WGU D483 CompTia SysA+ Study Ques ons and
answers Newest RATED A+ 2025/2026 WITH COMPLETE
SOLUTION NEW!!
An organiza on recently had an a ack that resulted in system data loss. The system
administrator must now restore the system with a data backup. What func onal security control
was the system administrator able to implement?
A.Preventa ve
B.Responsive
C.Correc ve
D.Compensa ng
C.Correc ve
The system administrator used a correc ve control a%er the a ack. A good example of a
correc ve control is a backup system that can restore data that an a acker damages during an
intrusion.
Preventa ve controls act to eliminate or reduce the likelihood that an a ack can succeed. A
preventa ve control operates before an a ack can take place.
Responsive controls serve to direct correc ve ac ons enacted a%er the organiza on confirms
the incident. They o%en document these ac ons in a playbook.
The compensa ng control is a subs tute for a principal control, as recommended by a security
standard, and affords the same (or be er) level of protec on but uses a different methodology
or technology.
A security engineer installs a next-genera on firewall on the perimeter of a network. This
installa on is an example of what type of security control class?
A.Managerial
B.Opera onal
C.Detec ve
D.Technical
D.Technical
Firewalls, an virus so%ware, and opera ng system (OS) access control models are examples of
,technical controls. The engineer would implement technical control as a system (hardware,
so%ware, or firmware).
The managerial control gives oversight of the informa on system. Examples could include risk
iden fica on or a tool allowing the evalua on and selec on of other security controls.
People primarily implement opera onal control rather than systems. For example, security
guards and training programs are opera onal controls rather than technical controls.
The detec ve control is a func onal control that is not a security control class.
An engineer is considering appropriate risk responses using threat modeling. They are trying to
understand which threat actors are in scope for their organiza on. How does threat modeling
iden fy the principal risks and tac cs, techniques, and procedures (TTPs) for which their system
may be suscep ble? (Select the three best op ons.)
A.By evalua ng the system from an a acker's point of view
B.By evalua ng a system from a neutral perspec ve
C.Through using tools such as diagrams
D.By analyzing the system from the defender's perspec ve
ACD
Evalua ng systems from a neutral perspec ve is not a method used in threat modeling.
A mission-cri cal system is offline at an organiza on due to a zero-day a ack. The associated
so%ware vendor plans to release a patch to remediate the vulnerability. Which of the following
are important patch management considera ons for this scenario? (Select the three best
op ons.)
A.A patch test environment
B.Immediate push delivery of cri cal security patches
C.A specific team responsible for reviewing vendor-supplied newsle ers and security patch
bulle ns
D.A rou ne schedule for the rollout of noncri cal patches
ABC
D. While crea ng a rou ne schedule for the rollout of noncri cal patches has merit, it does not
illustrate important patch management considera ons in this example. A security analyst would
address noncri cal patches at a later me.
,A security analyst is reviewing an announcement from the Cybersecurity and Infrastructure
Security Agency. Which source of defensive open-source intelligence (OSINT) does the agency
represent?
A.CERT
B.Internal sources
C.Government bulle ns
D.CSIRT
C. Government bulle ns
The government is responsible for protec ng the country's cons tuents and the na onal
infrastructure and publishing various informa on and advice regarding observed threats. For
example, the Department of Homeland Security and the Cybersecurity and Infrastructure
Agency publishes several types of cybersecurity guidance, including basic informa onal content
and binding opera onal direc ves that federal agencies must implement.
A computer emergency response team (CERT) aims to mi gate cybercrime and minimize
damage by responding to incidents quickly.
It is important to consider that evidence regarding ac ve threats, reconnaissance ac vi es, and
suspicious behavior exists within the protected environment.
A computer security incident response team (CSIRT) is a group responsible for responding to
security incidents involving computer systems.
Hack vist
such as Anonymous, WikiLeaks, or LulzSec, use cyber weapons to promote a poli cal agenda.
Hack vists might a empt to obtain and release confiden al informa on to the public domain,
perform denial of service (DoS) a acks, or deface websites.
Na on-state
actors have par cipated in many a acks, par cularly on energy and electoral systems. The goals
of na on-state actors are primarily espionage and strategic advantage.
A computer emergency response team (CERT) is quickly reac ng to an a ack on the network
infrastructure of a semiconductor manufacturer. What is true about a CERT? (Select the three
best op ons.)
A.CERTS mi gate cybercrime.
B.CERTS work with local law enforcement.
, C.CERTS provide knowledge of trending a acks.
D.CERTS publish a wide variety of informa on concerning threats.
ABC
D. The government is responsible for protec ng the country's cons tuents and the na onal
infrastructure and publishing various informa on and advice regarding observed threats. For
example, the Department of Homeland Security and the Cybersecurity and Infrastructure
Agency publishes several types of cybersecurity guidance.
A systems administrator is searching for poten al vulnerabili es in the network. Which threat-
hun ng focus area should the administrator examine, as a ackers o%en exploit it through
connected systems or physical access?
A.Isolated networks
B.Misconfigured systems
C.Business-cri cal assets
D.Lateral movements
Isolated networks, such as air-gapped networks or networks with limited connec vity to the
internet, are o%en thought to be more secure. However, a ackers can s ll target these
networks by exploi ng vulnerabili es in connected systems or through physical access.
CSIRT
computer security incident response team (CSIRT) is a group responsible for responding to
security incidents involving computer systems.
A system technician reviews system logs from various devices and no ces discrepancies
between recorded events. The events between the systems are not synchronizing in the correct
order. Which configura on should the technician analyze and adjust to ensure proper and
accurate logging? (Select the two best op ons.)
A.NTP
B.GPS
C.PKI
D.SSL
A.NTP
B.GPS
Time dri% or me discrepancies can cause the system to create logs with incorrect me stamps.
A me source can provide accuracy by using the Network Time Protocol (NTP) on the systems.
answers Newest RATED A+ 2025/2026 WITH COMPLETE
SOLUTION NEW!!
An organiza on recently had an a ack that resulted in system data loss. The system
administrator must now restore the system with a data backup. What func onal security control
was the system administrator able to implement?
A.Preventa ve
B.Responsive
C.Correc ve
D.Compensa ng
C.Correc ve
The system administrator used a correc ve control a%er the a ack. A good example of a
correc ve control is a backup system that can restore data that an a acker damages during an
intrusion.
Preventa ve controls act to eliminate or reduce the likelihood that an a ack can succeed. A
preventa ve control operates before an a ack can take place.
Responsive controls serve to direct correc ve ac ons enacted a%er the organiza on confirms
the incident. They o%en document these ac ons in a playbook.
The compensa ng control is a subs tute for a principal control, as recommended by a security
standard, and affords the same (or be er) level of protec on but uses a different methodology
or technology.
A security engineer installs a next-genera on firewall on the perimeter of a network. This
installa on is an example of what type of security control class?
A.Managerial
B.Opera onal
C.Detec ve
D.Technical
D.Technical
Firewalls, an virus so%ware, and opera ng system (OS) access control models are examples of
,technical controls. The engineer would implement technical control as a system (hardware,
so%ware, or firmware).
The managerial control gives oversight of the informa on system. Examples could include risk
iden fica on or a tool allowing the evalua on and selec on of other security controls.
People primarily implement opera onal control rather than systems. For example, security
guards and training programs are opera onal controls rather than technical controls.
The detec ve control is a func onal control that is not a security control class.
An engineer is considering appropriate risk responses using threat modeling. They are trying to
understand which threat actors are in scope for their organiza on. How does threat modeling
iden fy the principal risks and tac cs, techniques, and procedures (TTPs) for which their system
may be suscep ble? (Select the three best op ons.)
A.By evalua ng the system from an a acker's point of view
B.By evalua ng a system from a neutral perspec ve
C.Through using tools such as diagrams
D.By analyzing the system from the defender's perspec ve
ACD
Evalua ng systems from a neutral perspec ve is not a method used in threat modeling.
A mission-cri cal system is offline at an organiza on due to a zero-day a ack. The associated
so%ware vendor plans to release a patch to remediate the vulnerability. Which of the following
are important patch management considera ons for this scenario? (Select the three best
op ons.)
A.A patch test environment
B.Immediate push delivery of cri cal security patches
C.A specific team responsible for reviewing vendor-supplied newsle ers and security patch
bulle ns
D.A rou ne schedule for the rollout of noncri cal patches
ABC
D. While crea ng a rou ne schedule for the rollout of noncri cal patches has merit, it does not
illustrate important patch management considera ons in this example. A security analyst would
address noncri cal patches at a later me.
,A security analyst is reviewing an announcement from the Cybersecurity and Infrastructure
Security Agency. Which source of defensive open-source intelligence (OSINT) does the agency
represent?
A.CERT
B.Internal sources
C.Government bulle ns
D.CSIRT
C. Government bulle ns
The government is responsible for protec ng the country's cons tuents and the na onal
infrastructure and publishing various informa on and advice regarding observed threats. For
example, the Department of Homeland Security and the Cybersecurity and Infrastructure
Agency publishes several types of cybersecurity guidance, including basic informa onal content
and binding opera onal direc ves that federal agencies must implement.
A computer emergency response team (CERT) aims to mi gate cybercrime and minimize
damage by responding to incidents quickly.
It is important to consider that evidence regarding ac ve threats, reconnaissance ac vi es, and
suspicious behavior exists within the protected environment.
A computer security incident response team (CSIRT) is a group responsible for responding to
security incidents involving computer systems.
Hack vist
such as Anonymous, WikiLeaks, or LulzSec, use cyber weapons to promote a poli cal agenda.
Hack vists might a empt to obtain and release confiden al informa on to the public domain,
perform denial of service (DoS) a acks, or deface websites.
Na on-state
actors have par cipated in many a acks, par cularly on energy and electoral systems. The goals
of na on-state actors are primarily espionage and strategic advantage.
A computer emergency response team (CERT) is quickly reac ng to an a ack on the network
infrastructure of a semiconductor manufacturer. What is true about a CERT? (Select the three
best op ons.)
A.CERTS mi gate cybercrime.
B.CERTS work with local law enforcement.
, C.CERTS provide knowledge of trending a acks.
D.CERTS publish a wide variety of informa on concerning threats.
ABC
D. The government is responsible for protec ng the country's cons tuents and the na onal
infrastructure and publishing various informa on and advice regarding observed threats. For
example, the Department of Homeland Security and the Cybersecurity and Infrastructure
Agency publishes several types of cybersecurity guidance.
A systems administrator is searching for poten al vulnerabili es in the network. Which threat-
hun ng focus area should the administrator examine, as a ackers o%en exploit it through
connected systems or physical access?
A.Isolated networks
B.Misconfigured systems
C.Business-cri cal assets
D.Lateral movements
Isolated networks, such as air-gapped networks or networks with limited connec vity to the
internet, are o%en thought to be more secure. However, a ackers can s ll target these
networks by exploi ng vulnerabili es in connected systems or through physical access.
CSIRT
computer security incident response team (CSIRT) is a group responsible for responding to
security incidents involving computer systems.
A system technician reviews system logs from various devices and no ces discrepancies
between recorded events. The events between the systems are not synchronizing in the correct
order. Which configura on should the technician analyze and adjust to ensure proper and
accurate logging? (Select the two best op ons.)
A.NTP
B.GPS
C.PKI
D.SSL
A.NTP
B.GPS
Time dri% or me discrepancies can cause the system to create logs with incorrect me stamps.
A me source can provide accuracy by using the Network Time Protocol (NTP) on the systems.
