CompTIA Security+ 701 Practice Exams |\ |\ |\ |\ |\
with correct answers |\ |\
In a corporate office, employees are required to use their access
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
cards to enter different sections of the building. What type of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
control is being implemented in this scenario?
|\ |\ |\ |\ |\ |\
Detective control |\
Preventive control |\
Physical control |\
Corrective control |\
Physical control |\
- The use of access cards to enter different sections of the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
building is an example of physical control, as it restricts and
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
controls physical access to specific areas.
|\ |\ |\ |\ |\
Detective controls |\
Help to identify and respond to security incidents after they have
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
occurred.
|\
- ex. security cameras
|\ |\ |\
Preventive controls |\
,Aim to stop security incidents before they occur.
|\ |\ |\ |\ |\ |\ |\
Corrective controls |\
Implemented in response to identified security incidents. |\ |\ |\ |\ |\ |\
A financial institution implements encryption for all sensitive data
|\ |\ |\ |\ |\ |\ |\ |\
transmitted between its branches to ensure confidentiality. What
|\ |\ |\ |\ |\ |\ |\ |\ |\
type of control is being applied here?
|\ |\ |\ |\ |\ |\
Technical control |\
Administrative control |\
Physical control |\
Operational control |\
Technical control |\
- Encryption is a technical control that involves the use of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
technology to protect sensitive data during transmission,
|\ |\ |\ |\ |\ |\ |\
ensuring its confidentiality. |\ |\
Administrative controls |\
involve policies, procedures, and training to shape behavior.
|\ |\ |\ |\ |\ |\ |\
,Physical controls |\
Restrict access to physical areas and assets.
|\ |\ |\ |\ |\ |\
Operational control |\
Focus on day-to-day processes and procedures to ensure the
|\ |\ |\ |\ |\ |\ |\ |\ |\
security of information systems.
|\ |\ |\
A company encrypts sensitive customer data to prevent
|\ |\ |\ |\ |\ |\ |\ |\
unauthorized access. What security principle does this primarily
|\ |\ |\ |\ |\ |\ |\ |\
address?
Confidentiality
Integrity
Availability
Accountability
Confidentiality
- Encrypting sensitive customer data helps maintain
|\ |\ |\ |\ |\ |\ |\
confidentiality by protecting it from unauthorized access.
|\ |\ |\ |\ |\ |\
Integrity
Ensures that data remains accurate and unaltered.
|\ |\ |\ |\ |\ |\
, Availability
Focuses on ensuring that resources are accessible when needed.
|\ |\ |\ |\ |\ |\ |\ |\
Accountability
Is about tracking actions and identifying responsible parties.
|\ |\ |\ |\ |\ |\ |\
A system administrator implements regular backups to ensure
|\ |\ |\ |\ |\ |\ |\ |\
that critical data can be restored in the event of a hardware
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
failure. Which security principle does this align with?
|\ |\ |\ |\ |\ |\ |\
Confidentiality
Integrity
Availability
Non-repudiation
Availability
- Regular backups contribute to the ability of critical data by
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
ensuring it can be stores in case of a hardware failure or data
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
loss.
Confidentiality
Is about preventing unauthorized access to sensitive information.
|\ |\ |\ |\ |\ |\ |\
with correct answers |\ |\
In a corporate office, employees are required to use their access
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
cards to enter different sections of the building. What type of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
control is being implemented in this scenario?
|\ |\ |\ |\ |\ |\
Detective control |\
Preventive control |\
Physical control |\
Corrective control |\
Physical control |\
- The use of access cards to enter different sections of the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
building is an example of physical control, as it restricts and
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
controls physical access to specific areas.
|\ |\ |\ |\ |\
Detective controls |\
Help to identify and respond to security incidents after they have
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
occurred.
|\
- ex. security cameras
|\ |\ |\
Preventive controls |\
,Aim to stop security incidents before they occur.
|\ |\ |\ |\ |\ |\ |\
Corrective controls |\
Implemented in response to identified security incidents. |\ |\ |\ |\ |\ |\
A financial institution implements encryption for all sensitive data
|\ |\ |\ |\ |\ |\ |\ |\
transmitted between its branches to ensure confidentiality. What
|\ |\ |\ |\ |\ |\ |\ |\ |\
type of control is being applied here?
|\ |\ |\ |\ |\ |\
Technical control |\
Administrative control |\
Physical control |\
Operational control |\
Technical control |\
- Encryption is a technical control that involves the use of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
technology to protect sensitive data during transmission,
|\ |\ |\ |\ |\ |\ |\
ensuring its confidentiality. |\ |\
Administrative controls |\
involve policies, procedures, and training to shape behavior.
|\ |\ |\ |\ |\ |\ |\
,Physical controls |\
Restrict access to physical areas and assets.
|\ |\ |\ |\ |\ |\
Operational control |\
Focus on day-to-day processes and procedures to ensure the
|\ |\ |\ |\ |\ |\ |\ |\ |\
security of information systems.
|\ |\ |\
A company encrypts sensitive customer data to prevent
|\ |\ |\ |\ |\ |\ |\ |\
unauthorized access. What security principle does this primarily
|\ |\ |\ |\ |\ |\ |\ |\
address?
Confidentiality
Integrity
Availability
Accountability
Confidentiality
- Encrypting sensitive customer data helps maintain
|\ |\ |\ |\ |\ |\ |\
confidentiality by protecting it from unauthorized access.
|\ |\ |\ |\ |\ |\
Integrity
Ensures that data remains accurate and unaltered.
|\ |\ |\ |\ |\ |\
, Availability
Focuses on ensuring that resources are accessible when needed.
|\ |\ |\ |\ |\ |\ |\ |\
Accountability
Is about tracking actions and identifying responsible parties.
|\ |\ |\ |\ |\ |\ |\
A system administrator implements regular backups to ensure
|\ |\ |\ |\ |\ |\ |\ |\
that critical data can be restored in the event of a hardware
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
failure. Which security principle does this align with?
|\ |\ |\ |\ |\ |\ |\
Confidentiality
Integrity
Availability
Non-repudiation
Availability
- Regular backups contribute to the ability of critical data by
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
ensuring it can be stores in case of a hardware failure or data
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
loss.
Confidentiality
Is about preventing unauthorized access to sensitive information.
|\ |\ |\ |\ |\ |\ |\
