Security+ CertMaster Exam with Correct
Solutions
Which security related phrase relates to the integrity of data? - ✅✅ Modification
An organization stores data in different geographic locations for redundancy. This
data replicates so that it is the same in all locations. Engineers discover that some
replicas are lagging with updates. What configuration do the engineers discover as
the cause? - ✅✅ Asynchronous replication
A systems engineer configures a disk volume with a Redundant Array of
Independent Disks (RAID) solution. Which solution does the engineer utilize when
allowing for the failure of two disks? - ✅✅ Level 6
A systems engineer reviews recent backups for a production server. While doing
so, the engineer discovers that archive bits on files are clearing and incorrect
backup types have been occurring. Which backup type did the engineer intend to
use if the bit should not be cleared? - ✅✅ Differential
Management has reason to believe that someone internal to the organization is
committing fraud. To confirm their suspicion, and to collect evidence, they need to
set up a system to capture the events taking place. Evaluate which option will best
fit the organization's needs. - ✅✅ Honeypot
IT staff looks to provide a high level of fault tolerance while implementing a new
server. With which systems configuration approach does the staff achieve this
goal? - ✅✅ Focusing on critical components
An engineer looks to implement security measures by following the five functions
in the National Institute of Standards and Technology (NIST) Cybersecurity
Framework. When documenting the "detect" function, what does the engineer
focus on? - ✅✅ Ongoing proactive monitoring
Any external responsibility for an organization's security lies mainly with which
individuals? - ✅✅ The owner
,How might the goals of basic network management not be well-aligned with the
goals of security? - ✅✅ Management focuses on availability over confidentiality.
The National Institute of Standards and Technology (NIST) provides a framework
that classifies security-related functions. Which description aligns with the
"respond" function? - ✅✅ Identify, analyze, and eradicate threats.
A company has an annual contract with an outside firm to perform a security audit
on their network. The purpose of the annual audit is to determine if the company is
in compliance with their internal directives and policies for security control. Select
the broad class of security control that accurately demonstrates the purpose of the
audit. - ✅✅ Managerial
The _____ requires federal agencies to develop security policies for computer
systems that process confidential information. - ✅✅ Computer Security Act
After a poorly handled security breach, a company updates its security policy to
include an improved incident response plan. Which of the following security
controls does this update address? - ✅✅ Corrective
The IT department head returns from an industry conference feeling inspired by a
presentation on the topic of cybersecurity frameworks. A meeting is scheduled
with IT staff to brainstorm ideas for deploying security controls by category and
function throughout the organization. Which of the following ideas are consistent
with industry definitions? - ✅✅ Deploy a technical control to enforce network
access policies.
Schedule quarterly security awareness workshops as a preventive control to
mitigate social engineering attacks.
Deploy agents to file servers to perform continuous backups to cloud storage as a
corrective control to mitigate the impact of malware.
Which of the following has a cyber security framework (CSF) that focuses
exclusively on IT security, rather than IT service provisioning? - ✅✅ National
Institute of Standards and Technology (NIST)
,When exploring the deep web, a user will need which of the following to find a
specific and hidden dark web site? - ✅✅ A specific URL
A company technician goes on vacation. While the technician is away, a critical
patch released for Windows servers is not applied. According to the National
Institute of Standards and Technology (NIST), what does the delay in applying the
patch create on the server? - ✅✅ Vulnerability
Which of the following is mostly considered an insider threat? - ✅✅- Former
employee
-Contractor
One aspect of threat modeling is to identify potential threat actors and the risks
associated with each one. When assessing the risk that any one type of threat actor
poses to an organization, what are the critical factors to profile? - ✅✅- Intent
-Motivation
A user with authorized access to systems in a software development firm installs a
seemingly harmless, yet unauthorized program on a workstation without the IT
department's sanction. Identify the type of threat that is a result of this user's action.
- ✅✅ Unintentional insider threat
A contractor has been hired to conduct security reconnaissance on a company. The
contractor browses the company's website to identify employees and then finds
their Facebook pages. Posts found on Facebook indicate a favorite bar that
employees frequent. The contractor visits the bar and learns details of the
company's security infrastructure through small talk. What reconnaissance phase
techniques does the contractor practice? - ✅✅ Open Source Intelligence (OSINT)
Social engineering
What is Open Source Intelligence (OSINT)? - ✅✅ Using web search tools and
social media to obtain information about the target
A security engineer investigates a recent system breach. When compiling a report
of the incident, how does the engineer classify the actor and the vector? - ✅✅
Threat
, An IT manager in the aviation sector checks the industry's threat intelligence feed
to keep up on the latest threats and ensure the work center implements the best
practices in the field. What type of threat intelligence source is the IT manager
most likely accessing? - ✅✅ An Information Sharing and Analysis Center (ISAC)
A Department of Defense (DOD) security team identifies a data breach in progress,
based on some anomalous log entries, and take steps to remedy the breach and
harden their systems. When they resolve the breach, they want to publish the cyber
threat intelligence (CTI) securely, using standardized language for other
government agencies to use. The team will transmit threat data feed via which
protocol? - ✅✅ Trusted Automated exchange of Indicator Information (TAXII)
Which of the following statements summarizes a disadvantage to performing an
active vulnerability scan? - ✅✅ -Active scanning consumes more network
bandwidth.
-Active scanning runs the risk of causing an outage.
An outside security consultant updates a company's network, including data cloud
storage solutions. The consultant leaves the manufacturer's default settings when
installing network switches, assuming the vendor shipped the switches in a default-
secure configuration. Examine the company's network security posture and select
the statements that describe key vulnerabilities in this network. - ✅✅ - The
network is open to third-party risks from using an outside contractor to configure
cloud storage settings.
- The default settings in the network switches represent a weak configuration.
A manufacturing company hires a pen testing firm to uncover any vulnerabilities in
their network with the understanding that the pen tester receives no information
about the company's system. Which of the following penetration testing strategies
is the manufacturing company requesting? - ✅✅ Black box
Examine each attack vector. Which is most vulnerable to escalation of privileges? -
✅✅ Operating System (OS)
A network administrator uses two different automated vulnerability scanners. They
regularly update with the latest vulnerability feeds. If the system regularly
performs active scans, what type of error is the system most likely to make? - ✅✅
False positive
Solutions
Which security related phrase relates to the integrity of data? - ✅✅ Modification
An organization stores data in different geographic locations for redundancy. This
data replicates so that it is the same in all locations. Engineers discover that some
replicas are lagging with updates. What configuration do the engineers discover as
the cause? - ✅✅ Asynchronous replication
A systems engineer configures a disk volume with a Redundant Array of
Independent Disks (RAID) solution. Which solution does the engineer utilize when
allowing for the failure of two disks? - ✅✅ Level 6
A systems engineer reviews recent backups for a production server. While doing
so, the engineer discovers that archive bits on files are clearing and incorrect
backup types have been occurring. Which backup type did the engineer intend to
use if the bit should not be cleared? - ✅✅ Differential
Management has reason to believe that someone internal to the organization is
committing fraud. To confirm their suspicion, and to collect evidence, they need to
set up a system to capture the events taking place. Evaluate which option will best
fit the organization's needs. - ✅✅ Honeypot
IT staff looks to provide a high level of fault tolerance while implementing a new
server. With which systems configuration approach does the staff achieve this
goal? - ✅✅ Focusing on critical components
An engineer looks to implement security measures by following the five functions
in the National Institute of Standards and Technology (NIST) Cybersecurity
Framework. When documenting the "detect" function, what does the engineer
focus on? - ✅✅ Ongoing proactive monitoring
Any external responsibility for an organization's security lies mainly with which
individuals? - ✅✅ The owner
,How might the goals of basic network management not be well-aligned with the
goals of security? - ✅✅ Management focuses on availability over confidentiality.
The National Institute of Standards and Technology (NIST) provides a framework
that classifies security-related functions. Which description aligns with the
"respond" function? - ✅✅ Identify, analyze, and eradicate threats.
A company has an annual contract with an outside firm to perform a security audit
on their network. The purpose of the annual audit is to determine if the company is
in compliance with their internal directives and policies for security control. Select
the broad class of security control that accurately demonstrates the purpose of the
audit. - ✅✅ Managerial
The _____ requires federal agencies to develop security policies for computer
systems that process confidential information. - ✅✅ Computer Security Act
After a poorly handled security breach, a company updates its security policy to
include an improved incident response plan. Which of the following security
controls does this update address? - ✅✅ Corrective
The IT department head returns from an industry conference feeling inspired by a
presentation on the topic of cybersecurity frameworks. A meeting is scheduled
with IT staff to brainstorm ideas for deploying security controls by category and
function throughout the organization. Which of the following ideas are consistent
with industry definitions? - ✅✅ Deploy a technical control to enforce network
access policies.
Schedule quarterly security awareness workshops as a preventive control to
mitigate social engineering attacks.
Deploy agents to file servers to perform continuous backups to cloud storage as a
corrective control to mitigate the impact of malware.
Which of the following has a cyber security framework (CSF) that focuses
exclusively on IT security, rather than IT service provisioning? - ✅✅ National
Institute of Standards and Technology (NIST)
,When exploring the deep web, a user will need which of the following to find a
specific and hidden dark web site? - ✅✅ A specific URL
A company technician goes on vacation. While the technician is away, a critical
patch released for Windows servers is not applied. According to the National
Institute of Standards and Technology (NIST), what does the delay in applying the
patch create on the server? - ✅✅ Vulnerability
Which of the following is mostly considered an insider threat? - ✅✅- Former
employee
-Contractor
One aspect of threat modeling is to identify potential threat actors and the risks
associated with each one. When assessing the risk that any one type of threat actor
poses to an organization, what are the critical factors to profile? - ✅✅- Intent
-Motivation
A user with authorized access to systems in a software development firm installs a
seemingly harmless, yet unauthorized program on a workstation without the IT
department's sanction. Identify the type of threat that is a result of this user's action.
- ✅✅ Unintentional insider threat
A contractor has been hired to conduct security reconnaissance on a company. The
contractor browses the company's website to identify employees and then finds
their Facebook pages. Posts found on Facebook indicate a favorite bar that
employees frequent. The contractor visits the bar and learns details of the
company's security infrastructure through small talk. What reconnaissance phase
techniques does the contractor practice? - ✅✅ Open Source Intelligence (OSINT)
Social engineering
What is Open Source Intelligence (OSINT)? - ✅✅ Using web search tools and
social media to obtain information about the target
A security engineer investigates a recent system breach. When compiling a report
of the incident, how does the engineer classify the actor and the vector? - ✅✅
Threat
, An IT manager in the aviation sector checks the industry's threat intelligence feed
to keep up on the latest threats and ensure the work center implements the best
practices in the field. What type of threat intelligence source is the IT manager
most likely accessing? - ✅✅ An Information Sharing and Analysis Center (ISAC)
A Department of Defense (DOD) security team identifies a data breach in progress,
based on some anomalous log entries, and take steps to remedy the breach and
harden their systems. When they resolve the breach, they want to publish the cyber
threat intelligence (CTI) securely, using standardized language for other
government agencies to use. The team will transmit threat data feed via which
protocol? - ✅✅ Trusted Automated exchange of Indicator Information (TAXII)
Which of the following statements summarizes a disadvantage to performing an
active vulnerability scan? - ✅✅ -Active scanning consumes more network
bandwidth.
-Active scanning runs the risk of causing an outage.
An outside security consultant updates a company's network, including data cloud
storage solutions. The consultant leaves the manufacturer's default settings when
installing network switches, assuming the vendor shipped the switches in a default-
secure configuration. Examine the company's network security posture and select
the statements that describe key vulnerabilities in this network. - ✅✅ - The
network is open to third-party risks from using an outside contractor to configure
cloud storage settings.
- The default settings in the network switches represent a weak configuration.
A manufacturing company hires a pen testing firm to uncover any vulnerabilities in
their network with the understanding that the pen tester receives no information
about the company's system. Which of the following penetration testing strategies
is the manufacturing company requesting? - ✅✅ Black box
Examine each attack vector. Which is most vulnerable to escalation of privileges? -
✅✅ Operating System (OS)
A network administrator uses two different automated vulnerability scanners. They
regularly update with the latest vulnerability feeds. If the system regularly
performs active scans, what type of error is the system most likely to make? - ✅✅
False positive
