Comptia Sec+ Practice 3

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

Current
Review / Skip
Answered
Correct
Incorrect

Question 1 of 26

1. Question
A healthcare provider is planning a maintenance window to update its patient record system with enhanced security measures. To ensure the update is successful and minimizes impact on operations, which TWO of the following actions should be prioritized in planning the maintenance window? (SELECT TWO)
- 1. Schedule the maintenance during hours of least activity in the healthcare facility.
- 2. Notify all relevant staff and departments well in advance of the maintenance.
- 3. Prepare a detailed backout plan in case the update encounters issues.
- 4. Train staff on new features immediately following the maintenance.
Correct

Incorrect
Question 2 of 26

2. Question
A financial services company is integrating Secure Access Service Edge (SASE) into its network infrastructure to modernize security and networking capabilities. The CISO is considering various components and features that are essential to maximize the effectiveness of SASE. Which TWO of the following elements should be prioritized in the SASE implementation for optimal security and performance? (SELECT TWO)
- 1. Incorporating a cloud access security broker (CASB) for monitoring and securing cloud-based applications.
- 2. Implementing a traditional hardware-based firewall at each branch office for localized protection.
- 3. Deploying secure web gateways (SWG) for safe and compliant internet access and web browsing.
- 4. Enabling high-capacity data storage within SASE to handle large volumes of financial transactions.
Correct

Incorrect
Question 3 of 26

3. Question
A large corporation recently experienced a network breach where attackers exploited vulnerabilities in the Simple Mail Transfer Protocol (SMTP) service running on their mail server. As part of the response, the security team decides to review and update the firewall settings related to ports and protocols. Considering the need to maintain email functionality while enhancing security, which of the following firewall modifications would be most effective?
- 1. Block all SMTP traffic at the firewall.
- 2. Restrict SMTP traffic to only allow connections from trusted external IP addresses.
- 3. Replace SMTP with a more secure protocol for email communication.
- 4. Enable logging for all SMTP traffic to monitor for suspicious activities.
Correct

Incorrect
Question 4 of 26

4. Question
InfoGuard Corp. conducts a vulnerability analysis and identifies several vulnerabilities with varying exposure factors. The vulnerabilities include an unpatched software vulnerability (EF 60%), weak passwords used by employees (EF 40%), and a misconfigured firewall (EF 70%). To effectively manage these vulnerabilities based on their exposure factors, which TWO of the following actions should InfoGuard Corp. prioritize? (SELECT TWO)
- 1. Focus on strengthening employee password policies to address the weak passwords.
- 2. Prioritize patching the unpatched software vulnerability.
- 3. Replace the misconfigured firewall with a new one.
- 4. Implement additional security training for employees regarding firewall configuration.
Correct

Incorrect
Question 5 of 26

5. Question
A web application in a financial organization is experiencing slow response times. Analysis reveals an unusual pattern of database queries being executed, including several that involve large data extractions. What is the MOST likely security concern indicated by this pattern, and what should be the initial response?
- 1. SQL Injection attack; review web application firewall (WAF) settings
- 2. Distributed Denial of Service (DDoS) attack; increase server resources
- 3. Insider threat; conduct user access review
- 4. Misconfiguration; audit application configuration settings
Correct

Incorrect
Question 6 of 26

6. Question
A smart home technology company provides a range of IoT devices, including smart thermostats, security cameras, and lighting systems. These devices are connected to the internet and can be controlled remotely by homeowners. Given the recent rise in IoT-targeted cyberattacks, what should be the company’s FIRST step in hardening these smart home devices against potential security breaches?
- 1. Implementing a firewall at the network level to monitor and control incoming and outgoing network traffic.
- 2. Ensuring all IoT devices are using strong, unique default passwords that users are encouraged to change upon setup.
- 3. Regularly releasing firmware updates for the IoT devices to patch any identified security vulnerabilities.
- 4. Providing users with a detailed manual on best practices for securing their home network.
Correct

Incorrect
Question 7 of 26

7. Question
A large enterprise is reviewing its security policies for critical systems, including firewalls, IDSs, and access control systems. The IT security team needs to decide which systems should be configured to fail-open and which should fail-closed, based on the potential impact on security and operations. Considering the balance between maintaining security and ensuring business continuity, which TWO of the following systems should be configured to fail-closed? (SELECT TWO)
- 1. The firewall protecting the internal network from external threats.
- 2. The IDS monitoring traffic for suspicious activities in the DMZ.
- 3. The access control system managing entry to the data center.
- 4. The load balancer distributing traffic across multiple web servers.
Correct

Incorrect
Question 8 of 26

8. Question
A company’s security team discovers that one of their critical applications was compromised through a malicious update. The team is tasked with implementing measures to protect against similar incidents in the future. Which of the following measures should be included in their security strategy? (SELECT TWO)
- 1. Conducting regular security audits of the application
- 2. Implementing a whitelist of approved software sources
- 3. Restricting internet access for application servers
- 4. Using a secure, dedicated update server
Correct

Incorrect
Question 9 of 26

9. Question
A company’s receptionist receives a call from an individual claiming to be from the IT department, stating they need remote access to update software on the company’s server. The caller provides specific technical details and sounds professional, but the receptionist has not been notified of any scheduled updates. In the context of social engineering, what is the appropriate action for the receptionist to take in this situation?
- 1. Grant remote access as the caller seems knowledgeable and professional
- 2. Ask the caller for their employee ID and verify it with the IT department
- 3. Direct the caller to send an official email request to the IT department
- 4. Hang up and ignore the call as it might be a social engineering attempt
Correct

Incorrect
Question 10 of 26

10. Question
A multinational corporation with extensive research and development in cutting-edge technology experienced two separate espionage incidents. In the first incident, trade secrets and proprietary research were stolen and traced to a competitor. In the second incident, confidential communication between top executives was intercepted, revealing strategic business plans. The attack methods were discreet and focused on data collection. Which TWO of the following motivations are most likely behind these espionage incidents? (SELECT TWO)
- 1. Industrial espionage to gain competitive advantage
- 2. State-sponsored espionage for national strategic interests
- 3. Financial gain through selling stolen corporate secrets
- 4. Corporate sabotage to disrupt business operations
Correct

Incorrect
Question 11 of 26

11. Question
A large corporation has implemented automated guard rails in its cloud environment to enforce security policies. Despite this, a recent audit revealed that several cloud storage buckets containing sensitive data were publicly accessible. Which of the following is the MOST likely reason for this security lapse?
- 1. Lack of employee cybersecurity awareness training.
- 2. Inadequate network firewall configurations.
- 3. Guard rails not properly configured to enforce access controls.
- 4. Insufficient antivirus software on end-user devices.
Correct

Incorrect
Question 12 of 26

12. Question
A university decides to implement application allow lists on its administrative computers to improve cybersecurity. Which TWO of the following outcomes are most likely to be achieved through this implementation? (SELECT TWO)
- 1. Streamlining the software procurement process.
- 2. Reducing the likelihood of data leakage.
- 3. Preventing the execution of unapproved software.
- 4. Automating software updates for efficiency.
Correct

Incorrect
Question 13 of 26

13. Question
An educational institution uses a legacy student information system that lacks modern security features. The IT department proposes an upgrade, but stakeholders are hesitant due to the potential learning curve and integration challenges. As a result, the upgrade is postponed, and later a security breach compromises sensitive student data. What lesson can be learned about legacy applications and change management from this scenario?
- 1. The necessity of conducting regular security audits on all systems.
- 2. The importance of stakeholder involvement in decision-making processes.
- 3. The value of upgrading legacy systems to enhance security.
- 4. The need for comprehensive data encryption on all institutional systems.
Correct

Incorrect
Question 14 of 26

14. Question
A luxury hotel is planning to install access control vestibules at entrances to its VIP guest floors for enhanced security. The hotel wants the vestibules to provide effective security without compromising guest convenience. Which TWO of the following features should be included in the access control vestibules to meet these requirements? (SELECT TWO)
- 1. Facial recognition technology for quick and secure authentication
- 2. A turnstile mechanism to physically control entry and exit
- 3. A full-body X-ray scanner for thorough security checks
- 4. An intercom system for guests to communicate with hotel staff
Correct

Incorrect
Question 15 of 26

15. Question
An IT manager at DataCorp is implementing a new role-based access control (RBAC) system. The manager needs to ensure that permission assignments align with security best practices and organizational needs. Which TWO of the following actions should the manager take to achieve this goal? (SELECT TWO)
- 1. Regularly review and update role definitions.
- 2. Grant all users administrative privileges for ease of access.
- 3. Assign permissions based on job functions and responsibilities.
- 4. Implement a time-based access control for sensitive resources.
Correct

Incorrect
Question 16 of 26

16. Question
A healthcare organization is enhancing its network architecture to support its critical online services. The IT team is planning to deploy a load balancer. Which of the following is an important consideration when configuring the load balancer to ensure high availability and security for the organization’s services?
- 1. Implementing a round-robin algorithm for equal distribution of traffic across all servers.
- 2. Configuring the load balancer to serve as the primary storage for patient data.
- 3. Setting up the load balancer to perform SSL offloading for encrypted traffic.
- 4. Using the load balancer to filter and block spam emails from external sources.
Correct

Incorrect
Question 17 of 26

17. Question
In an organization, the IT department sets up an automated attestation process for reviewing and confirming user access rights. However, a subsequent security review finds that several users still have access rights that they should not possess. What is the MOST likely reason for the failure of the automated attestation process?
- 1. The attestation process does not include a manual review component.
- 2. Users are bypassing the attestation process by using VPNs.
- 3. The automated system is not integrated with all the organization's resources.
- 4. There is a lack of regular training on the importance of attestation.
Correct

Incorrect
Question 18 of 26

18. Question
To enhance an organization’s defenses against privilege escalation attacks, which TWO of the following strategies should be prioritized? (SELECT TWO)
- 1. Employ the principle of least privilege for all user accounts and services.
- 2. Implement a robust intrusion detection system (IDS) to monitor network traffic.
- 3. Conduct regular vulnerability assessments and penetration testing.
- 4. Regularly conduct security awareness training focused on phishing and malware.
Correct

Incorrect
Question 19 of 26

19. Question
A financial consulting firm has recently implemented a CYOD policy, providing its employees with a choice of laptops and tablets for their work. The firm is particularly concerned about protecting sensitive financial data and maintaining regulatory compliance. Which TWO of the following security measures should be prioritized to address these concerns in the CYOD environment? (SELECT TWO)
- 1. Enforcing the use of strong passwords and multi-factor authentication for device access.
- 2. Installing a standardized set of security software on all CYOD devices regardless of the model.
- 3. Implementing a Virtual Desktop Infrastructure (VDI) for accessing sensitive financial data.
- 4. Requiring all CYOD devices to connect to the company network exclusively through wired connections.
Correct

Incorrect
Question 20 of 26

20. Question
Upon accessing the security dashboard, a system administrator observes alerts indicating multiple instances of policy violations related to unauthorized software installations on employee workstations. To address these violations and improve overall security compliance, which of the following actions should be taken? (SELECT TWO)
- 1. Conduct an immediate scan of all workstations for unauthorized software.
- 2. Update the organization's software policy to allow more flexibility in installations.
- 3. Implement application whitelisting to control software installation and execution.
- 4. Provide training to employees on approved software usage and security policies.
Correct

Incorrect
Question 21 of 26

21. Question
A small business adopts a cloud-based password manager to improve security and manage passwords more effectively. After implementation, the business owner is concerned about the security of storing all passwords in one place. What feature should the business owner look for in a password manager to alleviate this concern?
- 1. The ability to generate complex passwords automatically.
- 2. End-to-end encryption of passwords stored in the password manager.
- 3. Integration with the business's existing single sign-on (SSO) solution.
- 4. A user-friendly interface to encourage employee adoption.
Correct

Incorrect
Question 22 of 26

22. Question
A retail company experiences an unexpected data breach involving customer payment information. The IT manager decides to conduct an ad hoc risk assessment to understand the breach’s impact and prevent future incidents. What should the IT manager prioritize in this assessment? (SELECT TWO)
- 1. Reviewing the company's data encryption policies.
- 2. Analyzing the effectiveness of the incident response plan.
- 3. Assessing the financial impact of the data breach on the company.
- 4. Identifying vulnerabilities in the point-of-sale (POS) system.
Correct

Incorrect
Question 23 of 26

23. Question
A major online retailer experienced a Distributed Denial of Service (DDoS) attack during a significant sales event, leading to the temporary shutdown of its website. The attack did not result in any data breach or ransom demands but caused substantial financial loss due to interrupted sales. What type of threat actor is most likely responsible for this incident?
- 1. A cybercriminal group seeking financial extortion
- 2. A competitor engaging in corporate sabotage
- 3. An individual or group aiming to cause disruption and chaos
- 4. A state-sponsored actor disrupting economic activities
Correct

Incorrect
Question 24 of 26

24. Question
A healthcare provider manages large volumes of sensitive patient health records and needs to ensure the data is securely protected in various states. Which TWO of the following encryption strategies should the provider implement to comprehensively secure patient health records? (SELECT TWO)
- 1. Encrypting data at rest using Advanced Encryption Standard (AES).
- 2. Implementing Secure/Multipurpose Internet Mail Extensions (S/MIME) for email communication.
- 3. Using a web application firewall (WAF) to encrypt incoming and outgoing traffic.
- 4. Deploying a virtual private network (VPN) for remote access to health records.
Correct

Incorrect
Question 25 of 26

25. Question
To enhance the security of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks, which two of the following practices should be prioritized? (SELECT TWO)
- 1. Integrating the ICS/SCADA networks with the organization's general-purpose IT networks for centralized management.
- 2. Regularly performing vulnerability assessments and penetration testing on the ICS/SCADA systems.
- 3. Allowing unrestricted internet access from ICS/SCADA devices for ease of updates and maintenance.
- 4. Implementing strict access control measures for both physical and network access to ICS/SCADA components.
Correct

Incorrect
Question 26 of 26

26. Question
During a routine OSINT gathering exercise, a cybersecurity team at TechGuard Inc. discovers a leaked database containing login credentials that match their company’s email domain. What is the most effective initial action for the team to mitigate the potential risk posed by this exposure?
- 1. Notify all employees to change their passwords immediately.
- 2. Conduct an internal investigation to identify the source of the leak.
- 3. Monitor the dark web for further information about the leaked database.
- 4. Conduct an internal investigation to identify the source of the leak.
Correct

Incorrect