COMPTIA SECURITY+ CERTIFICATION EXAM – QUESTIONS AND ANSWERS |
VERIFIED AND WELL DETAILED ANSWERS | PLUS RATIONALES | GUARANTEED
PASS | LATEST EXAM UPDATE
*Core Domains*
*Attacks, Threats, and Vulnerabilities*
*Architecture and Design*
*Implementation*
*Operations and Incident Response*
*Governance, Risk, and Compliance*
*Identity and Access Management*
*Cryptography and PKI*
*Introduction*
The CompTIA Security+ exam is a global certification that validates the baseline skills
necessary to perform core security functions and pursue an IT security career. This
assessment focuses on the ability to anticipate security risks and provide proactive
solutions for various networking environments. The exam consists of multiple-choice and
performance-based questions designed to test both theoretical knowledge and practical,
real-world application. Candidates must demonstrate proficiency in identifying threats,
implementing secure network architecture, and responding to incidents according to legal
,and ethical standards. This comprehensive test bank emphasizes critical thinking and
informed decision-making to ensure candidates are prepared for modern cybersecurity
challenges.
1. An administrator discovers that an attacker is using a database of precomputed
hashes to crack passwords. Which of the following is the most effective way to
prevent this type of attack?
A. Password complexity
B. Salting
C. Account lockout
D. Key stretching
🟢 B. Salting
🔴 Explanation: Salting adds unique, random data to each password before hashing,
which makes precomputed hash tables (Rainbow Tables) ineffective since each hash
would require its own table.
2. Which of the following describes a situation where an unauthorized person follows
an authorized person through a secure door without using a keycard?
A. Shoulder surfing
B. Piggybacking
,C. Tailgating
D. Man-in-the-middle
🟢 C. Tailgating
🔴 Explanation: Tailgating occurs when an unauthorized person follows an authorized
user into a secure area without their knowledge or consent, bypassing physical access
controls.
3. A company is implementing a new security policy that requires all employees to
prove their identity using something they have and something they know. Which of
the following is being implemented?
A. Single sign-on
B. Multifactor authentication
C. Biometrics
D. Federation
🟢 B. Multifactor authentication
🔴 Explanation: Multifactor authentication (MFA) requires two or more different types of
evidence (factors), such as a hardware token (something you have) and a PIN
(something you know).
, 4. A security analyst needs to ensure that data stored on a laptop remains unreadable
if the device is stolen. Which technology should be used?
A. TPM
B. DLP
C. FDE
D. Hashing
🟢 C. FDE
🔴 Explanation: Full Disk Encryption (FDE) encrypts the entire hard drive, ensuring that
data is inaccessible to anyone who does not have the decryption key or credentials.
5. Which of the following cryptographic algorithms is classified as asymmetric?
A. AES
B. DES
C. RSA
D. Blowfish
🟢 C. RSA
🔴 Explanation: RSA is an asymmetric (public key) algorithm, whereas AES, DES, and
Blowfish are symmetric algorithms that use a single shared key for encryption and
decryption.
VERIFIED AND WELL DETAILED ANSWERS | PLUS RATIONALES | GUARANTEED
PASS | LATEST EXAM UPDATE
*Core Domains*
*Attacks, Threats, and Vulnerabilities*
*Architecture and Design*
*Implementation*
*Operations and Incident Response*
*Governance, Risk, and Compliance*
*Identity and Access Management*
*Cryptography and PKI*
*Introduction*
The CompTIA Security+ exam is a global certification that validates the baseline skills
necessary to perform core security functions and pursue an IT security career. This
assessment focuses on the ability to anticipate security risks and provide proactive
solutions for various networking environments. The exam consists of multiple-choice and
performance-based questions designed to test both theoretical knowledge and practical,
real-world application. Candidates must demonstrate proficiency in identifying threats,
implementing secure network architecture, and responding to incidents according to legal
,and ethical standards. This comprehensive test bank emphasizes critical thinking and
informed decision-making to ensure candidates are prepared for modern cybersecurity
challenges.
1. An administrator discovers that an attacker is using a database of precomputed
hashes to crack passwords. Which of the following is the most effective way to
prevent this type of attack?
A. Password complexity
B. Salting
C. Account lockout
D. Key stretching
🟢 B. Salting
🔴 Explanation: Salting adds unique, random data to each password before hashing,
which makes precomputed hash tables (Rainbow Tables) ineffective since each hash
would require its own table.
2. Which of the following describes a situation where an unauthorized person follows
an authorized person through a secure door without using a keycard?
A. Shoulder surfing
B. Piggybacking
,C. Tailgating
D. Man-in-the-middle
🟢 C. Tailgating
🔴 Explanation: Tailgating occurs when an unauthorized person follows an authorized
user into a secure area without their knowledge or consent, bypassing physical access
controls.
3. A company is implementing a new security policy that requires all employees to
prove their identity using something they have and something they know. Which of
the following is being implemented?
A. Single sign-on
B. Multifactor authentication
C. Biometrics
D. Federation
🟢 B. Multifactor authentication
🔴 Explanation: Multifactor authentication (MFA) requires two or more different types of
evidence (factors), such as a hardware token (something you have) and a PIN
(something you know).
, 4. A security analyst needs to ensure that data stored on a laptop remains unreadable
if the device is stolen. Which technology should be used?
A. TPM
B. DLP
C. FDE
D. Hashing
🟢 C. FDE
🔴 Explanation: Full Disk Encryption (FDE) encrypts the entire hard drive, ensuring that
data is inaccessible to anyone who does not have the decryption key or credentials.
5. Which of the following cryptographic algorithms is classified as asymmetric?
A. AES
B. DES
C. RSA
D. Blowfish
🟢 C. RSA
🔴 Explanation: RSA is an asymmetric (public key) algorithm, whereas AES, DES, and
Blowfish are symmetric algorithms that use a single shared key for encryption and
decryption.
