COMPTIA CERTMASTER CE SECURITY
DOMAIN 1 GENERAL SECURITY 2026
VERIFIED QUESTIONS AND ANSWERS
ACTUAL UPDATED REAL EXAM QUESTIONS
GRADED A+ 2026/2027 – Verified Q&As
with Detailed Rationales (Test Bank Bundle
- 81 Questions)
---
*QUESTION 1:*
Which of the following is a primary goal of information security?
A) Profit maximization
B) Data integrity
C) User satisfaction
D) Market share
> 🎯 *CORRECT ANSWER:* B) Data integrity
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* CIA triad component.
> * *Why Distractors Fail:* Profit/user/market are business, not security.
> * *Core Takeaway:* Integrity = CIA.
---
,*QUESTION 2:*
What is the primary purpose of a firewall?
A) To detect viruses
B) To filter network traffic
C) To encrypt data
D) To manage passwords
> 🎯 *CORRECT ANSWER:* B) To filter network traffic
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* Controls allowed/blocked traffic.
> * *Why Distractors Fail:* AV detects viruses; encryption is VPN; passwords are IAM.
> * *Core Takeaway:* Firewall = traffic filter.
---
*QUESTION 3:*
Which attack involves sending unsolicited messages to a large number of recipients?
A) Phishing
B) Spam
C) Spear phishing
D) Whaling
> 🎯 *CORRECT ANSWER:* B) Spam
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* Unsolicited bulk messages.
> * *Why Distractors Fail:* Phishing/spear/whaling are targeted scams.
> * *Core Takeaway:* Spam = bulk unsolicited.
,---
*QUESTION 4:*
The process of verifying a user's identity is called:
A) Authorization
B) Authentication
C) Accounting
D) Auditing
> 🎯 *CORRECT ANSWER:* B) Authentication
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* Proves identity.
> * *Why Distractors Fail:* Authorization grants access; accounting tracks; auditing reviews.
> * *Core Takeaway:* Authentication = identity proof.
---
*QUESTION 5:*
What is a common form of biometric authentication?
A) Password
B) Smart card
C) Fingerprint scan
D) Security question
> 🎯 *CORRECT ANSWER:* C) Fingerprint scan
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* Physical characteristic.
> * *Why Distractors Fail:* Password/SQ are knowledge; smart card is possession.
> * *Core Takeaway:* Biometric = fingerprint.
, ---
*QUESTION 6:*
Which of the following best describes a man-in-the-middle attack?
A) Intercepting communication between two parties
B) Overwhelming a server with traffic
C) Stealing a user's password
D) Installing malware on a system
> 🎯 *CORRECT ANSWER:* A) Intercepting communication between two parties
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* Eavesdropping.
> * *Why Distractors Fail:* DoS overloads; password theft is credential; malware is malicious code.
> * *Core Takeaway:* MITM = interception.
---
*QUESTION 7:*
What is the primary purpose of hashing?
A) To encrypt data
B) To ensure data integrity
C) To authenticate a user
D) To compress files
> 🎯 *CORRECT ANSWER:* B) To ensure data integrity
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* One-way function for verification.
> * *Why Distractors Fail:* Encryption is confidentiality; authentication is identity; compression is size.
DOMAIN 1 GENERAL SECURITY 2026
VERIFIED QUESTIONS AND ANSWERS
ACTUAL UPDATED REAL EXAM QUESTIONS
GRADED A+ 2026/2027 – Verified Q&As
with Detailed Rationales (Test Bank Bundle
- 81 Questions)
---
*QUESTION 1:*
Which of the following is a primary goal of information security?
A) Profit maximization
B) Data integrity
C) User satisfaction
D) Market share
> 🎯 *CORRECT ANSWER:* B) Data integrity
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* CIA triad component.
> * *Why Distractors Fail:* Profit/user/market are business, not security.
> * *Core Takeaway:* Integrity = CIA.
---
,*QUESTION 2:*
What is the primary purpose of a firewall?
A) To detect viruses
B) To filter network traffic
C) To encrypt data
D) To manage passwords
> 🎯 *CORRECT ANSWER:* B) To filter network traffic
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* Controls allowed/blocked traffic.
> * *Why Distractors Fail:* AV detects viruses; encryption is VPN; passwords are IAM.
> * *Core Takeaway:* Firewall = traffic filter.
---
*QUESTION 3:*
Which attack involves sending unsolicited messages to a large number of recipients?
A) Phishing
B) Spam
C) Spear phishing
D) Whaling
> 🎯 *CORRECT ANSWER:* B) Spam
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* Unsolicited bulk messages.
> * *Why Distractors Fail:* Phishing/spear/whaling are targeted scams.
> * *Core Takeaway:* Spam = bulk unsolicited.
,---
*QUESTION 4:*
The process of verifying a user's identity is called:
A) Authorization
B) Authentication
C) Accounting
D) Auditing
> 🎯 *CORRECT ANSWER:* B) Authentication
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* Proves identity.
> * *Why Distractors Fail:* Authorization grants access; accounting tracks; auditing reviews.
> * *Core Takeaway:* Authentication = identity proof.
---
*QUESTION 5:*
What is a common form of biometric authentication?
A) Password
B) Smart card
C) Fingerprint scan
D) Security question
> 🎯 *CORRECT ANSWER:* C) Fingerprint scan
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* Physical characteristic.
> * *Why Distractors Fail:* Password/SQ are knowledge; smart card is possession.
> * *Core Takeaway:* Biometric = fingerprint.
, ---
*QUESTION 6:*
Which of the following best describes a man-in-the-middle attack?
A) Intercepting communication between two parties
B) Overwhelming a server with traffic
C) Stealing a user's password
D) Installing malware on a system
> 🎯 *CORRECT ANSWER:* A) Intercepting communication between two parties
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* Eavesdropping.
> * *Why Distractors Fail:* DoS overloads; password theft is credential; malware is malicious code.
> * *Core Takeaway:* MITM = interception.
---
*QUESTION 7:*
What is the primary purpose of hashing?
A) To encrypt data
B) To ensure data integrity
C) To authenticate a user
D) To compress files
> 🎯 *CORRECT ANSWER:* B) To ensure data integrity
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* One-way function for verification.
> * *Why Distractors Fail:* Encryption is confidentiality; authentication is identity; compression is size.