Comptia Certmaster CE Security+
Domain 4.0 Security Operations
Assessment Questions And Answers
With Verified Solutions 100% Correct!!!
An organization needs to implement web filtering to bolster its security. The goal
is to ensure consistent policy enforcement for both in-office and remote workers.
Which of the following web filtering methods BEST meets this requirement?
A. Utilizing a centralized proxy server
B. Deploying agent-based web filtering
C. Implementing manual URL blocking
D. Relying solely on reputation-based filtering - ANSWER✔✔ B. Deploying
agent-based web filtering
A software technician delivers a presentation on the capabilities associated with
centralizing web filtering. When exploring techniques tied to centralized proxy
service employment to protect traffic, what classifies websites into various
groupings, such as social networking, webmail, or gambling sites?
A. Content categorization
B. URL scanning
C. Block rules
D. Reputation-based filtering - ANSWER✔✔ A. Content categorization
,A digital forensic analyst at a healthcare company investigates a case involving a
recent data breach. In evaluating the available data sources to assist in the
investigation, what application protocol and event-logging format enables different
appliances and software applications to transmit logs or event records to a central
server?
A. Dashboard
B. Endpoint log
C. Application Log
D. Syslog - ANSWER✔✔ D. Syslog
A tech company is in the process of decommissioning a fleet of old servers. It
wants to ensure that sensitive data stored on these servers is fully eliminated and is
not accessible in the event of unauthorized attempts. What primary process should
the company implement before disposing or repurposing these servers?
A. Moving the servers to a secure storage location
B. Deleting all the files on the servers
C. Sanitizing the servers
D. Selling the servers immediately - ANSWER✔✔ C. Sanitizing the servers
During the process of merging two companies, the integrated security team is
tasked with consolidating their approaches to managing cybersecurity incidents.
Which comprehensive document should be developed to outline the overall
strategy and procedures for incident response, encompassing preparation,
,identification, containment, eradication, recovery, communication protocols, and
contacts and resources for responders?
A. Playbook
B. Communication plan
C. Incident response plan
D. Incident response lifecycle - ANSWER✔✔ C. Incident response plan
A forensic analyst at an international law enforcement agency investigates a
sophisticated cyber-espionage case. The analyst must uncover the timeline of
document interactions, detect concealed or system-protected files, interpret
categories of digital events, and trace digital breadcrumbs left behind during media
uploads on social platforms. What combination of data sources would provide the
MOST comprehensive information for this multifaceted investigation?
A. File metadata and event logs
B. Network transaction logs and gateway security logs
C. File metadata with extended attributes and network transaction logs
D. Event logs and gateway security logs - ANSWER✔✔ C. File metadata with
extended attributes and network transaction logs
An organization has implemented a Bring Your Own Device (BYOD) policy,
allowing employees to use their personal mobile devices for work-related tasks.
Aware of the varying legal ramifications and privacy concerns across different
jurisdictions related to controlling personal devices, the organization seeks to
enhance the security of these devices within the constraints of these legal and
, privacy issues. Considering this context, which of the following measures would
be the MOST effective way to navigate these complexities while striving to secure
employees' mobile devices under the BYOD policy?
A. Restricting all access to company resources from mobile devices
B. Providing employees with company-owned mobile devices
C. Using MDM solutions to centrally control employees' mobile devices
D. Enforcing complex passwords for all employee mobile devices - ANSWER✔✔
C. Using MDM solutions to centrally control employees' mobile devices
A large multinational company uses a cloud-based document storage system. The
system provides access to documents by considering a combination of factors: the
user's department, geographic location, the document's sensitivity level, and the
current date and time. For example, only the finance department of a specific
region can access its financial reports, and they can do so only during business
hours. Which access control model does the company MOST likely use to manage
this complex access control?
A. Discretionary access control
B. Rule-based access controls
C. Attribute-based access control
D. Role-based access control - ANSWER✔✔ C. Attribute-based access control
What type of log file is application-managed rather than through an operating
system and may use Event Viewer or syslog to write event data in a standard
format?
Domain 4.0 Security Operations
Assessment Questions And Answers
With Verified Solutions 100% Correct!!!
An organization needs to implement web filtering to bolster its security. The goal
is to ensure consistent policy enforcement for both in-office and remote workers.
Which of the following web filtering methods BEST meets this requirement?
A. Utilizing a centralized proxy server
B. Deploying agent-based web filtering
C. Implementing manual URL blocking
D. Relying solely on reputation-based filtering - ANSWER✔✔ B. Deploying
agent-based web filtering
A software technician delivers a presentation on the capabilities associated with
centralizing web filtering. When exploring techniques tied to centralized proxy
service employment to protect traffic, what classifies websites into various
groupings, such as social networking, webmail, or gambling sites?
A. Content categorization
B. URL scanning
C. Block rules
D. Reputation-based filtering - ANSWER✔✔ A. Content categorization
,A digital forensic analyst at a healthcare company investigates a case involving a
recent data breach. In evaluating the available data sources to assist in the
investigation, what application protocol and event-logging format enables different
appliances and software applications to transmit logs or event records to a central
server?
A. Dashboard
B. Endpoint log
C. Application Log
D. Syslog - ANSWER✔✔ D. Syslog
A tech company is in the process of decommissioning a fleet of old servers. It
wants to ensure that sensitive data stored on these servers is fully eliminated and is
not accessible in the event of unauthorized attempts. What primary process should
the company implement before disposing or repurposing these servers?
A. Moving the servers to a secure storage location
B. Deleting all the files on the servers
C. Sanitizing the servers
D. Selling the servers immediately - ANSWER✔✔ C. Sanitizing the servers
During the process of merging two companies, the integrated security team is
tasked with consolidating their approaches to managing cybersecurity incidents.
Which comprehensive document should be developed to outline the overall
strategy and procedures for incident response, encompassing preparation,
,identification, containment, eradication, recovery, communication protocols, and
contacts and resources for responders?
A. Playbook
B. Communication plan
C. Incident response plan
D. Incident response lifecycle - ANSWER✔✔ C. Incident response plan
A forensic analyst at an international law enforcement agency investigates a
sophisticated cyber-espionage case. The analyst must uncover the timeline of
document interactions, detect concealed or system-protected files, interpret
categories of digital events, and trace digital breadcrumbs left behind during media
uploads on social platforms. What combination of data sources would provide the
MOST comprehensive information for this multifaceted investigation?
A. File metadata and event logs
B. Network transaction logs and gateway security logs
C. File metadata with extended attributes and network transaction logs
D. Event logs and gateway security logs - ANSWER✔✔ C. File metadata with
extended attributes and network transaction logs
An organization has implemented a Bring Your Own Device (BYOD) policy,
allowing employees to use their personal mobile devices for work-related tasks.
Aware of the varying legal ramifications and privacy concerns across different
jurisdictions related to controlling personal devices, the organization seeks to
enhance the security of these devices within the constraints of these legal and
, privacy issues. Considering this context, which of the following measures would
be the MOST effective way to navigate these complexities while striving to secure
employees' mobile devices under the BYOD policy?
A. Restricting all access to company resources from mobile devices
B. Providing employees with company-owned mobile devices
C. Using MDM solutions to centrally control employees' mobile devices
D. Enforcing complex passwords for all employee mobile devices - ANSWER✔✔
C. Using MDM solutions to centrally control employees' mobile devices
A large multinational company uses a cloud-based document storage system. The
system provides access to documents by considering a combination of factors: the
user's department, geographic location, the document's sensitivity level, and the
current date and time. For example, only the finance department of a specific
region can access its financial reports, and they can do so only during business
hours. Which access control model does the company MOST likely use to manage
this complex access control?
A. Discretionary access control
B. Rule-based access controls
C. Attribute-based access control
D. Role-based access control - ANSWER✔✔ C. Attribute-based access control
What type of log file is application-managed rather than through an operating
system and may use Event Viewer or syslog to write event data in a standard
format?
