COMPTIA SECURITY + EXAM NEWEST 2026 ACTUAL
EXAM TEST BANK| SECURITY + CERTMASTER EXAM
PREP WITH COMPLETE 550 REAL EXAM QUESTIONS
AND CORRECT VERIFIED ANSWERS/ ALREADY
GRADED A+ (BRAND NEW!!)
1. Which security control type is an Acceptable Use Policy
(AUP) considered to be?
Answer: D. Preventive
Rationale: An AUP is a set of rules governing how users can
access and use corporate networks, which proactively prevents
security incidents by informing users of prohibited activities. It is
an administrative preventive control. Deterrent controls
discourage violations but don't physically stop them; detective
controls identify incidents after occurrence.
2. Which statement correctly differentiates between FTP, SFTP,
and FTPS?
1
,Answer: A. FTPS adds SSL/TLS; SFTP is based on SSH; FTP has
no encryption
Rationale: FTP transmits data in cleartext; FTPS adds TLS/SSL
encryption; SFTP is an entirely different protocol based on SSH
(port 22) and provides file transfer and other operations.
3. An attacker uses a sniffer to gain session cookies from an
unsecured network. What attack can they now conduct?
Answer: B. Session hijacking
Rationale: Stolen session cookies allow the attacker to
impersonate the authenticated user without needing credentials,
effectively hijacking the established session.
4. A company wants to ensure a stolen encrypted backup tape
cannot be read. Which control is most effective?
Answer: A. Key management and rotation
Rationale: Encryption protects confidentiality only if keys are
secure. Proper key management ensures unauthorized parties
2
,cannot decrypt stolen media. Physical locks prevent theft but
don't protect data after theft.
5. Which statement best illustrates asymmetric encryption's
advantages and disadvantages?
Answer: B. Asymmetric encryption is ideal for proving identity
but requires significant computing overhead for bulk
encryption
Rationale: Asymmetric encryption provides authentication and
non-repudiation through digital signatures but is computationally
intensive; symmetric encryption is preferred for bulk data.
6. The CIA Triad consists of:
Answer: B. Confidentiality, Integrity, Availability
Rationale: The CIA Triad is the foundational security model:
Confidentiality (preventing unauthorized access), Integrity
(ensuring data accuracy), and Availability (ensuring authorized
access).
3
, 7. Which scenario best demonstrates non-repudiation?
Answer: B. A user signs a document with a digital signature
Rationale: Non-repudiation ensures an individual cannot deny
performing an action. Digital signatures provide proof of origin
and integrity, making denial impossible. Audit logs alone don't
guarantee the user's identity.
8. In the Zero Trust model, which principle is fundamental?
Answer: B. Never trust, always verify
Rationale: Zero Trust assumes no implicit trust for any user or
device, regardless of location. Every access request must be
authenticated, authorized, and encrypted continuously.
9. An organization installs fingerprint scanners at an external
entry point. Which concerns might arise? (Select two)
Answer: A and B (A. Fingerprint scanning is relatively easy to
spoof; B. Scanners require clean, dry surfaces to function
accurately)
4
EXAM TEST BANK| SECURITY + CERTMASTER EXAM
PREP WITH COMPLETE 550 REAL EXAM QUESTIONS
AND CORRECT VERIFIED ANSWERS/ ALREADY
GRADED A+ (BRAND NEW!!)
1. Which security control type is an Acceptable Use Policy
(AUP) considered to be?
Answer: D. Preventive
Rationale: An AUP is a set of rules governing how users can
access and use corporate networks, which proactively prevents
security incidents by informing users of prohibited activities. It is
an administrative preventive control. Deterrent controls
discourage violations but don't physically stop them; detective
controls identify incidents after occurrence.
2. Which statement correctly differentiates between FTP, SFTP,
and FTPS?
1
,Answer: A. FTPS adds SSL/TLS; SFTP is based on SSH; FTP has
no encryption
Rationale: FTP transmits data in cleartext; FTPS adds TLS/SSL
encryption; SFTP is an entirely different protocol based on SSH
(port 22) and provides file transfer and other operations.
3. An attacker uses a sniffer to gain session cookies from an
unsecured network. What attack can they now conduct?
Answer: B. Session hijacking
Rationale: Stolen session cookies allow the attacker to
impersonate the authenticated user without needing credentials,
effectively hijacking the established session.
4. A company wants to ensure a stolen encrypted backup tape
cannot be read. Which control is most effective?
Answer: A. Key management and rotation
Rationale: Encryption protects confidentiality only if keys are
secure. Proper key management ensures unauthorized parties
2
,cannot decrypt stolen media. Physical locks prevent theft but
don't protect data after theft.
5. Which statement best illustrates asymmetric encryption's
advantages and disadvantages?
Answer: B. Asymmetric encryption is ideal for proving identity
but requires significant computing overhead for bulk
encryption
Rationale: Asymmetric encryption provides authentication and
non-repudiation through digital signatures but is computationally
intensive; symmetric encryption is preferred for bulk data.
6. The CIA Triad consists of:
Answer: B. Confidentiality, Integrity, Availability
Rationale: The CIA Triad is the foundational security model:
Confidentiality (preventing unauthorized access), Integrity
(ensuring data accuracy), and Availability (ensuring authorized
access).
3
, 7. Which scenario best demonstrates non-repudiation?
Answer: B. A user signs a document with a digital signature
Rationale: Non-repudiation ensures an individual cannot deny
performing an action. Digital signatures provide proof of origin
and integrity, making denial impossible. Audit logs alone don't
guarantee the user's identity.
8. In the Zero Trust model, which principle is fundamental?
Answer: B. Never trust, always verify
Rationale: Zero Trust assumes no implicit trust for any user or
device, regardless of location. Every access request must be
authenticated, authorized, and encrypted continuously.
9. An organization installs fingerprint scanners at an external
entry point. Which concerns might arise? (Select two)
Answer: A and B (A. Fingerprint scanning is relatively easy to
spoof; B. Scanners require clean, dry surfaces to function
accurately)
4
