Jason Dion CompTIA Security+ (SYO-701) #1

After the IT department proposed a new software update, Kevin, a system analyst, evaluates the potential effects of this change on system performance, user experience, and business processes. Which term BEST describes Kevin's evaluation?
A. Impact Analysis
B. Approval process
C. Backout plan
D. Version control

A. Impact Analysis

Trust Us is a company that acts as a trusted entity. They issue and manage security credentials and issue digital signature wrappers for public keys for message encryption. What type of company is Trust Us?
A. Root of Trust
B. Registration Authority
C. Blockchain
D. Certificate Authority

D. Certificate Authority

Sweet as Thyme, a flavoring supplier, uses a peer to peer network which relies on a public ledger to ensure the integrity of transactions and to provide a permanent record of all transactions. What is this technology they are using called?
A. Blockchain
B. Digital Signatures
C. Key Stretching
D. Salting

A. Blockchain

Which of the following BEST describes a system that allocates permissions and access based on pre-defined organizational guidelines, strategies, codes, roles, or requirements?
A. Least privilege
B. Role-based access control
C. Policy-driven access control
D. Implicit deny

C. Policy-driven access control

Dion Training wants to increase the trustworthiness of its website for its clients. They are seeking a certificate that is signed and verified by a recognized external authority. What type of certificate should they pursue?
A. CSR
B. Self-signed certificate
C. Third-party certificate
D. Wildcard certificate

C. Third-party certificate

Which type of symmetric encryption is BEST suited for scenarios where the total length of the message is not predetermined and encrypts data one byte or bit at a time?
A. Initialization vector (IV)
B. Block cipher
C. Stream cipher
D. AES256

C. Stream cipher

Reason and Rhyme, a tutoring service, has increased the security of its customers' passwords. They have always converted passwords to fixed length sequences, but now they will do this process more than once to increase the amount of computing power and time it will take for an attacker to decode the password. What is this method known as?
A. Digital Signatures
B. Salting
C. Hashing
D. Key Stretching

D. Key Stretching

In the process of deploying a new software application within Kelly Innovations LLC, the IT team identified that a certain module wouldn't function unless another software was already installed. Which of the following BEST describes this situation?
A. Allowing unrestricted user access.
B. Running a legacy application.
C. Facing a compatibility issue.
D. Encountering a software dependency.

D. Encountering a software dependency.

In the Zero Trust model, which of the following components focuses on making decisions about who can access what resources based on policies, identity verification, and threat analysis?
A. Implicit trust zones
B. Control Plane
C. Data Plane
D. Policy-driven access control

B. Control Plane

What part of PKI allows the storing of encrypted keys with a third party so keys can be recovered if they are lost?
A. Key exchange
B. Key escrow
C. Public key infrastructure
D. Key generation

B. Key escrow

While browsing the company portal of Dion Training Solutions, Tina, an employee, attempted to access a link to a third-party site she frequently uses for market research. Instead of reaching the site, she received a message stating that access to this URL was denied due to policy violations. Which of the following terms BEST describes the action experienced by Tina?
A. Blocked content
B. Content filtering
C. Firewall rejection
D. Malicious URL

A. Blocked content

Which of the following motivations is common among Hacktivists?
A. Espionage
B. Service disruption
C. Data exfiltration
D. Political beliefs

D. Political beliefs

While analyzing network traffic at Dion Training Solutions, Carlos, a security analyst, discovered a specific workstation repeatedly sending HTTPS requests to unfamiliar IP addresses. These requests contained encoded data that matched sensitive company information. Carlos also noted the workstation downloading unknown executables from various domains. Which of the following terms BEST describes the primary malicious activity of extracting sensitive information that Carlos detected?
A. C2 Communication
B. Data Exfiltration
C. Malware Propagation
D. Network Reconnaissance

B. Data Exfiltration

Enrique was validating the integrity of files in the company's database when he came across two distinct files that, surprisingly, had the same cryptographic hash value. Understanding the implications, Enrique immediately escalated the situation, realizing this could be a potential vulnerability in the hashing algorithm in use. Which of the following BEST describes the anomaly Enrique found in Kelly Innovations LLC's file signatures?
A. Time memory trade-off
B. Hash extension attack
C. Cryptographic collision
D. Brute force attack

C. Cryptographic collision

Recently, Antatack, a martial arts company, has had a data breech. Barzan, a security analyst, was hired to investigate. He found a rogue WAP near the building. The attacker used the WAP to gain information about Anatack's clients. Which of the following network attacks is BEST demonstrated by this finding?
A. Wireless
B. Reflected
C. On-path
D. Amplified

C. On-path

Which of the following attackers is MOST likely driven by a desire to expose unethical practices within a corporation, even if it means acting in an unethical way themselves?
A. Organized crime
B. State-sponsored actor
C. Hacktivist
D. White hat hacker

C. Hacktivist

Which of the following mitigation techniques can help prevent users from making changes to the security features of devices by applying predefined security standards?
A. Configuration enforcement
B. Patching
C. Encryption
D. Least Privilege

A. Configuration enforcement

Which of the following mitigation techniques can help reduce the exposure of systems to potential attacks by turning off unneeded or unwanted network communication channels?
A. Changing Default Passwords
B. Removing unnecessary software
C. Disabling ports and protocols
D. Patching

C. Disabling ports and protocols

Which of the following mitigation techniques can help enforce compliance with security standards and policies on a system or network by designating programs that are allowed to run and blocking all other programs from being run?
A. Configuration Enforcement
B. Patching
C. Least Privilege
D. Application allow list

D. Application allow list

Which of the following is a type of unsecure wireless network that uses short-range radio waves to connect devices without encryption or authentication?
A. Wi-Fi
B. Cellular
C. Bluetooth
D. Ethernet

C. Bluetooth

What is the primary difference between an insider threat and a shadow IT threat actor?
A. Malicious intent
B. Resources/funding
C. Level of access
D. Level of sophistication/capability

A. Malicious intent

Which of the following BEST describes a threat actor whose primary motivation is to obtain unauthorized access to credit card data?
A. Chaos
B. Ethical belief
C. Financial gain
D. War

C. Financial gain

Which of the following terms refers to a major program executed by powerful entities to shift public opinion?
A. Influence campaign
B. Soft power
C. Digital diplomacy
D. Digital espionage

A. Influence campaign

Which of the following mitigation techniques inspects and controls incoming and outgoing network traffic on a per-application basis?
A. Data Loss Prevention
B. Host-based Firewall
C. Network Segmentation
D. Intrusion Detection System

B. Host-based Firewall

Jason receives an email at his Kelly Innovations LLC account. The email seems to be from Reed, a coworker, and states that Reed urgently needs to see the invoice for a recent project. However, Reed specifies he needs it within the next 10 minutes as he is in a meeting with Sasha and top executives. Jason quickly sends over the invoice without double-checking with Reed. Which type of attack best describes this situation?
A. Brute-force attack
B. Whaling
C. Cloning
D. Pretexting

D. Pretexting

What is the name of the attack vector that involves sending fraudulent emails to trick recipients into revealing sensitive information or clicking malicious links?
A. Misinformation
B. Vishing
C. Smishing
D. Phishing

D. Phishing

An application creates a temporary file to save a value for later use. A malicious actor deletes this file after its creation but before its subsequent use by the application. What type of vulnerability is being exploited in this situation?
A. Memory injection
B. Time-of-use (TOU)
C. Memory leaks
D. Race conditions

B. Time-of-use (TOU)

While conducting a routine system audit at Kelly Innovations LLC, Enrique, a senior IT administrator, stumbled upon a startling discovery. He found that Jamario, a junior database analyst whose responsibilities typically revolved around running simple queries and generating weekly reports, suddenly had permissions to modify core database structures, including adding and removing tables. Further analysis revealed that these permissions weren't granted through the company's formal access control procedure. Enrique suspected an external intervention that could have allowed Jamario's account to bypass the standard role-based permissions. This is an example of:
A. SQL injection
B. Access control list tampering
C. Privilege escalation
D. Session hijacking

C. Privilege escalation

What is a similarity between data exfiltration and espionage as motivations for threat actors?
A. Service disruption
B. Obtaining sensitive/confidential information
C. Philosophical/political beliefs
D. Financial gain

B. Obtaining sensitive/confidential information

Dion Training Solutions, a software-as-a-service company, began facing latency issues and, in some cases, outages. The IT team found that a massive amount of traffic was flooding in, but the peculiarity was that the incoming data appeared to be responses to requests that the company never made. These responses came from a wide range of IP addresses scattered globally. Which of the following types of malicious activities is BEST described in this scenario?
A. Phishing campaign
B. SQL injection
C. Reflected DDoS attack
D. Amplified DDoS attack

C. Reflected DDoS attack

Dion Training Solutions recently integrated a single security solution that provides multiple security functions at one point on their network. This solution incorporates functionalities such as intrusion prevention, gateway anti-virus, and VPN. Which of the following BEST describes this solution?
A. VPN gateway
B. IPS
C. Firewall
D. UTM

D. UTM

A financial services firm processes high volumes of transactions daily. To minimize data loss in case of a system failure, which backup frequency would you most likely recommend?
A. Daily incremental backups
B. Weekly full backups
C. Continuous backups
D. Differential backups

C. Continuous backups

Kelly Innovations LLC is implementing a wireless network and needs a flexible authentication method that supports multiple mechanisms for authenticating both wired and wireless users. Which protocol BEST fits their requirements?
A. LDAP
B. RADIUS
C. EAP
D. WPA3

C. EAP

Which of the following terms refers to the ability to obtain and apply security updates or fixes for software or systems?
A. Responsiveness
B. Risk transference
C. Patch availability
D. Inability to patch

C. Patch availability

When considering data storage, which of the following BEST describes a method to capture the state of a system at a specific point in time, offering a quick recovery solution without the need for a full backup?
A. Full backups
B. Differential backups
C. Snapshots
D. Incremental backups

C. Snapshots

Kelly Innovations decides to manage its IT infrastructure within its physical location, retaining full control over its hardware, software, and data. Which of the following security implications is MOST directly associated with this approach?
A. Multi-tenancy risks
B. Risk transference to third-party vendors
C. Increased responsibility for physical security
D. Dependence on external patch availability

C. Increased responsibility for physical security

Which of the following techniques replaces sensitive data with fictitious, but structurally similar, data to protect it in non-production or test environments?
A. Masking
B. Segmentation
C. Encryption
D. Hashing

A. Masking

Kelly Innovations LLC needs to securely authenticate remote users and needs to be able to handle multiple authentication methods. Which of the following protocols would be BEST suited for this scenario?
A. IPSec
B. EAP
C. ICMP
D. SD-WAN

B. EAP

Dion Training Solutions is implementing a security system for its research facility, where sensitive data is stored. If the access control system fails, which mode should be adopted to ensure that no unauthorized personnel can enter the facility, even if it means some inconvenience to authorized staff?
A. Fail-open
B. Passive mode
C. Fail-closed
D. Rate-based filtering

C. Fail-closed

Enrique at Dion Training is responsible for ensuring that the company's project data is protected from potential data loss, especially since the office is located in a region prone to natural disasters. Which backup method would provide him with the most secure protection by keeping a physically separate copy of the data?
A. Onsite backups
B. Cloud backups
C. Hybrid backups
D. Offsite backups

D. Offsite backups

To protect customers' financial records and adhere to standards set to prevent money laundering and fraud, which of the following is the BEST strategy a bank should adopt?
A. Integration of multi-factor authentication for user access
B. Strict adherence to AML/KYC regulations and secure data storage
C. Continuous security monitoring and intrusion detection systems
D. Creating a schedule for the creation of regular encrypted data backups

B. Strict adherence to AML/KYC regulations and secure data storage

Which of the following terms refers to a document that defines tasks that different parties perform in a cloud service agreement?
A. Hybrid considerations
B. Third-party vendors
C. Responsibility matrix
D. Microservices

C. Responsibility matrix

Dion Training Solutions needs a network appliance capable of filtering traffic based on URLs, HTTP headers, and specific web application functionalities. At which layer of the OSI model would this appliance primarily operate?
A. Layer 3
B. Layer 5
c
D. Layer 6

C. Layer 7

Dion Training is implementing a security device tasked with inspecting live network traffic and taking immediate action to mitigate potential threats. Which of the following security items would MOST effectively satisfy this requirement?
A. Fail-open mode
B. A passive device
C. An active device
D. Fail-closed mode

C. An active device

When analyzing cloud-specific vulnerabilities, which of the following factors is essential to ensure that the system can be quickly restored after a disruption?
A. Ease of Deployment
B. Patch Availability
C. Ease of Recovery
D. Microservices

C. Ease of Recovery

Dion Training Solutions is looking to upgrade their current firewall to one that can detect and block advanced threats, provide additional functions like intrusion prevention, and give them deep visibility into traffic. Which of the following types of firewalls is BEST described here?
A. Stateful firewall
B. NGFW
C. Proxy firewall
D. Packet-filtering firewall

B. NGFW

At Dion Training, David is advising on cloud security best practices regarding a company's recent issue with logins. Which measure is the most crucial to inform them when safeguarding against unauthorized logon attempts?
A. Leave default settings on Google's firewall
B. Rely solely on the CSP's IAM for user management
C. Allow programmatic access without unique secret keys
D. Implementing MFA and using conditional authentication for risky logons

D. Implementing MFA and using conditional authentication for risky logons

Jason is working with David to enhance the security of the switches at Dion Training. Which technique would be the BEST for them to prioritize?
A. Implementing regular system backups on the switches
B. Enabling SNMP monitoring
C. Disabling unused ports
D. Using default VLAN for all operations

C. Disabling unused ports

You are a security analyst for an enterprise that has recently experienced several security incidents related to web browsing. Management has decided to implement a centralized proxy solution to enhance security and mitigate the risk of future incidents. Which of the following actions would be the MOST effective way to enhance security with the centralized proxy in the given scenario?
A. Allowing unrestricted access to internal resources for users who are connected to the corporate network
B. Enforcing the use of HTTP for all web traffic to ensure compatibility with older browsers
C. Permitting employees to install browser extensions from trusted sources to enhance their browsing experience
D. Implementing SSL inspection to monitor and control encrypted web traffic

D. Implementing SSL inspection to monitor and control encrypted web traffic

Jason and Reed, both IT specialists at Kelly Innovations LLC, are tasked with ensuring the workstations' secure baseline remains uncompromised over time. Which technique would BEST help them achieve this?
A. Use Windows Update without a validation process
B. Manually check each workstation at month-end for deviations from the baseline
C. Rely solely on antivirus scans to detect changes in workstation configuration.
D. Implement Ansible to enforce and verify settings

D. Implement Ansible to enforce and verify settings

Jenny, a newly hired sales representative, has been granted access to view customer records but is unable to modify, delete, or add new ones. Only managers and the IT department have the ability to make changes to these records to maintain data integrity. Which principle is the organization applying?
A. Principle of least privilege
B. Data classification
C. Attribute-based access control (ABAC)
D. Mandatory access control (MAC)

A. Principle of least privilege

Last month at Kelly Innovations LLC, Jamario reported receiving inappropriate images while researching industry competitors. To prevent employees from accidentally accessing such media in the future, which of the following solutions would be MOST effective?
A. Installing a state-of-the-art firewall
B. Implementing content categorization
C. Requiring two-factor authentication for internet access
D. Upgrading to a faster internet connection

B. Implementing content categorization

During the decommissioning process of a database server, the IT department of Dion Training ensures that all stored customer data is rendered unrecoverable to protect against unauthorized access in the future. Which of the following practices is the IT department employing in this scenario?
A. Sanitization
B. Enumeration
C. Inventory
D. Assignment

A. Sanitization

Which of the following statements is NOT true regarding the role of Ticket Creation in the context of automation for secure operations?
A. Ticket creation facilitates communication and coordination among IT teams
B. Ticket creation fosters more security team cohesion and makes collaboration within the team more effective
C. Ticket creation enables accountability and better measurement of IT team performance
D. Ticket creation allows proper tracking and management of user issues, requests, or tasks

B. Ticket creation fosters more security team cohesion and makes collaboration within the team more effective

Which option BEST explains the importance of having vulnerability scanners?
A. Vulnerability scanners detect and mitigate many potential problems on a wide variety of devices
B. Vulnerability scanners continuously monitoring network traffic and identifying potential security breaches
C. Vulnerability scanners are responsible for monitoring user activities and detecting suspicious behavior on the network
D. Vulnerability scanners are critical in detecting and assessing security weaknesses in applications and systems

D. Vulnerability scanners are critical in detecting and assessing security weaknesses in applications and systems

Which of the following terms BEST describes a situation in which a company avoids addressing known system inefficiencies or shortcuts due to time constraints, potentially leading to future rework and vulnerabilities?
A. Cost
B. Complexity
C. Single point of failure
D. Technical debt

D. Technical debt

A company's access control mechanism determines access to resources based on users' job functions. The system enforces access control based on these predefined responsibilities, and users do not have the discretion to modify or override access permissions. Which type of access control mechanism is being used in this scenario?
A. Attribute-based
B. Discretionary
C. Rule-based
D. Role-based

D. Role-based

Which of the following BEST explains the importance of exceptions and exemptions in vulnerability management?
A. Exceptions and exemptions are official authorizations that allow specific deviations from established security policies or baseline controls
B. Exceptions and exemptions allow systems to completely bypass all security policies for maximum efficiency
C. Exceptions and exemptions are designed to eliminate the need for regular audits by providing an all-access pass to privileged users
D. Exceptions and exemptions permit organizations to ignore all known vulnerabilities without any consequences from internal procedures but don't affect government compliance

A. Exceptions and exemptions are official authorizations that allow specific deviations from established security policies or baseline controls

In the realm of digital forensics, which activity is MOST essential to maintaining the chain of custody for digital evidence?
A. Isolating the digital evidence storage system from network access
B. Documenting who has handled the evidence
C. Utilizing cryptographic hashes to confirm the integrity of stored evidence
D. Drafting a comprehensive summary of findings after analyzing the evidence

B. Documenting who has handled the evidence

A software development company regularly releases software updates to its global customer base. Recently, some customers reported receiving unauthorized and potentially malicious software updates. The company is now seeking to implement a security technique to ensure the authenticity and integrity of its software updates when delivered to customers. Which of the following would BEST assist in achieving this goal?
A. Antivirus scanning
B. IDS solution
C. Code signing
D. MFA

C. Code signing

Dion Training Solutions has partnered with several smaller companies. They set up a system allowing employees from any company to access resources from another partner company without requiring a separate username and password. Which of the following is this an example of?
A. Centralized access management
B. Federation
C. Access delegation
D. RBAC

B. Federation

Oliver travels frequently for work. His organization wants to implement an additional authentication method that considers his geographic location before granting access to sensitive systems. Which factor of multifactor authentication is the organization planning to use?
A. Somewhere you are
B. Something you know
C. Something you are
D. Something you have

A. Somewhere you are

Which email security protocol uses cryptographic signatures to verify the authenticity of an email's sender?
A. MTA
B. SPF
C. DMARC
D. DKIM

D. DKIM

Which of the following statements BEST explains the importance of 'continuous' integration for the security of an organization?
A. Continuous integration automates the process of updating and patching software
B. Continuous integration makes collaboration of security teams and developers easier
C. Continuous integration allows for real-time monitoring of network activities
D. Continuous integration automatically generates regular backups of critical data and encrypts them

B. Continuous integration makes collaboration of security teams and developers easier

Reed is getting a new computer from his employer, Kelly Innovations LLC. He wants to remove all his personal data from his old computer, ensuring it's irretrievable. Which of the following methods should he use?
A. System restore
B. Disk defragmentation
C. Emptying the recycle bin
D. Secure erase

D. Secure erase

Which of the following statements BEST explains the purpose of Netflow?
A. Netflow is a type of firewall that inspects network traffic and blocks malicious packets to prevent cyber-attacks
B. Netflow is a network tool that provides visibility into network traffic and helps identify potential security threats
C. Netflow is a protocol used for secure data transmission and encryption between devices on a network
D. Netflow is a hardware-based security appliance that monitors and filters network traffic to prevent unauthorized access

B. Netflow is a network tool that provides visibility into network traffic and helps identify potential security threats

Kelly Innovations LLC has integrated a new payment gateway into their application. To ensure no potential security gaps exist, especially related to data breaches or financial data leaks, which of the following actions would be the MOST effective?
A. Deploying a new intrusion detection system for the payment module
B. Updating the application to its latest version post-integration
C. Engaging penetration testers to mimic real-world hacking techniques
D. Ensuring two-factor authentication is enabled for application users

C. Engaging penetration testers to mimic real-world hacking techniques

Which of the following is the BEST action a security professional would undertake to determine the order in which identified vulnerabilities should be addressed, based on potential impact and exploitation likelihood?
A. False positive assessment
B. Vulnerability prioritization
C. Dynamic analysis
D. Threat intelligence gathering

B. Vulnerability prioritization

As a network administrator, you have been assigned the critical task of upgrading a company's encryption protocol for wireless devices. The current encryption method is outdated and poses a significant security risk. Your objective is to select the most secure option for the upgrade. Which of the following encryption protocols BEST represents the ideal choice for this upgrade?
A. TKIP
B. WEP
C. AES
D. WPA

C. AES

You are a cybersecurity analyst for a large enterprise that has experienced several security incidents resulting from insider threats and compromised user accounts. The organization wants to enhance its security posture by implementing User Behavior Analytics (UBA). Which of the following approaches would be the MOST effective way to implement UBA for the given scenario?
A. Deploying UBA on all endpoint devices to monitor user interactions and application usage
B. Implementing UBA on the organization's perimeter firewalls to analyze incoming and outgoing network traffic
C. Using UBA to monitor and analyze the activities of privileged users with elevated access rights only
D. Configuring UBA to perform scheduled scans of all user accounts prevent any anomalies

A. Deploying UBA on all endpoint devices to monitor user interactions and application usage

Which email security standard helps prevent email spoofing by allowing domain owners to specify which mail servers are authorized to send email on their behalf?
A. SPF
B. DKIM
C. SMTP
D. DMARC

A. SPF

Which of the following statements BEST explains the importance of considering technical debt?
A. Addressing technical debt helps organizations to automate security operations more effectively, reducing the need for human intervention
B. Technical debt can increase the complexity of long term security issues, making automation and orchestration more difficult
C. Considering technical debt allows organizations to prioritize cybersecurity investments based on the cost of eliminating debt
D. Technical debt only applies to non-security-related IT systems such as outdated software and hardware and does not impact the security posture of an organization

B. Technical debt can increase the complexity of long term security issues, making automation and orchestration more difficult