CompTIA CertMaster CE Security+ Domain
1.0 General Security Concepts assessment
with clear explanations
In a cybersecurity operation where downtime is critical to its mission, a cybersecurity analyst
incorporates allowlists and denylists restrictions. The objective is to guarantee high availability (HA)
and safeguard against potential security threats. How would a cybersecurity analyst utilize these
lists in this scenario? (Select the two best options.)
Allowlists can specify approved software, hardware, and change types that are essential for
the operation's functioning.
D. Denylists can block unauthorized software, hardware, and change types that pose high risk to the
operation's availability and security.
How can a cybersecurity analyst effectively utilize version control to maintain a historical record of
changes and ensure security in the organization's IT systems and applications?
C. Use version control to track changes in network diagrams and configuration files.
A malicious actor initiates an attack on a software organization, believing it to have successfully
acquired sensitive data. Unbeknownst to the attacker, the organization has deceived the attacker by
intentionally providing fake sensitive information and has now captured the attacker's tactics and
tools. What deception technology did the organization deploy to capture the attacker's techniques
and tools?
D. Honeyfile
A cyber technician reduces a computer's attack surface by installing a cryptoprocessor that a plug-in
peripheral component interconnect express (PCIe) adaptor card can remove. What type of
cryptoprocessor can support this requirement?
B. Hardware Security Module (HSM)
, A corporation's IT department is integrating a new framework that permits, ascertains, and applies
various resources in accordance with established company policies. Which principle should the
department incorporate?
Policy-driven access control
The organization is implementing a significant software upgrade that necessitates application
restarts. How can the cybersecurity analyst ensure a smooth transition without causing extended
downtime?
B. Schedule the upgrade during nonworking hours to reduce the impact on users.
A security analyst wants to ensure that the privileges granted to an individual align with the role
within the organization. What is the primary tool that the analyst should implement?
(C. Authenticating systems incorrect)
A user in a company wants a new USB flash drive. Rather than requesting one through the proper
channel, the user obtains one from one of the company's storage closets. Upon approaching the
closet door, the user notices a warning sign indicating cameras are in use. What is the control
objective of the observed sign?
C. Deterrent
A cybersecurity analyst implements security measures for a financial institution's infrastructure. The
analyst explores different technologies to enhance security and must select the appropriate
technology to strengthen security within the organization's infrastructure. Which technology should
the cybersecurity analyst choose to enhance security for executing sensitive operations and
protecting critical data in the financial institution's infrastructure?
Secure enclave
1.0 General Security Concepts assessment
with clear explanations
In a cybersecurity operation where downtime is critical to its mission, a cybersecurity analyst
incorporates allowlists and denylists restrictions. The objective is to guarantee high availability (HA)
and safeguard against potential security threats. How would a cybersecurity analyst utilize these
lists in this scenario? (Select the two best options.)
Allowlists can specify approved software, hardware, and change types that are essential for
the operation's functioning.
D. Denylists can block unauthorized software, hardware, and change types that pose high risk to the
operation's availability and security.
How can a cybersecurity analyst effectively utilize version control to maintain a historical record of
changes and ensure security in the organization's IT systems and applications?
C. Use version control to track changes in network diagrams and configuration files.
A malicious actor initiates an attack on a software organization, believing it to have successfully
acquired sensitive data. Unbeknownst to the attacker, the organization has deceived the attacker by
intentionally providing fake sensitive information and has now captured the attacker's tactics and
tools. What deception technology did the organization deploy to capture the attacker's techniques
and tools?
D. Honeyfile
A cyber technician reduces a computer's attack surface by installing a cryptoprocessor that a plug-in
peripheral component interconnect express (PCIe) adaptor card can remove. What type of
cryptoprocessor can support this requirement?
B. Hardware Security Module (HSM)
, A corporation's IT department is integrating a new framework that permits, ascertains, and applies
various resources in accordance with established company policies. Which principle should the
department incorporate?
Policy-driven access control
The organization is implementing a significant software upgrade that necessitates application
restarts. How can the cybersecurity analyst ensure a smooth transition without causing extended
downtime?
B. Schedule the upgrade during nonworking hours to reduce the impact on users.
A security analyst wants to ensure that the privileges granted to an individual align with the role
within the organization. What is the primary tool that the analyst should implement?
(C. Authenticating systems incorrect)
A user in a company wants a new USB flash drive. Rather than requesting one through the proper
channel, the user obtains one from one of the company's storage closets. Upon approaching the
closet door, the user notices a warning sign indicating cameras are in use. What is the control
objective of the observed sign?
C. Deterrent
A cybersecurity analyst implements security measures for a financial institution's infrastructure. The
analyst explores different technologies to enhance security and must select the appropriate
technology to strengthen security within the organization's infrastructure. Which technology should
the cybersecurity analyst choose to enhance security for executing sensitive operations and
protecting critical data in the financial institution's infrastructure?
Secure enclave
