1|Page
COMPTIA CERTMASTER CE SECURITY EXAM
BUNDLE DEAL
A security administrator is implementing a security
program that addresses confidentiality and availability.
What else should the administrator include? -
.....ANSWER... ✔✔ Ensure systems are not susceptible
to unauthorized changes
You need to transmit PII via email and you wan tot
maintain its confidentiality. What should you do? -
.....ANSWER... ✔✔ Encrypt it before sending
Lisa manages network devices in your organization and
maintains copies of the configuration files for all the
managed routers and switches. On a weekly basis, she
creates hashes for these files and compares them with
the hashes she created on the same files the previous
week. Which security goal is she pursuing? -
.....ANSWER... ✔✔ Integrity
An organization wants to provide protection against
malware attacks. Administrators have installed antivirus
,2|Page
software on all computers. Additionally, they
implemented a firewall and an IDS on the network.
What identifies this principle? - .....ANSWER... ✔✔
Layered Security
Homer called into the help desk and says he forgot his
password. What should the help-desk professional do
after Homer has verified his identity? - .....ANSWER...
✔✔ Reset the password and configure the password
to expire after the first use
Which type of authentication does a hardware token
provide? - .....ANSWER... ✔✔ One-time password
Which type of authentication is a retina scan? -
.....ANSWER... ✔✔ Biometric
Users are required to log on to their computers with a
smart card and a PIN. Which describes this? -
.....ANSWER... ✔✔ Multifactor authentication
Your company recently began allowing workers to
telecommute from home one or more days a week.
However, your company doesn't currently have a remote
access solution. They want to implement an AAA solution
,3|Page
that supports different vendors. Which of the following is
the BEST choice? - .....ANSWER... ✔✔ RADIUS
Your organization has implemented a system that stores
user credentials in a central database. Users log on once
with their credentials. They can then access other systems
in the organization without logging on again. What does
this describe? - .....ANSWER... ✔✔ Single sign-on
Your organization issues users a variety of different
mobile devices. However, management wants to reduce
potential data losses if the devices are lost or stolen.
Which of the following is the BEST technical control to
achieve this goal? - .....ANSWER... ✔✔ Disk
encryption
Your primary job activities include monitoring security
logs, analyzing trend reports, and installing CCTV
systems. Which of the following choices BEST identifies
your responsibilities? - .....ANSWER... ✔✔ Detecting
security incidents and implementing monitoring controls
A security professional has reported an increase in the
number of tailgating violations into a secure data center.
What can prevent this? - .....ANSWER... ✔✔ Mantrap
, 4|Page
You are redesigning your password policy. You want to
ensure that users change their passwords regularly, but
they are unable to reuse passwords. What settings
should you configure? - .....ANSWER... ✔✔ Maximum
password age, password history, and minimum
password age
An outside security auditor recently completed an in-
depth security audit on your network. One of the issues
he reported was related to passwords. Specifically, he
found the following passwords used on the network:
Pa$$, 1@W2, and G7bT3. What should be changed to
avoid the problem shown with these passwords? -
.....ANSWER... ✔✔ Password length
A recent security audit discovered several apparently
dormant user accounts. Although users could log on to
the accounts, no one had logged on to them for more
than 60 days. You later discovered that these accounts
are for contractors who work approximately one week
every quarter. What is the BEST response to this
situation? - .....ANSWER... ✔✔ Disable the accounts
Your organization routinely hires contractors to assist
with different projects. Administrators are rarely notified
COMPTIA CERTMASTER CE SECURITY EXAM
BUNDLE DEAL
A security administrator is implementing a security
program that addresses confidentiality and availability.
What else should the administrator include? -
.....ANSWER... ✔✔ Ensure systems are not susceptible
to unauthorized changes
You need to transmit PII via email and you wan tot
maintain its confidentiality. What should you do? -
.....ANSWER... ✔✔ Encrypt it before sending
Lisa manages network devices in your organization and
maintains copies of the configuration files for all the
managed routers and switches. On a weekly basis, she
creates hashes for these files and compares them with
the hashes she created on the same files the previous
week. Which security goal is she pursuing? -
.....ANSWER... ✔✔ Integrity
An organization wants to provide protection against
malware attacks. Administrators have installed antivirus
,2|Page
software on all computers. Additionally, they
implemented a firewall and an IDS on the network.
What identifies this principle? - .....ANSWER... ✔✔
Layered Security
Homer called into the help desk and says he forgot his
password. What should the help-desk professional do
after Homer has verified his identity? - .....ANSWER...
✔✔ Reset the password and configure the password
to expire after the first use
Which type of authentication does a hardware token
provide? - .....ANSWER... ✔✔ One-time password
Which type of authentication is a retina scan? -
.....ANSWER... ✔✔ Biometric
Users are required to log on to their computers with a
smart card and a PIN. Which describes this? -
.....ANSWER... ✔✔ Multifactor authentication
Your company recently began allowing workers to
telecommute from home one or more days a week.
However, your company doesn't currently have a remote
access solution. They want to implement an AAA solution
,3|Page
that supports different vendors. Which of the following is
the BEST choice? - .....ANSWER... ✔✔ RADIUS
Your organization has implemented a system that stores
user credentials in a central database. Users log on once
with their credentials. They can then access other systems
in the organization without logging on again. What does
this describe? - .....ANSWER... ✔✔ Single sign-on
Your organization issues users a variety of different
mobile devices. However, management wants to reduce
potential data losses if the devices are lost or stolen.
Which of the following is the BEST technical control to
achieve this goal? - .....ANSWER... ✔✔ Disk
encryption
Your primary job activities include monitoring security
logs, analyzing trend reports, and installing CCTV
systems. Which of the following choices BEST identifies
your responsibilities? - .....ANSWER... ✔✔ Detecting
security incidents and implementing monitoring controls
A security professional has reported an increase in the
number of tailgating violations into a secure data center.
What can prevent this? - .....ANSWER... ✔✔ Mantrap
, 4|Page
You are redesigning your password policy. You want to
ensure that users change their passwords regularly, but
they are unable to reuse passwords. What settings
should you configure? - .....ANSWER... ✔✔ Maximum
password age, password history, and minimum
password age
An outside security auditor recently completed an in-
depth security audit on your network. One of the issues
he reported was related to passwords. Specifically, he
found the following passwords used on the network:
Pa$$, 1@W2, and G7bT3. What should be changed to
avoid the problem shown with these passwords? -
.....ANSWER... ✔✔ Password length
A recent security audit discovered several apparently
dormant user accounts. Although users could log on to
the accounts, no one had logged on to them for more
than 60 days. You later discovered that these accounts
are for contractors who work approximately one week
every quarter. What is the BEST response to this
situation? - .....ANSWER... ✔✔ Disable the accounts
Your organization routinely hires contractors to assist
with different projects. Administrators are rarely notified
