CompTIA Security+ 2021 v1.0
Question 1
Which of the following would detect intrusions at the perimeter of an airport?
- A. Signage
- B. Fencing
- C. Motion sensors
- D. Lighting
- E. Bollards
Answer : E
Question 2
A security analyst is concerned about critical vulnerabilities that have been detected on some applications running inside containers. Which of the following is the
BEST remediation strategy?
- A. Update the base container Image and redeploy the environment.
- B. Include the containers in the regular patching schedule for servers.
- C. Patch each running container individually and test the application.
- D. Update the host in which the containers are running.
Answer : B
Question 3
An organization has decided to purchase an insurance policy because a risk assessment determined that the cost to remediate the risk is greater than the five- year cost of the insurance policy. The organization is enabling risk:
- A. avoidance.
- B. acceptance.
- C. mitigation.
- D. transference.
Answer : D
Question 4
A security analyst receives an alert from the company's SIEM that anomalous activity is coming from a local source IP address of 192.168.34.26. The Chief
Information Security Officer asks the analyst to block the originating source. Several days later, another employee opens an internal ticket stating that vulnerability scans are no longer being performed properly. The IP address the employee provides is 192.168.34.26. Which of the following describes this type of alert?
- A. True negative
- B. True positive
- C. False positive
- D. False negative
Answer : A
Question 5
A security analyst wants to reference a standard to develop a risk management program. Which of the following is the BEST source for the analyst to use?
- A. SSAE SOC 2
- B. ISO 31000
- C. NIST CSF
- D. GDPR
Answer : C
Question 6
The Chief Information Security Officer (CISO) requested a report on potential areas of improvement following a security incident. Which of the following incident response processes is the CISO requesting?
- A. Lessons learned
- B. Preparation
- C. Detection
- D. Containment
- E. Root cause analysis
Answer : A
Question 7
A company is providing security awareness training regarding the importance of not forwarding social media messages from unverified sources. Which of the following risks would this training help to prevent?
- A. Hoaxes
- B. SPIMs
- C. Identity fraud
- D. Credential harvesting
Answer : A
Question 8
A security analyst is receiving numerous alerts reporting that the response time of an internet-facing application has been degraded. However, the internal network performance was not degraded. Which of the following MOST likely explains this behavior?
- A. DNS poisoning
- B. MAC flooding
- C. DDoS attack
- D. ARP poisoning
Answer : C
Question 9
Which of the following will increase cryptographic security?
- A. High data entropy
- B. Algorithms that require less computing power
- C. Longer key longevity
- D. Hashing
Answer : A
Question 10
Which of the following statements BEST describes zero-day exploits?
- A. When a zero-day exploit is discovered, the system cannot be protected by any means.
- B. Zero-day exploits have their own scoring category in CVSS.
- C. A zero-day exploit is initially undetectable, and no patch for it exists.
- D. Discovering zero-day exploits is always performed via bug bounty programs.
Answer : C
Question 11
A company wants to restrict emailing of PHI documents. The company is implementing a DLP solution. In order to restrict PHI documents, which of the following should be performed FIRST?
- A. Retention
- B. Governance
- C. Classification
- D. Change management
Answer : C
Question 12
A security analyst is investigating some users who are being redirected to a fake website that resembles www.comptia.org. The following output was found on the naming server of the organization:
Which of the following attacks has taken place?
- A. Domain reputation
- B. Domain hijacking
- C. Disassociation
- D. DNS poisoning
Answer : B
Question 13
Which of the following describes the continuous delivery software development methodology?
- A. Waterfall
- B. Spiral
- C. V-shaped
- D. Agile
Answer : D
Question 14
Which of the following is the BEST example of a cost-effective physical control to enforce a USB removable media restriction policy?
- A. Putting security/antitamper tape over USB ports, logging the port numbers, and regularly inspecting the ports
- B. Implementing a GPO that will restrict access to authorized USB removable media and regularly verifying that it is enforced
- C. Placing systems into locked, key-controlled containers with no access to the USB ports
- D. Installing an endpoint agent to detect connectivity of USB and removable media
Answer : B
Question 15
A company suspects that some corporate accounts were compromised. The number of suspicious logins from locations not recognized by the users is increasing.
Employees who travel need their accounts protected without the risk of blocking legitimate login requests that may be made over new sign-in properties. Which of the following security controls can be implemented?
- A. Enforce MFA when an account request reaches a risk threshold.
- B. Implement geofencing to only allow access from headquarters.
- C. Enforce time-based login requests that align with business hours.
- D. Shift the access control scheme to a discretionary access control.
Answer : A