CompTIA CertMaster CE Security Exam and
Knowledge Assessment and Continuing Education
Resource for IT Security Professionals| INSTANT PDF
DOWNLOAD
Question 1:
Which of the following best describes the principle of least privilege?
A) Users should have access to all systems at all times.
B) Users are given only the access necessary to perform their job functions.
C) Administrators must always review all system logs.
D) Users should change passwords every 90 days.
Answer: B
Rationale:
The principle of least privilege ensures that users only have the minimum level of
access necessary to perform their tasks, reducing the risk of accidental or
malicious misuse of resources.
Question 2:
A security analyst notices unusual outbound traffic from an internal server to an
external IP. Which of the following is the most likely cause?
A) Normal system updates
B) Malware or data exfiltration
C) Scheduled backup
D) VPN connectivity
Answer: B
Rationale:
Unusual outbound traffic is often a sign of malware attempting to exfiltrate data
or communicate with a command-and-control server. Analysts should investigate
unusual traffic patterns immediately.
,Question 3:
Which of the following is a primary goal of a firewall?
A) Encrypt all internal network traffic
B) Monitor system hardware health
C) Control incoming and outgoing network traffic based on predefined rules
D) Perform vulnerability scanning on endpoints
Answer: C
Rationale:
A firewall is a network security device designed to filter traffic based on security
rules, controlling what enters or leaves a network.
Question 4:
Which type of attack involves an attacker intercepting communication between
two parties to read or modify the messages?
A) Phishing
B) Man-in-the-Middle (MITM)
C) SQL Injection
D) Denial of Service
Answer: B
Rationale:
A MITM attack occurs when an attacker secretly intercepts or alters
communication between two parties without their knowledge, often to steal data
or credentials.
Question 5:
Which of the following is considered multi-factor authentication (MFA)?
A) Password only
B) Password and fingerprint scan
C) Security question only
D) Username only
,Answer: B
Rationale:
MFA requires two or more independent credentials: something you know
(password), something you have (token), or something you are (biometric),
enhancing account security.
Question 6:
Which of the following is a common indicator of a phishing email?
A) Email from a known internal contact
B) Request to verify account information through a suspicious link
C) Properly spelled company domain name
D) Signed by the company’s CEO in a standard email signature
Answer: B
Rationale:
Phishing emails often include urgent requests to click links or provide personal
information. Users should verify the sender and avoid clicking suspicious links.
Question 7:
A company wants to ensure that sensitive files are not readable if stolen. Which
security control should they implement?
A) Data encryption
B) Antivirus software
C) Firewall
D) Network segmentation
Answer: A
Rationale:
Encryption converts data into a form that is unreadable without the correct
decryption key, protecting sensitive information from unauthorized access even if
the files are stolen.
, Question 8:
Which of the following is a type of social engineering attack?
A) SQL Injection
B) Brute-force attack
C) Tailgating
D) DDoS attack
Answer: C
Rationale:
Tailgating occurs when an attacker gains physical access to a secured area by
following someone with authorized access. Social engineering exploits human
behavior rather than technical vulnerabilities.
Question 9:
Which security principle ensures that users cannot deny having performed an
action?
A) Confidentiality
B) Integrity
C) Availability
D) Non-repudiation
Answer: D
Rationale:
Non-repudiation provides proof of the origin of data or actions, ensuring that
users cannot deny their involvement, often implemented through digital
signatures or logging.
Question 10:
Which of the following best describes a zero-day vulnerability?
A) A known vulnerability with a published patch
B) A vulnerability that has been exploited publicly before a patch is available
C) A vulnerability that has been mitigated with antivirus software
D) A vulnerability in an outdated operating system only
Knowledge Assessment and Continuing Education
Resource for IT Security Professionals| INSTANT PDF
DOWNLOAD
Question 1:
Which of the following best describes the principle of least privilege?
A) Users should have access to all systems at all times.
B) Users are given only the access necessary to perform their job functions.
C) Administrators must always review all system logs.
D) Users should change passwords every 90 days.
Answer: B
Rationale:
The principle of least privilege ensures that users only have the minimum level of
access necessary to perform their tasks, reducing the risk of accidental or
malicious misuse of resources.
Question 2:
A security analyst notices unusual outbound traffic from an internal server to an
external IP. Which of the following is the most likely cause?
A) Normal system updates
B) Malware or data exfiltration
C) Scheduled backup
D) VPN connectivity
Answer: B
Rationale:
Unusual outbound traffic is often a sign of malware attempting to exfiltrate data
or communicate with a command-and-control server. Analysts should investigate
unusual traffic patterns immediately.
,Question 3:
Which of the following is a primary goal of a firewall?
A) Encrypt all internal network traffic
B) Monitor system hardware health
C) Control incoming and outgoing network traffic based on predefined rules
D) Perform vulnerability scanning on endpoints
Answer: C
Rationale:
A firewall is a network security device designed to filter traffic based on security
rules, controlling what enters or leaves a network.
Question 4:
Which type of attack involves an attacker intercepting communication between
two parties to read or modify the messages?
A) Phishing
B) Man-in-the-Middle (MITM)
C) SQL Injection
D) Denial of Service
Answer: B
Rationale:
A MITM attack occurs when an attacker secretly intercepts or alters
communication between two parties without their knowledge, often to steal data
or credentials.
Question 5:
Which of the following is considered multi-factor authentication (MFA)?
A) Password only
B) Password and fingerprint scan
C) Security question only
D) Username only
,Answer: B
Rationale:
MFA requires two or more independent credentials: something you know
(password), something you have (token), or something you are (biometric),
enhancing account security.
Question 6:
Which of the following is a common indicator of a phishing email?
A) Email from a known internal contact
B) Request to verify account information through a suspicious link
C) Properly spelled company domain name
D) Signed by the company’s CEO in a standard email signature
Answer: B
Rationale:
Phishing emails often include urgent requests to click links or provide personal
information. Users should verify the sender and avoid clicking suspicious links.
Question 7:
A company wants to ensure that sensitive files are not readable if stolen. Which
security control should they implement?
A) Data encryption
B) Antivirus software
C) Firewall
D) Network segmentation
Answer: A
Rationale:
Encryption converts data into a form that is unreadable without the correct
decryption key, protecting sensitive information from unauthorized access even if
the files are stolen.
, Question 8:
Which of the following is a type of social engineering attack?
A) SQL Injection
B) Brute-force attack
C) Tailgating
D) DDoS attack
Answer: C
Rationale:
Tailgating occurs when an attacker gains physical access to a secured area by
following someone with authorized access. Social engineering exploits human
behavior rather than technical vulnerabilities.
Question 9:
Which security principle ensures that users cannot deny having performed an
action?
A) Confidentiality
B) Integrity
C) Availability
D) Non-repudiation
Answer: D
Rationale:
Non-repudiation provides proof of the origin of data or actions, ensuring that
users cannot deny their involvement, often implemented through digital
signatures or logging.
Question 10:
Which of the following best describes a zero-day vulnerability?
A) A known vulnerability with a published patch
B) A vulnerability that has been exploited publicly before a patch is available
C) A vulnerability that has been mitigated with antivirus software
D) A vulnerability in an outdated operating system only
