CompTIA Certmaster CE Security+ Domain 1.0 General Security
Concepts Assessment Questions and Answers Rated A
In a cybersecurity operation where downtime is
critical to its mission, a cybersecurity analyst A corporation's IT department is integrating a
incorporates allowlists and denylists restrictions. new framework that permits, ascertains, and
The objective is to guarantee high availability applies various resources in accordance with
(HA) and safeguard against potential security established company policies. Which principle
threats. How would a cybersecurity analyst utilize should the department incorporate? -
these lists in this scenario? (Select the two best ANSWER -A. Policy-driven access control
options.) - ANSWER -A. Allowlists can
specify approved software, hardware, and
change types that are essential for the The organization is implementing a significant
operation's functioning. software upgrade that necessitates application
D. Denylists can block unauthorized software, restarts. How can the cybersecurity analyst
hardware, and change types that pose high risk ensure a smooth transition without causing
to the operation's availability and security. extended downtime? - ANSWER -B.
Schedule the upgrade during nonworking hours
to reduce the impact on users.
How can a cybersecurity analyst effectively
utilize version control to maintain a historical
record of changes and ensure security in the A security analyst wants to ensure that the
organization's IT systems and applications? - privileges granted to an individual align with the
ANSWER -C. Use version control to track role within the organization. What is the primary
changes in network diagrams and configuration tool that the analyst should implement? -
files. ANSWER -(C. Authenticating systems
incorrect)
A malicious actor initiates an attack on a
software organization, believing it to have A user in a company wants a new USB flash
successfully acquired sensitive data. drive. Rather than requesting one through the
Unbeknownst to the attacker, the organization proper channel, the user obtains one from one of
has deceived the attacker by intentionally the company's storage closets. Upon
providing fake sensitive information and has now approaching the closet door, the user notices a
captured the attacker's tactics and tools. What warning sign indicating cameras are in use. What
deception technology did the organization deploy is the control objective of the observed sign? -
to capture the attacker's techniques and tools? - ANSWER -C. Deterrent
ANSWER -D. Honeyfile
A cybersecurity analyst implements security
A cyber technician reduces a computer's attack measures for a financial institution's
surface by installing a cryptoprocessor that a infrastructure. The analyst explores different
plug-in peripheral component interconnect technologies to enhance security and must select
express (PCIe) adaptor card can remove. What the appropriate technology to strengthen security
type of cryptoprocessor can support this within the organization's infrastructure. Which
requirement? - ANSWER -B. Hardware technology should the cybersecurity analyst
Security Module (HSM) choose to enhance security for executing
sensitive operations and protecting critical data in
1/3
Concepts Assessment Questions and Answers Rated A
In a cybersecurity operation where downtime is
critical to its mission, a cybersecurity analyst A corporation's IT department is integrating a
incorporates allowlists and denylists restrictions. new framework that permits, ascertains, and
The objective is to guarantee high availability applies various resources in accordance with
(HA) and safeguard against potential security established company policies. Which principle
threats. How would a cybersecurity analyst utilize should the department incorporate? -
these lists in this scenario? (Select the two best ANSWER -A. Policy-driven access control
options.) - ANSWER -A. Allowlists can
specify approved software, hardware, and
change types that are essential for the The organization is implementing a significant
operation's functioning. software upgrade that necessitates application
D. Denylists can block unauthorized software, restarts. How can the cybersecurity analyst
hardware, and change types that pose high risk ensure a smooth transition without causing
to the operation's availability and security. extended downtime? - ANSWER -B.
Schedule the upgrade during nonworking hours
to reduce the impact on users.
How can a cybersecurity analyst effectively
utilize version control to maintain a historical
record of changes and ensure security in the A security analyst wants to ensure that the
organization's IT systems and applications? - privileges granted to an individual align with the
ANSWER -C. Use version control to track role within the organization. What is the primary
changes in network diagrams and configuration tool that the analyst should implement? -
files. ANSWER -(C. Authenticating systems
incorrect)
A malicious actor initiates an attack on a
software organization, believing it to have A user in a company wants a new USB flash
successfully acquired sensitive data. drive. Rather than requesting one through the
Unbeknownst to the attacker, the organization proper channel, the user obtains one from one of
has deceived the attacker by intentionally the company's storage closets. Upon
providing fake sensitive information and has now approaching the closet door, the user notices a
captured the attacker's tactics and tools. What warning sign indicating cameras are in use. What
deception technology did the organization deploy is the control objective of the observed sign? -
to capture the attacker's techniques and tools? - ANSWER -C. Deterrent
ANSWER -D. Honeyfile
A cybersecurity analyst implements security
A cyber technician reduces a computer's attack measures for a financial institution's
surface by installing a cryptoprocessor that a infrastructure. The analyst explores different
plug-in peripheral component interconnect technologies to enhance security and must select
express (PCIe) adaptor card can remove. What the appropriate technology to strengthen security
type of cryptoprocessor can support this within the organization's infrastructure. Which
requirement? - ANSWER -B. Hardware technology should the cybersecurity analyst
Security Module (HSM) choose to enhance security for executing
sensitive operations and protecting critical data in
1/3
