CompTIA Security+ (SY0-701) Complete |\ |\ |\ |\
Course & Exam – 2 with correct answers |\ |\ |\ |\ |\ |\ |\
Jane, a database administrator at Dion Training, wants to ensure
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
that a file has not changed since the last time she uploaded it to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
her cloud storage. She has created an SHA-256 hash digest of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
the file and will compare the stored file's hash digest against the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
one she calculated when she initially uploaded the file. Which of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
the following pillars of the CIANA pentagon is she focused on? -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔Integrity |\ |\
Vikas, a developer at Dion Training, just digitally signed the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
company's new app before releasing it in the App Store. Before
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
the app is installed, the user's device will validate the digitally
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
signature to ensure that it was actually developed and uploaded
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
by Dion Training. Which of the following pillars of the CIANA
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
pentagon is she focused on? - CORRECT ANSWERS ✔✔Non-
|\ |\ |\ |\ |\ |\ |\ |\
repudiation
Jason, an instructor at Dion Training, is logging into the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
company's exam application to write some new questions for the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CompTIA Security+ exam. He enters his username/password at
|\ |\ |\ |\ |\ |\ |\ |\
the login prompt and then receives a one-time code on his
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
smartphone that he enters to validate his identity. Which of the |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
following pillars of security was he focused on when performing
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
this action? - CORRECT ANSWERS ✔✔Authentication
|\ |\ |\ |\ |\
David, the CTO of Dion Training, just sent out a new policy that
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
will require all of the company's users to reset their password
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
,every 60 days using a long, strong, and complex password.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
Which of the following type of security controls best classifies this
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
policy? - CORRECT ANSWERS ✔✔Directive
|\ |\ |\ |\ |\
Christle, a student support manager at Dion Training, is logging
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
into the company's exam voucher application to help a student
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
schedule their CompTIA Security+ exam. Even though she is
|\ |\ |\ |\ |\ |\ |\ |\ |\
already connected to the corporate network, the application asks
|\ |\ |\ |\ |\ |\ |\ |\ |\
her to validate her identity by sending her a one-time code on
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
her smartphone that she enters to validate her identity. Which of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
the following security concepts is being utilized by the company's
|\ |\ |\ |\ |\ |\ |\ |\ |\
architecture? - CORRECT ANSWERS ✔✔Zero trust
|\ |\ |\ |\ |\ |\
Which of the following is a primary motivation for a hacktivist
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
threat actor? - CORRECT ANSWERS ✔✔Ideological beliefs
|\ |\ |\ |\ |\ |\
Which attribute of a threat actor indicates the amount of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
financial, technological, and human resources they can use for
|\ |\ |\ |\ |\ |\ |\ |\ |\
their operations? - CORRECT ANSWERS ✔✔Their resource level
|\ |\ |\ |\ |\ |\ |\
Which of the following threat actors primarily operates based
|\ |\ |\ |\ |\ |\ |\ |\ |\
primarily on financial motivations and is considered to be highly
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
structured and sophisticated in their attacks? - CORRECT
|\ |\ |\ |\ |\ |\ |\ |\
ANSWERS ✔✔Organized crime |\ |\
Which type of threat actor would BEST describe a disgruntled
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
employee who may exploit their legitimate access for malicious
|\ |\ |\ |\ |\ |\ |\ |\ |\
purposes? - CORRECT ANSWERS ✔✔Insider threat |\ |\ |\ |\ |\
,Which deceptive technology is a piece of data or a system entity
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
that exists solely to alert the organization when someone
|\ |\ |\ |\ |\ |\ |\ |\ |\
accesses it? - CORRECT ANSWERS ✔✔Honeytoken
|\ |\ |\ |\ |\
Jennifer, a facilities manager at Dion Training, wants to prevent
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
unauthorized vehicles from getting too close to the building and |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
ramming into it. Which of the following physical security control
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
measures should they utilize to achieve this? - CORRECT
|\ |\ |\ |\ |\ |\ |\ |\ |\
ANSWERS ✔✔Bollards |\
Jacob, a security manager at Dion Training, wants to protect a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
sensitive server room against unauthorized physical access
|\ |\ |\ |\ |\ |\ |\
without relying on electronic locking mechanisms. Which of the
|\ |\ |\ |\ |\ |\ |\ |\ |\
following door locks should they utilize to achieve this? -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔Cipher lock |\ |\ |\
Jonni, a security manager at Dion Training, wants to implement a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
physical security control measure at the main entrance of their
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
new corporate headquarters. Their primary objective is to
|\ |\ |\ |\ |\ |\ |\ |\
authenticate individuals in a space between two sets of doors to|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
help prevent tailgating by ensuring that unauthorized persons
|\ |\ |\ |\ |\ |\ |\ |\
don't follow authorized individuals inside. Which of the following
|\ |\ |\ |\ |\ |\ |\ |\ |\
security controls should he implement to best achieve this? -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔Access control vestibule |\ |\ |\ |\
Sheryl, a penetration tester at Dion Training, wants to break into
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
the RFID-protected server room. She sees Mazen sitting in a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
coffee shop, so she briefly places her purse near Mazen's
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
backpack. Later, she uses a device from her purse to access the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
server room. She receives a message stating, "Welcome, Mazen"
|\ |\ |\ |\ |\ |\ |\ |\ |\
when she authenticates with the RFID-based lock using the
|\ |\ |\ |\ |\ |\ |\ |\ |\
, device. Which of the following types of attacks did she utilize to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
gain access to the server room? - CORRECT ANSWERS ✔✔Access
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
badge cloning |\
Which of the following sensors is used to detect changes in
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
environmental heat that is typically emitted by warm bodies such |\ |\ |\ |\ |\ |\ |\ |\ |\
as humans or animals? - CORRECT ANSWERS ✔✔Infrared sensors
|\ |\ |\ |\ |\ |\ |\ |\ |\
Which of the following types of phishing attacks is used to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
specifically target high-level executives or important officials
|\ |\ |\ |\ |\ |\ |\
within an organization? - CORRECT ANSWERS ✔✔Whaling
|\ |\ |\ |\ |\ |\
During an anti-phishing campaign, what primary action should a
|\ |\ |\ |\ |\ |\ |\ |\ |\
company take after simulating a successful phishing attack on its
|\ |\ |\ |\ |\ |\ |\ |\ |\
employees? - CORRECT ANSWERS ✔✔Provide remedial training
|\ |\ |\ |\ |\ |\ |\ |\
to employees who fell for the attack
|\ |\ |\ |\ |\ |\
Which social engineering technique involves searching through a
|\ |\ |\ |\ |\ |\ |\ |\
target's trash or discarded items to obtain sensitive or valuable
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
information? - CORRECT ANSWERS ✔✔Dumpster diving |\ |\ |\ |\ |\
Which social engineering attack involves an attacker creating a
|\ |\ |\ |\ |\ |\ |\ |\ |\
fabricated scenario to manipulate or deceive someone into
|\ |\ |\ |\ |\ |\ |\ |\
divulging confidential information? - CORRECT ANSWERS
|\ |\ |\ |\ |\ |\
✔✔Pretexting
Which of the following is a common motivational trigger used in
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
social engineering attacks to manipulate victims to act or
|\ |\ |\ |\ |\ |\ |\ |\ |\
Course & Exam – 2 with correct answers |\ |\ |\ |\ |\ |\ |\
Jane, a database administrator at Dion Training, wants to ensure
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
that a file has not changed since the last time she uploaded it to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
her cloud storage. She has created an SHA-256 hash digest of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
the file and will compare the stored file's hash digest against the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
one she calculated when she initially uploaded the file. Which of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
the following pillars of the CIANA pentagon is she focused on? -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔Integrity |\ |\
Vikas, a developer at Dion Training, just digitally signed the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
company's new app before releasing it in the App Store. Before
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
the app is installed, the user's device will validate the digitally
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
signature to ensure that it was actually developed and uploaded
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
by Dion Training. Which of the following pillars of the CIANA
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
pentagon is she focused on? - CORRECT ANSWERS ✔✔Non-
|\ |\ |\ |\ |\ |\ |\ |\
repudiation
Jason, an instructor at Dion Training, is logging into the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
company's exam application to write some new questions for the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CompTIA Security+ exam. He enters his username/password at
|\ |\ |\ |\ |\ |\ |\ |\
the login prompt and then receives a one-time code on his
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
smartphone that he enters to validate his identity. Which of the |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
following pillars of security was he focused on when performing
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
this action? - CORRECT ANSWERS ✔✔Authentication
|\ |\ |\ |\ |\
David, the CTO of Dion Training, just sent out a new policy that
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
will require all of the company's users to reset their password
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
,every 60 days using a long, strong, and complex password.
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
Which of the following type of security controls best classifies this
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
policy? - CORRECT ANSWERS ✔✔Directive
|\ |\ |\ |\ |\
Christle, a student support manager at Dion Training, is logging
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
into the company's exam voucher application to help a student
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
schedule their CompTIA Security+ exam. Even though she is
|\ |\ |\ |\ |\ |\ |\ |\ |\
already connected to the corporate network, the application asks
|\ |\ |\ |\ |\ |\ |\ |\ |\
her to validate her identity by sending her a one-time code on
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
her smartphone that she enters to validate her identity. Which of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
the following security concepts is being utilized by the company's
|\ |\ |\ |\ |\ |\ |\ |\ |\
architecture? - CORRECT ANSWERS ✔✔Zero trust
|\ |\ |\ |\ |\ |\
Which of the following is a primary motivation for a hacktivist
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
threat actor? - CORRECT ANSWERS ✔✔Ideological beliefs
|\ |\ |\ |\ |\ |\
Which attribute of a threat actor indicates the amount of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
financial, technological, and human resources they can use for
|\ |\ |\ |\ |\ |\ |\ |\ |\
their operations? - CORRECT ANSWERS ✔✔Their resource level
|\ |\ |\ |\ |\ |\ |\
Which of the following threat actors primarily operates based
|\ |\ |\ |\ |\ |\ |\ |\ |\
primarily on financial motivations and is considered to be highly
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
structured and sophisticated in their attacks? - CORRECT
|\ |\ |\ |\ |\ |\ |\ |\
ANSWERS ✔✔Organized crime |\ |\
Which type of threat actor would BEST describe a disgruntled
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
employee who may exploit their legitimate access for malicious
|\ |\ |\ |\ |\ |\ |\ |\ |\
purposes? - CORRECT ANSWERS ✔✔Insider threat |\ |\ |\ |\ |\
,Which deceptive technology is a piece of data or a system entity
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
that exists solely to alert the organization when someone
|\ |\ |\ |\ |\ |\ |\ |\ |\
accesses it? - CORRECT ANSWERS ✔✔Honeytoken
|\ |\ |\ |\ |\
Jennifer, a facilities manager at Dion Training, wants to prevent
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
unauthorized vehicles from getting too close to the building and |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
ramming into it. Which of the following physical security control
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
measures should they utilize to achieve this? - CORRECT
|\ |\ |\ |\ |\ |\ |\ |\ |\
ANSWERS ✔✔Bollards |\
Jacob, a security manager at Dion Training, wants to protect a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
sensitive server room against unauthorized physical access
|\ |\ |\ |\ |\ |\ |\
without relying on electronic locking mechanisms. Which of the
|\ |\ |\ |\ |\ |\ |\ |\ |\
following door locks should they utilize to achieve this? -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔Cipher lock |\ |\ |\
Jonni, a security manager at Dion Training, wants to implement a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
physical security control measure at the main entrance of their
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
new corporate headquarters. Their primary objective is to
|\ |\ |\ |\ |\ |\ |\ |\
authenticate individuals in a space between two sets of doors to|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
help prevent tailgating by ensuring that unauthorized persons
|\ |\ |\ |\ |\ |\ |\ |\
don't follow authorized individuals inside. Which of the following
|\ |\ |\ |\ |\ |\ |\ |\ |\
security controls should he implement to best achieve this? -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔Access control vestibule |\ |\ |\ |\
Sheryl, a penetration tester at Dion Training, wants to break into
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
the RFID-protected server room. She sees Mazen sitting in a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
coffee shop, so she briefly places her purse near Mazen's
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
backpack. Later, she uses a device from her purse to access the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
server room. She receives a message stating, "Welcome, Mazen"
|\ |\ |\ |\ |\ |\ |\ |\ |\
when she authenticates with the RFID-based lock using the
|\ |\ |\ |\ |\ |\ |\ |\ |\
, device. Which of the following types of attacks did she utilize to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
gain access to the server room? - CORRECT ANSWERS ✔✔Access
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
badge cloning |\
Which of the following sensors is used to detect changes in
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
environmental heat that is typically emitted by warm bodies such |\ |\ |\ |\ |\ |\ |\ |\ |\
as humans or animals? - CORRECT ANSWERS ✔✔Infrared sensors
|\ |\ |\ |\ |\ |\ |\ |\ |\
Which of the following types of phishing attacks is used to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
specifically target high-level executives or important officials
|\ |\ |\ |\ |\ |\ |\
within an organization? - CORRECT ANSWERS ✔✔Whaling
|\ |\ |\ |\ |\ |\
During an anti-phishing campaign, what primary action should a
|\ |\ |\ |\ |\ |\ |\ |\ |\
company take after simulating a successful phishing attack on its
|\ |\ |\ |\ |\ |\ |\ |\ |\
employees? - CORRECT ANSWERS ✔✔Provide remedial training
|\ |\ |\ |\ |\ |\ |\ |\
to employees who fell for the attack
|\ |\ |\ |\ |\ |\
Which social engineering technique involves searching through a
|\ |\ |\ |\ |\ |\ |\ |\
target's trash or discarded items to obtain sensitive or valuable
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
information? - CORRECT ANSWERS ✔✔Dumpster diving |\ |\ |\ |\ |\
Which social engineering attack involves an attacker creating a
|\ |\ |\ |\ |\ |\ |\ |\ |\
fabricated scenario to manipulate or deceive someone into
|\ |\ |\ |\ |\ |\ |\ |\
divulging confidential information? - CORRECT ANSWERS
|\ |\ |\ |\ |\ |\
✔✔Pretexting
Which of the following is a common motivational trigger used in
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
social engineering attacks to manipulate victims to act or
|\ |\ |\ |\ |\ |\ |\ |\ |\
