COMPTIA CERTMASTER: SEC+ FINAL
ASSESSMENT QUESTIONS WITH
CORRECT ANSWERS 2025
An attacker uses a sniffer to gain session cookies a client sends over an unsecured network. What typ
e of attack can the malicious actor now use the session cookies to conduct? - CORRECT ANSWER -
Session hijacking
A company located in the western United States that uses cloud computing relies on redundant syste
ms in adjacent availability zones for data backup and storage. Analyze the configuration and determin
e which level of high availability service the company utilizes. - CORRECT ANSWER -
Regional replication
Systems administrators configure an application suite that uses a collection of single hash functions an
d symmetric ciphers to protect sensitive communication. While the suite uses these security features
collectively, how is each instance recognized? - CORRECT ANSWER -As a cryptographic primitive
An employee that carries a company credit card learns that the card has become compromised. The e
mployee only remembers fueling a company vehicle. Consider the following viable methods and deter
mine which method compromised the card. - CORRECT ANSWER -Card skimming
Which statement correctly differentiates between file transfer protocol (FTP), secure shell file transfer
protocol (SFTP), and file transfer protocol over secure socket layer (FTPS)? - CORRECT ANSWER -
FTP has no encryption. FTPS adds transport layer security (TLS), and SFTP is an entirely different proto
col based on the network protocol SSH (secure shell).
Analyze the factors associated with performing a Business Process Analysis (BPA) and select the state
ment that aligns with the output factors. - CORRECT ANSWER -
The data or resources a function produces
Consider an abstract model of network functions for an infrastructure as code (IaC) implementation a
nd determine which plane describes how traffic is prioritized. - CORRECT ANSWER -Control
A network administrator is preparing a strategy for backing up company data. Which of the following i
s NOT a main backup type? - CORRECT ANSWER -Discretionary
, Compare and evaluate the main components in an Extensible Authentication Protocol (EAP). Which sc
enarios accurately differentiate between these components? (Select all that apply.) -
CORRECT ANSWER -
B. An authenticator establishes a channel for the supplicant and the authentication server to exchang
e credentials using EAP.
C. A supplicant requests authentication and the authentication server performs the authentication.
When a company first installed its computer infrastructure, IT implemented robust security controls. A
s the equipment ages, however, those controls no longer effectively mitigate new risks. Which statem
ent best summarizes the company's risk posture? - CORRECT ANSWER -
The company's aging infrastructure constitutes a control risk.
A junior engineer suspects there is a breached system based on an alert received from a software mo
nitor. The use of the alert provides which information to the engineer? - CORRECT ANSWER -IoC
A company deploys an active defense strategy designed to detect insider malpractice. To record the m
alicious insider's actions, the security team creates a convincing, yet fake, data file with a tracker that
records any data exfiltration attempts. Analyze the security tool and determine what method the secu
rity team employed. - CORRECT ANSWER -Honeyfile
Identify the type of attack where malware forces a legitimate process to load a malicious link library. -
CORRECT ANSWER -DLL injection
While preparing a disaster recovery plan, management at a company considers how far back it can all
ow for the loss of data. Which metric does management use to describe this business essential data i
n terms of recovery? - CORRECT ANSWER -Recovery point objective
A technology firm suffers a large-
scale data breach, and the company suspects a disgruntled former IT staff member orchestrated the b
reach to exfiltrate proprietary data. During the forensic investigation, a hard disk was not signed out
when handled. Examine the scenario and determine what issue this oversight is most likely to cause i
n the investigative process. - CORRECT ANSWER -The chain of custody is under question.
ASSESSMENT QUESTIONS WITH
CORRECT ANSWERS 2025
An attacker uses a sniffer to gain session cookies a client sends over an unsecured network. What typ
e of attack can the malicious actor now use the session cookies to conduct? - CORRECT ANSWER -
Session hijacking
A company located in the western United States that uses cloud computing relies on redundant syste
ms in adjacent availability zones for data backup and storage. Analyze the configuration and determin
e which level of high availability service the company utilizes. - CORRECT ANSWER -
Regional replication
Systems administrators configure an application suite that uses a collection of single hash functions an
d symmetric ciphers to protect sensitive communication. While the suite uses these security features
collectively, how is each instance recognized? - CORRECT ANSWER -As a cryptographic primitive
An employee that carries a company credit card learns that the card has become compromised. The e
mployee only remembers fueling a company vehicle. Consider the following viable methods and deter
mine which method compromised the card. - CORRECT ANSWER -Card skimming
Which statement correctly differentiates between file transfer protocol (FTP), secure shell file transfer
protocol (SFTP), and file transfer protocol over secure socket layer (FTPS)? - CORRECT ANSWER -
FTP has no encryption. FTPS adds transport layer security (TLS), and SFTP is an entirely different proto
col based on the network protocol SSH (secure shell).
Analyze the factors associated with performing a Business Process Analysis (BPA) and select the state
ment that aligns with the output factors. - CORRECT ANSWER -
The data or resources a function produces
Consider an abstract model of network functions for an infrastructure as code (IaC) implementation a
nd determine which plane describes how traffic is prioritized. - CORRECT ANSWER -Control
A network administrator is preparing a strategy for backing up company data. Which of the following i
s NOT a main backup type? - CORRECT ANSWER -Discretionary
, Compare and evaluate the main components in an Extensible Authentication Protocol (EAP). Which sc
enarios accurately differentiate between these components? (Select all that apply.) -
CORRECT ANSWER -
B. An authenticator establishes a channel for the supplicant and the authentication server to exchang
e credentials using EAP.
C. A supplicant requests authentication and the authentication server performs the authentication.
When a company first installed its computer infrastructure, IT implemented robust security controls. A
s the equipment ages, however, those controls no longer effectively mitigate new risks. Which statem
ent best summarizes the company's risk posture? - CORRECT ANSWER -
The company's aging infrastructure constitutes a control risk.
A junior engineer suspects there is a breached system based on an alert received from a software mo
nitor. The use of the alert provides which information to the engineer? - CORRECT ANSWER -IoC
A company deploys an active defense strategy designed to detect insider malpractice. To record the m
alicious insider's actions, the security team creates a convincing, yet fake, data file with a tracker that
records any data exfiltration attempts. Analyze the security tool and determine what method the secu
rity team employed. - CORRECT ANSWER -Honeyfile
Identify the type of attack where malware forces a legitimate process to load a malicious link library. -
CORRECT ANSWER -DLL injection
While preparing a disaster recovery plan, management at a company considers how far back it can all
ow for the loss of data. Which metric does management use to describe this business essential data i
n terms of recovery? - CORRECT ANSWER -Recovery point objective
A technology firm suffers a large-
scale data breach, and the company suspects a disgruntled former IT staff member orchestrated the b
reach to exfiltrate proprietary data. During the forensic investigation, a hard disk was not signed out
when handled. Examine the scenario and determine what issue this oversight is most likely to cause i
n the investigative process. - CORRECT ANSWER -The chain of custody is under question.
