Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

COMPTIA SECURITY + EXAM 2025 QUESTIONS AND ANSWERS

Rating
-
Sold
-
Pages
55
Grade
A+
Uploaded on
08-07-2025
Written in
2024/2025

COMPTIA SECURITY + EXAM 2025 QUESTIONS AND ANSWERS

Institution
FEDVTE
Course
FEDVTE

Content preview

COMPTIA SECURITY + EXAM 2025
QUESTIONS AND ANSWERS


Reconnaissance - ....ANSWER ...-Reconnaissance is the process of gathering

information about an organization, including:

System hardware information

Network configuration

Individual user information


Social Engineering - ....ANSWER ...-Social engineering is the process of

manipulating others to give you sensitive information such as:

Intimidation

Sympathy


Technical - ....ANSWER ...-A technical approach is using software or utilities to

find vulnerabilities in a system.

Port scan

Ping sweep


Breach - ....ANSWER ...-A breach is the penetration of system defenses, achieved

through information gathered by reconnaissance to penetrate the system defenses and

gain unauthorized access.


...©️ 2025, ALL RIGHTS RESERVED 1

,Escalate Privileges - ....ANSWER ...-Escalating privileges is one of the primary

objectives of an attacker and can be achieved by configuring additional (escalated) rights

to do more than just breaching the system.


Create a Backdoor - ....ANSWER ...-Creating a backdoor is an alternative method

of accessing an application or operating system for troubleshooting. Hackers often

create backdoors to exploit a system without being detected.


Stage - ....ANSWER ...-Staging a computer involves preparing it to perform

additional tasks in the attack, such as installing software designed to attack other

systems. This is an optional step.


Exploit - ....ANSWER ...-An exploitation takes advantage of known vulnerabilities

in software and systems. Types of exploitation include:

Stealing information

Denying services

Crashing systems

Modifying/Altering information


Layering - ....ANSWER ...-Layering involves implementing multiple security

strategies to protect the same asset. Defense in depth or security in depth is the premise

that no single layer is completely effective in securing the assets. The most secure

system/network has many layers of security and eliminates single points of failure.


Principle of Least Privilege - ....ANSWER ...-The principle of least privilege states

that users or groups are given only the access they need to do their job and nothing




...©️ 2025, ALL RIGHTS RESERVED 2

,more. When assigning privileges, be aware that it is often easier to give a user more

access when they need it than to take away privileges that have already been granted.


Variety - ....ANSWER ...-Defensive layers should have variety and be diverse;

implementing multiple layers of the exact same defense does not provide adequate

strength against attacks.


Randomness - ....ANSWER ...-Randomness in security is the constant change in

personal habits and passwords to prevent anticipated events and exploitation.


Simplicity - ....ANSWER ...-Security measures should provide protection, but not

be so complex that you do not understand and use them.


Sophisticated Attacks - ....ANSWER ...-Sophisticated attacks are complex, making

them difficult to detect and thwart. Sophisticated attacks:

Use common internet tools and protocols, making it difficult to distinguish an attack

from legitimate traffic.

Vary their behavior, making the same attack appear differently each time.


Proliferation of Attack Software - ....ANSWER ...-A wide variety of attack tools are

available on the internet, allowing anyone with a moderate level of technical knowledge

to download the tools and run an attack.


Attack Scale and Velocity - ....ANSWER ...-The scale and velocity of an attack can

grow to millions of computers in a matter of minutes or days due to its ability to

proliferate on the internet. Because modern attacks are not limited to user interactions,

such as using a floppy disk, to spread an attack from machine to machine, the attacks

often affect very large numbers of computers in a relatively short amount of time.



...©️ 2025, ALL RIGHTS RESERVED 3

, Confidentiality - ....ANSWER ...-Ensures that data is not disclosed to unintended

persons. This is provided through encryption, which converts the data into a form that

makes it less likely to be usable by an unintended recipient.


Integrity - ....ANSWER ...-ensures that data is not modified or tampered with. This

is provided through hashing.


Availability - ....ANSWER ...-which ensures the uptime of the system so that data

is available when needed


Non-repudiation - ....ANSWER ...-provides validation of a message's origin. For

example, if a user sends a digitally signed email, they cannot claim later that the email

was not sent. Non-repudiation is enforced by digital signatures.


CIA of Security - ....ANSWER ...-refers to confidentiality, integrity, and availability.

These are often identified as the three main goals of security.


Physical security - ....ANSWER ...-which includes all hardware and software

necessary to secure data, such as firewalls and antivirus software.


Users and administrators - ....ANSWER ...-which are the people who use the

software and the people who manage the software, respectively.


Policies - ....ANSWER ...-which are the rules an organization implements to

protect information.


Risk management - ....ANSWER ...-is the process of identifying security issues and

deciding which countermeasures to take in reducing risk to an acceptable level. The

main objective is to reduce the risk for an organization to a level that is deemed

acceptable by senior management.


...©️ 2025, ALL RIGHTS RESERVED 4

Written for

Institution
FEDVTE
Course
FEDVTE

Document information

Uploaded on
July 8, 2025
Number of pages
55
Written in
2024/2025
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$13.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF


Also available in package deal

Thumbnail
Package deal
FEDVTE Bundled Exams 2025 (Questions and Answers)
-
10 2025
$ 37.45 More info

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
EmilyCharlene Teachme2-tutor
View profile
Follow You need to be logged in order to follow users or courses
Sold
506
Member since
2 year
Number of followers
138
Documents
22979
Last sold
3 days ago
Charlene\'s Scholastic Emporium.

Your Actual and Virtual Exam Tests Excellent Tutor.

3.6

113 reviews

5
51
4
18
3
17
2
7
1
20

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions