CompTIA Questions
Do you want to help Professor JROD with his research?
Click here
https://qfreeaccountssjc1.az1.qualtrics.com/jfe/form/SV_3eJ4L1Fcj5w9jBc
Join Technology Tap Premium, and you can be eligible to win one voucher for either CompTIA A+ (1101 or 1102), Network Plus, or Security Plus. We will hold a raffle on June 1st, August 1st, October 1st, and December 1st.
To qualify for a free voucher, you must be a Technology Tap Premium subscriber for at least three months.
Only one voucher winner per household.
Only one voucher per raffle date
https://www.buzzsprout.com/1473469/subscribe
Let's ask Questions
CompTIA Questions are critical thinking questions. You have to actually read the question
Question 1
1. An employer requires that employees use a key-generating app on their smartphones to log into corporate applications. In terms of authentication of an individual, this type of access policy is BEST defined as:
​
A. Something you have
B. Something you know
C. Something you do
D. Something you are
Question 2
Adhering to a layered security approach, a controlled access facility employs security guards who verify the authorization of all personnel entering the facility. Which of the following terms does BEST describe the security control being employed?
​
A. Administrative
B. Corrective
C. Deterrent
D. Compensating
Question 3
Which of the following are the MAIN reasons why a systems administrator would install security patches in a staging environment before the patches are applied to the production server? (Select two.)
​
A. To prevent server availability issues
B. To verify the appropriate patch is being installed
C. To generate a new baseline hash after patching
D. To allow users to test functionality
E. To ensure users are trained on new functionality
Question 4
A Chief Information Officer (CIO) drafts an agreement between the organization and its employees. The agreement outlines ramifications for releasing information without consent and/or approval. Which of the following BEST describes this type of agreement?
​
A. ISA
B. NDA
C. MOU
D. SLA
Question 5
1. A company wants to simplify the certificate management process. The company has a single domain with several dozen subdomains, all of which are publicly accessible on the internet. Which of the following BEST describes the type of certificate the company should implement?
​
A. Subject alternative name
B. Wildcard
C. Self-signed
D. Domain validation
Question 6
Which of the following is an effective tool to stop or prevent the exfiltration of data from a network?
​
A. DLP
B. NIDS
C. TPM
D. FDE
Question 7
Several attempts have been made to pick the door lock of a secure facility. As a result, the security engineer has been assigned to implement a stronger preventative access control. Which of the following would BEST complete the engineer's assignment
​
A. Replacing the traditional key with an RFID key
B. Installing and monitoring a camera facing the door
C. Setting motion-sensing lights to illuminate the door on activity
D. Surrounding the property with fencing and gates
​
Question 8
Which of the following can be used by a monitoring tool to compare values and detect password leaks without providing the actual credentials?
​
A. Hashing
B. Tokenization
C. Masking
D. Encryption
Question 9
A user enters a username and a password at the login screen for a web portal. A few seconds later the following message appears on the screen:
Please use a combination of numbers, special characters, and letters in the password field.
Which of the following concepts does this message describe?
​
A. Password complexity
B. Password reuse
C. Password history
D. Password age
Question 10
Which of the following is a reason to publish files' hashes?
​
A. To validate the integrity of the files
B. To verify if the software was digitally signed
C. To use the has as a software activation key
D. to use the hash a a decryption passphrase
Question11
A company is auditing the manner in which it's European customers' personal information is handled. Which of the following should the company consult?
​
A. GDPR
B. ISO
C. NIST
D. PCI DSS
​
Question 4
​