subscribe

Let's ask Questions

CompTIA Questions are critical thinking questions. You have to actually read the question

Question 1

1. An employer requires that employees use a key-generating app on their smartphones to log into corporate applications. In terms of authentication of an individual, this type of access policy is BEST defined as:

A. Something you have
B. Something you know
C. Something you do
D. Something you are

Question 2

Adhering to a layered security approach, a controlled access facility employs security guards who verify the authorization of all personnel entering the facility. Which of the following terms does BEST describe the security control being employed?

A. Administrative
B. Corrective
C. Deterrent
D. Compensating

Question 3

Which of the following are the MAIN reasons why a systems administrator would install security patches in a staging environment before the patches are applied to the production server? (Select two.)

A. To prevent server availability issues
B. To verify the appropriate patch is being installed
C. To generate a new baseline hash after patching
D. To allow users to test functionality

E. To ensure users are trained on new functionality

Question 4

A Chief Information Officer (CIO) drafts an agreement between the organization and its employees. The agreement outlines ramifications for releasing information without consent and/or approval. Which of the following BEST describes this type of agreement?

A. ISA
B. NDA
C. MOU
D. SLA

Question 5

1. A company wants to simplify the certificate management process. The company has a single domain with several dozen subdomains, all of which are publicly accessible on the internet. Which of the following BEST describes the type of certificate the company should implement?

A. Subject alternative name
B. Wildcard
C. Self-signed
D. Domain validation

Question 6

Which of the following is an effective tool to stop or prevent the exfiltration of data from a network?

A. DLP
B. NIDS
C. TPM
D. FDE

Question 7

Several attempts have been made to pick the door lock of a secure facility. As a result, the security engineer has been assigned to implement a stronger preventative access control. Which of the following would BEST complete the engineer's assignment

A. Replacing the traditional key with an RFID key
B. Installing and monitoring a camera facing the door
C. Setting motion-sensing lights to illuminate the door on activity
D. Surrounding the property with fencing and gates

Question 8

Which of the following can be used by a monitoring tool to compare values and detect password leaks without providing the actual credentials?

A. Hashing
B. Tokenization
C. Masking
D. Encryption

Question 9

A user enters a username and a password at the login screen for a web portal. A few seconds later the following message appears on the screen:

Please use a combination of numbers, special characters, and letters in the password field.

Which of the following concepts does this message describe?

A. Password complexity
B. Password reuse
C. Password history
D. Password age

Question 10

Which of the following is a reason to publish files' hashes?

A. To validate the integrity of the files
B. To verify if the software was digitally signed
C. To use the has as a software activation key
D. to use the hash a a decryption passphrase

Question11

A company is auditing the manner in which it's European customers' personal information is handled. Which of the following should the company consult?

A. GDPR
B. ISO
C. NIST
D. PCI DSS