Information Technology / CompTIA Security+ 701 Practice Test 2

CompTIA Security+ 701 Practice Test 2

Information Technology86 CardsCreated 9 months ago

These flashcards cover fundamental security principles and controls, including the CIA triad (Confidentiality, Integrity, Availability), types of controls like managerial, operational, and deterrent controls, and their application in maintaining secure systems and practices.

Report

Which of the following is a primary goal of the CIA triad?
A. Integrity
B. Non-repudiation
C. Authentication
D. Authorization

Integrity

A component of the CIA triad, which stands for Confidentiality, Integrity, and Availability.

Rate to track your progress ✦

Tap to flipTap or swipe ↕ to flip

Space↑↓

←→Swipe ←→Navigate

SSpeak

FFocus

1/86

Key Terms

Term

Definition

Which of the following is a primary goal of the CIA triad?

A. Integrity
B. Non-repudiation
C. Authentication
D. Authorization

Integrity

A component of the CIA triad, which stands for Confidentiality, Integrity, an...

What is the main purpose of managerial controls?

A. To detect anomalies or intrusions
B. To mandate specific actions or processes
C. To physically secure assets
D. To establish policies and procedures

To establish policies and procedures

Managerial controls establish policies, procedures...

Which of the following is an example of an operational control?

A. Incident response plan
B. Security policy
C. Access badge
D. Firewall

Incident response plan

An operational control as it involves day-to-day security operat...

Which type of control is primarily focused on discouraging potential attacks?

A. Corrective
B. Deterrent
C. Detective
D. Directive

Deterrent

Deterrent controls focus on discouraging potential attacks.

What type of security control is a biometric authentication system?

A. Physical
B. Managerial
C. Technical
D. Operational

Technical

As it involves hardware or software.

Which of the following is NOT a component of the Zero Trust model?

A. Policy Enforcement Point
B. Policy Engine
C. Policy Administrator
D. Policy Execution Point

Policy Execution Point

Not a component of the Zero Trust model.

Which cryptographic solution ensures data remains unreadable if intercepted during transmission between two parties?

A. Digital signatures
B. Transport/communication encryption
C. Hashing
D. Key stretching

Transport/communication encryption

Ensures data confidentiality during transmission.

What distinguishes a serverless architecture?

A. Offloading server management tasks to cloud providers and only focusing on application code.
B. Only using physical servers.
C. The complete absence of servers in the infrastructure.
D. The use of virtual machines instead of physical servers.

Offloading server management tasks to cloud providers and only focusing on application code.

When designing a cloud infrastructure, which of the following best describes “Infrastructure as Code” (IaC)?

A. Applying real-time patches to cloud servers.
B. Utilizing third-party software for infrastructure management.
C. Managing and provisioning computing resources using machine-readable definition files.
D. The use of cloud services for database storage.

Managing and provisioning computing resources using machine-readable definition files.

...

In securing an enterprise infrastructure, why is the concept of “Attack surface” critical?

A. It relates to the physical placement of network devices.
B. It represents all the potential vulnerabilities and entry points an attacker could exploit.
C. It determines the maximum traffic a network can handle.
D. It defines the list of approved devices for a network.

It represents all the potential vulnerabilities and entry points an attacker could exploit.

Which of the following firewall types focuses specifically on the security of web applications by inspecting HTTP traffic?

A. Layer 4 firewall
B. Next-generation firewall (NGFW)
C. Unified threat management (UTM)
D. Web application firewall (WAF)

Web application firewall (WAF)

Specifically designed to inspect web traffic and protect...

What primary security benefit does an Extensible Authentication Protocol (EAP) provide?

A. It actively blocks malicious web traffic.
B. It offers a framework for secure authentication on wireless networks and Point-to-Point connections.
C. It defines network zones.
D. It encrypts data at rest.

It offers a framework for secure authentication on wireless networks and Point-to-Point connections.

A company needs a solution to ensure its remote workers can securely access the corporate network. Which of the following is best suited for this purpose?

A. Load balancer
B. Software-defined wide area network (SD-WAN)
C. Virtual private network (VPN)
D. Intrusion prevention system (IPS)

Virtual private network (VPN)

Allow remote workers to securely connect to corporate net...

When considering the benefits of automation in security operations, which advantage focuses on the ability of automation to replicate the workload of many employees with fewer resources?

A. Workforce multiplier
B. Scaling in a secure manner
C. Enforcing baselines
D. Efficiency/time saving

Workforce multiplier

Signifies achieving more with fewer resources due to automation.

An organization has a predetermined level at which risks need immediate attention and possible action. This level is known as:

A. Risk analysis
B. Risk threshold
C. Risk identification
D. Risk appetite

Risk threshold

Represents a boundary beyond which risks require immediate attention.

Which concept in risk management helps an organization to identify how much total financial loss they can expect over a year due to potential risks?

A. Risk scenario
B. Annualized loss expectancy (ALE)
C. Risk factor
D. Single loss expectancy (SLE)

Annualized loss expectancy (ALE)

Quantifies the expected financial loss over a year.

Related Flashcard Decks

Information Technology

Introduction to Database Management and Computer Systems

This deck covers fundamental concepts in database management systems and computer systems, including data models, SQL, and system architecture.

10 cards

View Deck

Information Technology

Java Programming Concepts

This deck covers key concepts in Java programming, including classes, methods, constructors, and object-oriented principles. It includes examples of using classes like Rectangle, Point, Student, and more, with a focus on understanding object creation, method calls, and class interactions.

30 cards

View Deck

Information Technology

DOD Cyber Awareness Challenge 2025 Knowledge check-1 Part 2

This deck covers the key concepts and safety practices from the DOD Cyber Awareness Challenge 2025, focusing on social networking, mobile security, insider threats, and more.

20 cards

View Deck

Information Technology

Controlled Unclassified Information (CUI) Training

This deck covers key concepts and guidelines related to Controlled Unclassified Information (CUI) as outlined in the DoD CUI program.

15 cards

View Deck

Information Technology

Cyber Awareness Challenge 2024 (Knowledge Pre-Check)

This deck covers key concepts and best practices for cyber awareness, including handling classified information, social networking, teleworking, and more.

21 cards

View Deck

Information Technology

Personally Identifiable Information Part 1

This deck covers key concepts related to the management and protection of Personally Identifiable Information (PII), including legal responsibilities, privacy impact assessments, and safeguards.

15 cards

View Deck

Information Technology

DOD Cyber Awareness Challenge 2025 Knowledge Check-1 Part 1

This flashcard deck covers key concepts from the DOD Cyber Awareness Challenge 2025, including best practices for online security, identity protection, and appropriate use of government resources.

20 cards

View Deck

Information Technology

Personally Identifiable Information Part 2

This deck covers key concepts related to the protection and management of Personally Identifiable Information (PII), including common threats, compliance requirements, and safeguarding measures.

15 cards

View Deck

Information Technology

Animation and Games CodeHS Part 5

A set of flashcards covering key concepts from CodeHS Part 5: Animation and Games, including circles, shapes, and event handling.

11 cards

View Deck

CompTIA Security+ 701 Practice Test 2

Term	Definition
Which of the following is a primary goal of the CIA triad? A. Integrity B. Non-repudiation C. Authentication D. Authorization	Integrity A component of the CIA triad, which stands for Confidentiality, Integrity, and Availability.
What is the main purpose of managerial controls? A. To detect anomalies or intrusions B. To mandate specific actions or processes C. To physically secure assets D. To establish policies and procedures	To establish policies and procedures Managerial controls establish policies, procedures, and governance.
Which of the following is an example of an operational control? A. Incident response plan B. Security policy C. Access badge D. Firewall	Incident response plan An operational control as it involves day-to-day security operations.
Which type of control is primarily focused on discouraging potential attacks? A. Corrective B. Deterrent C. Detective D. Directive	Deterrent Deterrent controls focus on discouraging potential attacks.
What type of security control is a biometric authentication system? A. Physical B. Managerial C. Technical D. Operational	Technical As it involves hardware or software.
Which of the following is NOT a component of the Zero Trust model? A. Policy Enforcement Point B. Policy Engine C. Policy Administrator D. Policy Execution Point	Policy Execution Point Not a component of the Zero Trust model.
What is the primary purpose of key stretching? A. To revoke digital certificates. B. To encrypt data for secure transmission. C. To hide data within other data. D. To increase the computational effort required to brute force a password.	To increase the computational effort required to brute force a password. Key stretching is a technique used to make brute force attacks more computationally intensive and time-consuming by repeatedly hashing a password.
What is the primary purpose of a backout plan in the change management process? A. To schedule a specific time frame for performing maintenance or changes to the IT systems. B. To keep track of changes made to documents, code, or other collections of information. C. To identify and analyze the impact of the change on various stakeholders. D. To define the steps to revert to the original state if the change is unsuccessful.	To define the steps to revert to the original state if the change is unsuccessful. A backout plan is a plan that defines the steps to revert to the original state if the change is unsuccessful or causes unforeseen problems.
What is the primary purpose of salting in cryptographic solutions? A. To verify the integrity and authenticity of a digital message or document. B. To replace sensitive data with non-sensitive placeholders. C. To add randomness to a password before hashing it. D. To securely store a copy of cryptographic keys.	To add randomness to a password before hashing it. Salting is the process of adding random data, called a salt, to a password before hashing it. This ensures that the same password will produce different hash values, making it more resistant to rainbow table attacks.
What is the primary purpose of a certificate revocation list (CRL)? A. To securely generate, store, and manage cryptographic keys. B. To issue digital certificates. C. To list digital certificates that have been revoked by the certificate authority (CA). D. To encrypt data for secure transmission.	To list digital certificates that have been revoked by the certificate authority. A certificate revocation list (CRL) is a list of digital certificates that have been revoked by the certificate authority (CA) and are no longer valid.
Which of the following is a form of obfuscation? A. Data masking B. Key escrow C. Key stretching D. Key exchange	Data masking A form of obfuscation where sensitive data is replaced with fictitious or non-sensitive data.
Which of the following best describes the motivations of a threat actor involved in data exfiltration? A. Espionage B. Service disruption C. Ethical D. Philosophical/political beliefs	Espionage Involves collecting, processing, and analyzing information that is of strategic or tactical value, which includes data exfiltration.
An attacker tricks a user into visiting a malicious website that appears to be identical to a legitimate site. Once on the site, the user unknowingly enters their login credentials, which the attacker captures. This type of attack is known as: A. Watering hole B. Typosquatting C. Pretexting D. Phishing	Phishing Involves tricking a target into revealing sensitive information, often by creating fake websites that appear to be legitimate.
Which of the following best describes the attributes of an internal threat actor? A. Level of sophistication/capability B. Resources/funding C. Insider threat D. Organized crime	Insider threat This directly refers to an internal threat actor as it’s someone within the organization.
Which of the following motivations is most commonly associated with shadow IT activities? A. Disruption/chaos B. Philosophical/political beliefs C. War D. Blackmail	Disruption/chaos Shadow IT involves using unauthorized devices or software within an organization, which can lead to disruption or chaos due to lack of control and potential security risks.
An attacker registers a domain that is a common misspelling of a legitimate domain. The attacker sets up a website on the malicious domain that appears to be identical to the legitimate site to deceive users into entering their login credentials. This type of attack is known as: A. Phishing B. Brand impersonation C. Watering hole D. Typosquatting	Typosquatting Specifically involves registering domains that are similar to legitimate ones to deceive users, which matches the scenario described.
Which cryptographic solution ensures data remains unreadable if intercepted during transmission between two parties? A. Digital signatures B. Transport/communication encryption C. Hashing D. Key stretching	Transport/communication encryption Ensures data confidentiality during transmission.
Which of the following vulnerabilities is specific to cloud infrastructure? A. Side loading B. Time-of-check (TOC) C. Firmware D. Cloud-specific	Cloud-specific Pertains specifically to cloud infrastructures.
An attacker who gains access by leveraging a gap between when a vulnerability is found and when it’s fixed is exploiting: A. Zero-day B. End-of-life vulnerability C. Misconfiguration D. Legacy vulnerability	Zero-day A vulnerability that is known but not yet fixed, giving attackers this window to exploit.
Malware designed to spread without user intervention and replicate itself is called: A. Ransomware B. Keylogger C. Trojan D. Worm	Worm Designed to spread and replicate without user intervention.
In the context of Public Key Infrastructure (PKI), what is the main function of a Certificate Authority (CA)? A. Issuing and verifying digital certificates B. Generating a private key for end-users C. Creating honeypots to trap attackers D. Obfuscating data for storage	Issuing and verifying digital certificates Certificate Authorities (CAs) are responsible for issuing digital certificates and validating the entities’ identities.
What is the primary goal of a Distributed Denial-of-Service (DDoS) attack? A. To guess user passwords B. To overwhelm resources and disrupt service availability C. To intercept and modify data in transit D. To introduce malicious code into a network	To overwhelm resources and disrupt service availability DDoS attacks flood resources to disrupt services and make them unavailable.
In the context of vulnerabilities, what does “Time-of-use (TOU)” refer to? A. The time an application is most actively used by employees. B. The recommended usage time of an application for optimum performance. C. The moment a resource is accessed in a race condition. D. The duration a software has been in use in an organization.	The moment a resource is accessed in a race condition. Time-of-use (TOU) is about accessing the resource, especially when discussing race conditions.
An administrator notices a sudden spike in system resource consumption, especially bandwidth, with no obvious reason. What might this indicate? A. A scheduled backup process B. Regular software updates C. An ongoing Distributed Denial-of-Service (DDoS) attack D. An impending hardware failure	An ongoing Distributed Denial-of-Service (DDoS) attack Sudden and unexplained spikes in resource consumption, especially bandwidth, may indicate a DDoS attack.
A security consultant recommends restricting software that can run on systems to a known list of accepted programs. This is an example of: A. Application allow list B. Patching C. Configuration enforcement D. Decommissioning	Application allow list Specifies approved applications that can run on systems.
Which of the following is NOT a mitigation technique used to secure an enterprise? A. Least privilege B. Access control C. Side loading D. Hardening techniques	Side loading Related to mobile devices, not a mitigation technique.
What distinguishes a serverless architecture? A. Offloading server management tasks to cloud providers and only focusing on application code. B. Only using physical servers. C. The complete absence of servers in the infrastructure. D. The use of virtual machines instead of physical servers.	Offloading server management tasks to cloud providers and only focusing on application code. Serverless architectures allow developers to focus on code, while the cloud provider manages server provisioning and scaling.
When designing a cloud infrastructure, which of the following best describes “Infrastructure as Code” (IaC)? A. Applying real-time patches to cloud servers. B. Utilizing third-party software for infrastructure management. C. Managing and provisioning computing resources using machine-readable definition files. D. The use of cloud services for database storage.	Managing and provisioning computing resources using machine-readable definition files. Infrastructure as Code (IaC) allows for automatic setup, modification, and management of infrastructure using code.
A type of malware that holds user data hostage by encrypting it and demanding payment for the decryption key is known as: A. Worm B. Logic bomb C. Spyware D. Ransomware	Ransomware Encrypts data and demands payment for decryption.
Which of the following best defines software-defined networking (SDN)? A. It is a protocol used for web traffic encryption. B. A networking approach where network control is decoupled from forwarding hardware and is given to a software application. C. It involves the use of physical switches and routers only. D. A network solely built for high availability.	A networking approach where network control is decoupled from forwarding hardware and is given to a software application. SDN allows dynamic, programmatically efficient network configuration.
For an organization that needs to manage its own hardware and have complete control over its data, which architecture is most appropriate? A. Microservices B. Serverless C. Hybrid D. On-premises	On-premises Solutions that give organizations complete control over their hardware and data.
A security engineer is trying to ensure a particular service is only active when needed and not continuously running. Which principle is he emphasizing? A. Responsiveness B. Cost-effectiveness C. High availability D. Scalability	Cost-effectiveness By ensuring services only run when needed, the engineer can reduce unnecessary costs.
In securing an enterprise infrastructure, why is the concept of “Attack surface” critical? A. It relates to the physical placement of network devices. B. It represents all the potential vulnerabilities and entry points an attacker could exploit. C. It determines the maximum traffic a network can handle. D. It defines the list of approved devices for a network.	It represents all the potential vulnerabilities and entry points an attacker could exploit. Minimizing the attack surface helps to reduce the potential risks and vulnerabilities.
Which of the following firewall types focuses specifically on the security of web applications by inspecting HTTP traffic? A. Layer 4 firewall B. Next-generation firewall (NGFW) C. Unified threat management (UTM) D. Web application firewall (WAF)	Web application firewall (WAF) Specifically designed to inspect web traffic and protect web applications.
What primary security benefit does an Extensible Authentication Protocol (EAP) provide? A. It actively blocks malicious web traffic. B. It offers a framework for secure authentication on wireless networks and Point-to-Point connections. C. It defines network zones. D. It encrypts data at rest.	It offers a framework for secure authentication on wireless networks and Point-to-Point connections. Extensible Authentication Protocol (EAP) provides support for multiple authentication mechanisms and is widely used in wireless networks.
A company needs a solution to ensure its remote workers can securely access the corporate network. Which of the following is best suited for this purpose? A. Load balancer B. Software-defined wide area network (SD-WAN) C. Virtual private network (VPN) D. Intrusion prevention system (IPS)	Virtual private network (VPN) Allow remote workers to securely connect to corporate networks over the internet.
In the event of a network device failure, which mode ensures that no traffic is allowed through the device? A. Inline B. Tap/monitor mode C. Fail-open D. Fail-closed	Fail-closed The device will stop all traffic when it fails to ensure security.
In a cloud environment, which practice ensures that only necessary services are running, limiting the potential attack surface? A. Using heat maps for deployment. B. Implementing a BYOD policy. C. Establishing a secure baseline. D. Enabling all available plugins.	Establishing a secure baseline. Defines a standard for a secure state of systems and ensures only necessary services run.
Which wireless security protocol provides the strongest encryption and security capabilities as of the most recent standards? A. WPA. B. Open authentication. C. WEP. D. WPA3.	WPA3. The latest and most secure version of the Wi-Fi Protected Access protocol.
Why might an organization opt for a Corporate-owned, personally enabled (COPE) model for mobile devices? A. To maintain tighter control over device security while allowing personal use. B. To completely restrict personal use of the device. C. To ensure employees pay for their own devices. D. To allow employees to pick any device they prefer.	To maintain tighter control over device security while allowing personal use. COPE devices are company-owned but can still be used for personal tasks.
If a company needs to ensure that old hard drives are entirely unreadable, which process would be the most thorough? A. Physical destruction. B. Deleting all files. C. Renaming the drive. D. Formatting the drive.	Physical destruction. Physically damaging the drive makes it virtually impossible to recover data.
Which process in software development aims to identify potential security flaws by examining the application’s code without executing it? A. Static code analysis. B. Penetration testing. C. Dynamic analysis. D. Input validation.	Static code analysis. Examining the source code without running the application.
In vulnerability management, which component would provide real-time updates on emerging threats and vulnerabilities? A. Static code analysis. B. Penetration testing report. C. Threat feed. D. System/process audit.	Threat feed. Provides continuous data streams about new and emerging threats and vulnerabilities.
How does the Common Vulnerability Scoring System (CVSS) assist organizations in vulnerability management? A. It lists all software without vulnerabilities. B. It identifies new vulnerabilities. C. It offers a standardized method for rating the severity of vulnerabilities. D. It provides patches for known vulnerabilities.	It offers a standardized method for rating the severity of vulnerabilities. CVSS provides a framework for assessing vulnerability impact.
An organization that cannot immediately address a vulnerability due to operational requirements might issue a formal document to allow its temporary existence. What is this document called? A. Exception. B. Remediation protocol. C. Validation report. D. Risk appetite statement.	Exception. A formal allowance for non-compliance or deviation from expected security controls.
What is the primary goal of a Responsible Disclosure Program? A. To rank companies based on their security posture. B. To provide a structured process for reporting vulnerabilities to organizations. C. To publicly shame companies with vulnerabilities. D. To monetize vulnerabilities.	To provide a structured process for reporting vulnerabilities to organizations. Encourages ethical behavior in reporting and allows organizations to address them securely.
In order to enhance web security, a company wants to filter web traffic based on website reputation. Which tool or feature should they employ? A. Email security gateway B. Firewall rules C. Network segmentation D. Web filter reputation	Web filter reputation Categorizes and filters web traffic based on the reputation of websites.
Given an application that regularly experiences performance degradation, which tool would be best suited to gather long-term performance data for analysis? A. Simple Network Management Protocol (SNMP) traps B. Antivirus C. Security Content Automation Protocol (SCAP) D. File integrity monitoring	Simple Network Management Protocol (SNMP) traps Can provide alerts and gather data about performance and other system metrics.
When an organization allows employees to access corporate resources using their personal devices, which tool would be crucial to ensuring security and policy compliance for these devices? A. Group Policy B. File integrity monitoring C. Network access control (NAC) D. URL scanner	Network access control (NAC) Determines which devices can connect to the network based on compliance with security policies.
In a scenario where you need to enforce security settings across multiple Windows machines in an enterprise, which tool would be most appropriate? A. NAC B. Group Policy C. SNMP traps D. Security Content Automation Protocol (SCAP)	Group Policy Allows administrators to implement specific configurations for users and computers within an Active Directory environment.
Which of the following ensures that the sender of an email has permission to send emails on behalf of a domain and reduces the chance of spoofing? A. Endpoint detection and response (EDR) B. Sender Policy Framework (SPF) C. Data loss prevention (DLP) D. DMARC	Sender Policy Framework (SPF) Verifies if the mail server sending the email is authorized to send emails for the domain.
A user has been given temporary elevated access to a database for a specific task. Which concept best describes this kind of permission granting? A. Role-based access control B. Multifactor authentication C. Discretionary access control D. Just-in-time permissions	Just-in-time permissions Involves providing elevated permissions temporarily.
Which of the following is NOT a type of access control? A. Rule-based access control B. Traffic-based access control C. Mandatory access control D. Discretionary access control	Traffic-based access control No common access control type with this name.
For which of the following reasons might an organization use a password vault? A. To securely store multiple passwords B. To monitor network traffic C. To implement single sign-on D. To enhance password complexity	To securely store multiple passwords Designed to keep various passwords in an encrypted format.
An organization wishes to enable single sign-on (SSO) capabilities to streamline access to multiple applications. Which protocol is commonly associated with this functionality? A. Security Assertions Markup Language (SAML) B. Multifactor authentication C. Lightweight Directory Access Protocol (LDAP) D. DMARC	Security Assertions Markup Language (SAML) Provides a standard for exchanging authentication and authorization data between parties and is commonly used for SSO.
Which of the following accurately describes the “Something you are” factor in multifactor authentication? A. A security key B. A password or PIN C. A specific gesture or voice command D. A fingerprint or retina scan	A fingerprint or retina scan You are your fingerprint/retinal pattern.
When implementing multifactor authentication, what describes the “Something you have” factor? A. Security key B. PIN C. Fingerprint D. Password	Security key A physical item or device a user possesses, relating to the “Something you have” factor.
When considering automation in security operations, which term refers to automatically granting a new user the appropriate access rights and resources? A. Ticket creation B. Continuous integration and testing C. User provisioning D. Guard rails	User provisioning Refers to the creation and management of user accounts and access rights within systems.
In the incident response process, what is the primary objective during the “containment” phase? A. Gathering digital evidence for legal actions B. Analyzing the root cause of the incident C. Preventing the incident from causing further damage D. Restoring affected systems to their normal function	Preventing the incident from causing further damage The containment phase aims to limit the spread of an incident.
When considering the benefits of automation in security operations, which advantage focuses on the ability of automation to replicate the workload of many employees with fewer resources? A. Workforce multiplier B. Scaling in a secure manner C. Enforcing baselines D. Efficiency/time saving	Workforce multiplier Signifies achieving more with fewer resources due to automation.
Which of the following log types would provide the most direct insights into a suspicious application’s behavior on a specific host? A. Application logs B. Firewall logs C. IPS/IDS logs D. Network logs	Application logs Provide detailed information about specific application behaviors and activities.
During a digital forensic investigation, ensuring that digital evidence remains intact and unchanged during collection is known as maintaining what? A. Chain of custody B. Legal hold C. E-discovery D. Reporting	Chain of custody Ensures that evidence remains untouched and is transferred and stored correctly.
What aspect of automation can potentially introduce new challenges or issues if not managed properly? A. Enforcing baselines B. Workforce multiplier C. Efficiency/time saving D. Complexity	Complexity Over-automation or poorly planned automation can introduce unnecessary complexities.
An organization is trying to understand the vulnerabilities present in their network. Which of the following data sources would be most appropriate for this purpose? A. OS-specific security logs B. Firewall logs C. Network logs D. Vulnerability scans	Vulnerability scans Specifically identify and report potential vulnerabilities within a network.
In the context of governance structures, which of the following is responsible for ensuring the integrity, reliability, and accuracy of data within an organization? A. Owner B. Controller C. Custodian/steward D. Processor	Custodian/steward Responsible for the day-to-day management and protection of data.
Which part of the incident response process involves a systematic process to identify and address the underlying cause of an incident? A. Eradication B. Containment C. Detection D. Recovery	Eradication Removing the root cause of the incident.
Which document would an organization use to establish guidelines for acceptable behavior by users of the company’s IT resources? A. Acceptable use policy (AUP) B. Password policy C. Onboarding/offboarding procedure D. Change management procedure	Acceptable use policy (AUP) Establishes what behaviors are acceptable when using the company’s IT resources.
When conducting a risk assessment, which method focuses on the potential financial losses associated with risks? A. Qualitative B. Recurring C. Quantitative D. Ad hoc	Quantitative Evaluates risks based on numerical values, often representing financial figures.
Which risk management strategy is implemented when an organization buys insurance to cover potential losses from a specific risk? A. Accept B. Transfer C. Mitigate D. Avoid	Transfer The organization is passing the financial burden of a risk to another entity, like an insurance company.
In third-party risk assessment, what term describes the explicit boundaries and behaviors that should be followed during a penetration test? A. Right-to-audit clause B. Questionnaires C. Rules of engagement D. Vendor selection criteria	Rules of engagement Defines the scope, methods, and boundaries during assessments like penetration testing.
An organization has a predetermined level at which risks need immediate attention and possible action. This level is known as: A. Risk analysis B. Risk threshold C. Risk identification D. Risk appetite	Risk threshold Represents a boundary beyond which risks require immediate attention.
When an organization decides to stop a project or close a business segment to avoid a potential risk, they are employing which risk management strategy? A. Avoid B. Transfer C. Mitigate D. Accept	Avoid Taking action to ensure the risk doesn’t materialize.
In the context of third-party risk assessment, which document provides a detailed understanding between two organizations without a legally binding commitment? A. Service-level agreement (SLA) B. Memorandum of understanding (MOU) C. Master service agreement (MSA) D. Work order (WO)	Memorandum of understanding (MOU) Signifies a mutual understanding between parties without legal obligations.
Which concept in risk management helps an organization to identify how much total financial loss they can expect over a year due to potential risks? A. Risk scenario B. Annualized loss expectancy (ALE) C. Risk factor D. Single loss expectancy (SLE)	Annualized loss expectancy (ALE) Quantifies the expected financial loss over a year.
An organization has a policy that requires employees to lock their computer screens when they are away from their desks. This policy is primarily aimed at preventing which of the following? A. Malware infections B. Data breaches from external attackers C. Unauthorized access by internal entities D. Hardware theft	Unauthorized access by internal entities Locking screens prevents opportunistic or malicious access by co-workers or other internal personnel.
A company wants to determine where personal data is stored, processed, and transmitted within its environment. This process is best described as: A. Data inventory B. Data categorization C. Data masking D. Data attestation	Data inventory Identifying and cataloging data within an organization.
If an individual wants to ensure their personal data is deleted from an online service’s database, this is termed as: A. Data retention B. Right to be forgotten C. Data masking D. Data categorization	Right to be forgotten An individual’s right to have their personal data deleted.
A third-party organization is employed by a bank to review its financial transactions to ensure there’s no fraud or anomalies. This is an example of: A. Self-assessment B. Attestation C. Independent third-party audit D. Internal audit	Independent third-party audit An external party reviewing an organization’s operations.
An organization periodically sends its employees simulated phishing emails to test their ability to recognize malicious attempts. This is an example of: A. Phishing campaigns B. Data masking C. Reporting and monitoring D. Anomalous behavior recognition	Phishing campaigns Simulated attempts to test users’ ability to recognize phishing.
During penetration testing, the testers only have knowledge about the specific IT systems they are supposed to test. This scenario is termed as: A. Active reconnaissance B. Unknown environment C. Partially known environment D. Known environment	Partially known environment Testers have knowledge about certain systems but not everything.
What is the main goal of conducting external examinations in an organization? A. To verify the organization’s compliance with external regulations. B. To review the organization’s marketing strategies. C. To promote employees internally. D. To hire new employees.	To verify the organization’s compliance with external regulations. External examinations aim to ensure compliance with regulations.
When an employee is taught the dangers of writing down passwords or storing them in easily accessible locations, this training is primarily to prevent which type of threat? A. Social engineering B. Insider threat C. Phishing campaigns D. Anomalous behavior	Insider threat Encompasses threats posed by individuals within an organization, such as employees mishandling sensitive information.
In the context of privacy, which entity primarily determines how personal data is stored and for how long? A. Processor B. IT administrator C. Controller D. Data subject	Controller Decide how personal data should be stored and the duration for the same.
During a security awareness session, employees are informed of the dangers of disclosing their work details in online forums or social media. This training aims to mitigate which of the following threats? A. Password attacks B. Operational security breaches C. Insider threat D. Phishing	Operational security breaches Maintaining operational information, including non-disclosure of sensitive operational details.
If an organization is seeking to understand the potential consequences of not adhering to a newly implemented data protection regulation, they are primarily concerned with: A. Privacy implications B. Data inventory C. Compliance reporting D. Consequences of non-compliance	Consequences of non-compliance Focuses on understanding the repercussions of not adhering to regulations.
Which cryptographic method involves hiding a message within another message or image, such that it’s not detectable? A. Tokenization B. Full-disk encryption C. Steganography D. Key exchange	Steganography The technique of hiding data within other data.

Learning Tools

Writing Tools

Browse Resources

CompTIA Security+ 701 Practice Test 2

Which of the following is a primary goal of the CIA triad?
A. Integrity
B. Non-repudiation
C. Authentication
D. Authorization

Key Terms

Related Flashcard Decks

Company

Explore

Study Tools

Learning Tools

Writing Tools

Browse Resources

CompTIA Security+ 701 Practice Test 2

Which of the following is a primary goal of the CIA triad?A. IntegrityB. Non-repudiationC. AuthenticationD. Authorization

Key Terms

Related Flashcard Decks

Which of the following is a primary goal of the CIA triad?
A. Integrity
B. Non-repudiation
C. Authentication
D. Authorization