CompTIA Certmaster CE Security+ Domain 1.0
General Security Concepts Assessment
Question with Correct Answers
A system administrator reviews network access permissions granted to several
devices and revokes their certificates. What log would reflect these changes?
A. Public Key Infrastructure (PKI)
B. Certificate Revocation Lists (CRL)
C. Trusted Platform Module (TPM)
D. Hardware Security Module (HSM) - ✔️✔️Certificate Revocation Lists (CRL)
After encountering a cyber attack, an organization uses a monitoring solution that
automatically restarts services after it has detected the system has crashed. What
type of functional security control is the company implementing?
A. Corrective
B. Compensating
C. Technical
D. Managerial - ✔️✔️Corrective
A defense contractor is enhancing its defensive capabilities by implementing
deception technologies. How can a honey token assist in this strategy? - ✔️✔️It
creates false credentials, login credentials, or other data types to distract and gain
insight into attackers.
, An organization's baseline configuration requires 256-bit keys for a specialized
application used by one of its departments. After conducting some tests, it is
determined that an existing device performs poorly when key lengths exceed 128
bits. After performing a risk assessment, the leadership team authorizes using
128-bit keys for the problematic device, pending its replacement. What type of
control is described in this situation?
A. Technical
B. Compensating
C. Administrative
D. Detective - ✔️✔️Compensating
The organization is implementing a significant software upgrade that necessitates
application restarts. How can the cybersecurity analyst ensure a smooth
transition without causing extended downtime?
A. Conduct the software upgrade without restarting the applications to avoid
interruptions.
B. Schedule the upgrade during nonworking hours to reduce the impact on users.
C. Restart all applications simultaneously to complete the upgrade faster.
D. Implement the upgrade without analyzing software dependencies. -
✔️✔️Schedule the upgrade during nonworking hours to reduce the impact on
users.
A security analyst wishes to implement a system that enforces access decisions to
ensure that the privileges granted to an individual are appropriate for their role
within the organization. Which component is critical for enforcing these access
control decisions?
General Security Concepts Assessment
Question with Correct Answers
A system administrator reviews network access permissions granted to several
devices and revokes their certificates. What log would reflect these changes?
A. Public Key Infrastructure (PKI)
B. Certificate Revocation Lists (CRL)
C. Trusted Platform Module (TPM)
D. Hardware Security Module (HSM) - ✔️✔️Certificate Revocation Lists (CRL)
After encountering a cyber attack, an organization uses a monitoring solution that
automatically restarts services after it has detected the system has crashed. What
type of functional security control is the company implementing?
A. Corrective
B. Compensating
C. Technical
D. Managerial - ✔️✔️Corrective
A defense contractor is enhancing its defensive capabilities by implementing
deception technologies. How can a honey token assist in this strategy? - ✔️✔️It
creates false credentials, login credentials, or other data types to distract and gain
insight into attackers.
, An organization's baseline configuration requires 256-bit keys for a specialized
application used by one of its departments. After conducting some tests, it is
determined that an existing device performs poorly when key lengths exceed 128
bits. After performing a risk assessment, the leadership team authorizes using
128-bit keys for the problematic device, pending its replacement. What type of
control is described in this situation?
A. Technical
B. Compensating
C. Administrative
D. Detective - ✔️✔️Compensating
The organization is implementing a significant software upgrade that necessitates
application restarts. How can the cybersecurity analyst ensure a smooth
transition without causing extended downtime?
A. Conduct the software upgrade without restarting the applications to avoid
interruptions.
B. Schedule the upgrade during nonworking hours to reduce the impact on users.
C. Restart all applications simultaneously to complete the upgrade faster.
D. Implement the upgrade without analyzing software dependencies. -
✔️✔️Schedule the upgrade during nonworking hours to reduce the impact on
users.
A security analyst wishes to implement a system that enforces access decisions to
ensure that the privileges granted to an individual are appropriate for their role
within the organization. Which component is critical for enforcing these access
control decisions?
