extended
attributes and network transaction logs
An organization has implemented a Bring Your Own Device (BYOD) policy, allowing
employees to use their personal mobile devices for work-related tasks. Aware of the
varying legal ramifications and privacy concerns across different jurisdictions related to
controlling personal devices, the organization seeks to enhance the security of these
devices within the constraints of these legal and privacy issues. Considering this
context, which of the following measures would be the MOST effective way to navigate
these complexities while striving to secure employees' mobile devices under the BYOD
policy?
A. Restricting all access to company resources from mobile devices
, B. Providing employees with company-owned mobile devices
C. Using MDM solutions to centrally control employees' mobile devices
D. Enforcing complex passwords for all employee mobile devices - ANSWER-C. Using
MDM solutions to centrally control employees' mobile devices
A large multinational company uses a cloud-based document storage system. The
system provides access to documents by considering a combination of factors: the
user's department, geographic location, the document's sensitivity level, and the current
date and time. For example, only the finance department of a specific region can access
its financial reports, and they can do so only during business hours. Which access
control model does the company MOST likely use to manage this complex access
control?
A. Discretionary access control
B. Rule-based access controls
C. Attribute-based access control
D. Role-based access control - ANSWER-C. Attribute-based access control
The IT security team at a large company is implementing more robust authentication
measures to safeguard sensitive data and systems. The team is exploring multifactor
authentication (MFA) options to bolster security. The company deals with highly
confidential information and requires a robust solution. The team has narrowed the
choices and is evaluating which aligns BEST with their security needs. Which multi-
factor authentication method utilizes unique physical characteristics of individuals to
verify their identity?
A. Smart cards
B. SMS-based one-time passwords
C. Biometrics
D. Passwords and PINs - ANSWER-C. Biometrics
A tech department evaluates the benefits of automation and scripting after recently
acquiring new funding. What capability within automation and scripting allows
developers to regularly merge their changes back to the main code branch and evaluate
each merge automatically to help detect and fix integration problems?
A. User provisioning
B. Guardrails
C. Continuous integration and testing
D. Resource provisioning - ANSWER-C. Continuous integration and testing
An information security manager is fine-tuning a Security Information and Event
Management (SIEM) system in a company that has recently reported a series of
