CompTIA Security Plus Mock Test Q1713

The chief Security Officer (CSO) has reported a rise in data loss but no break ins have occurred. By doing which of the following is the CSO most likely to reduce the number of incidents?

A. Implement protected distribution
B. Empty additional firewalls
C. Conduct security awareness training
D. Install perimeter barricades

Correct Answer: A
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1688

A company is investigating a data compromise where data exfiltration occurred. Prior to the investigation, the supervisor terminates an employee as a result of the suspected data loss. During the investigation, the supervisor is absent for the interview, and little evidence can be provided form the role-based authentication system in use by the company. The situation can be identified for future mitigation as which of the following?

A.
Job rotation
B. Log failure
C. Lack of training
D. Insider threat

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1562

The chief security officer (CSO) has reported a rise in data loss but no break-ins have occurred. By doing which of the following would the CSO MOST likely to reduce the number of incidents?

A. Implement protected distribution
B. Employ additional firewalls
C. Conduct security awareness training
D. Install perimeter barricades


Correct Answer: C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1115

Which of the following is a requirement when implementing PKI if data loss is unacceptable?

A. Web of trust
B. Non-repudiation
C. Key escrow
D. Certificate revocation list


Correct Answer: C
Section: Cryptography

Explanation:
Key escrow is a database of stored keys that later can be retrieved.
Key escrow addresses the possibility that a third party may need to access keys. Under the conditions of key escrow, the keys needed to encrypt/decrypt data are held in an escrow
account (think of the term as it relates to home mortgages) and made available if that third party requests them. The third party in question is generally the government, but it could
also be an employer if an employee’s private messages have been called into question.

Incorrect Answers:
A: Web of trust is not used within the PKI domain. It is an alternative approach.
A web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and its owner. Its
decentralized trust model is an alternative to the centralized trust model of a public key infrastructure (PKI), which relies exclusively on a certificate authority (or a hierarchy of such).
B: Nonrepudiation is a means of ensuring that transferred data is valid. Nonrepudiation is not used to store data.
D: A certification list is just a database of revoked keys and certificates, and does not store any other information.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 262, 279-289, 285

CompTIA Security Plus Mock Test Q836

A security administrator has implemented a policy to prevent data loss. Which of the following is the BEST method of enforcement?

A. Internet networks can be accessed via personally-owned computers.
B. Data can only be stored on local workstations.
C. Wi-Fi networks should use WEP encryption by default.
D. Only USB devices supporting encryption are to be used.

Correct Answer: D
Section: Application, Data and Host Security

Explanation:
The concern for preventing data loss is the concern for maintaining data confidentiality. This can be accomplished through encryption, access controls, and steganography.
USB encryption is usually provided by the vendor of the USB device. It is not included on all USB devices.

Incorrect Answers:
A: Allowing personally-owned computers to access the intranet or internet would not prevent data loss. Allowing them to access the intranet would increase the risk of data loss while
allowing them to access the internet would be of no consequence.
B: Storing data on local workstations does not reduce the risk of data loss as the data can still be accessed if it is not encrypted.
C: Wired Equivalent Privacy (WEP) is the original wireless encryption standard that has inherent weakness and has been replaced by WiFi Protected Access (WPA). The current
version of WPA is WPA2.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 148, 331

CompTIA Security Plus Mock Test Q821

Which of the following is a way to implement a technical control to mitigate data loss in case of a mobile device theft?

A. Disk encryption
B. Encryption policy
C. Solid state drive
D. Mobile device policy


Correct Answer: A
Section: Application, Data and Host Security

Explanation:
Disk and device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen.

Incorrect Answers:
B: An encryption policy provides guidelines that limit the use of encryption to algorithms that have been proven to work effectively. The policy still needs to be applied and enforced.
C: Solid state drives are hard drives that have memory chips to store data rather than magnetic disks. These are much faster than traditional hard disks but have no effect on data loss
due to device theft.
D: A mobile device policy provides guidelines the acceptable use of mobile devices within an organization, and means of securing the devices and the data on those devices. However,
the policy still needs to be applied and enforced.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 236, 237
http://www.sans.org/security-resources/policies/general/pdf/acceptable-encryption-policy

CompTIA Security Plus Mock Test Q760

Which of the following can be used on a smartphone to BEST protect against sensitive data loss if the device is stolen? (Select TWO).

A. Tethering
B. Screen lock PIN
C. Remote wipe
D. Email password
E. GPS tracking
F. Device encryption


Correct Answer: C,F
Section: Application, Data and Host Security

Explanation:
C: Remote wipe is the process of deleting data on a device in the event that the device is stolen. This is performed over remote connections such as the mobile phone service or the
internet connection and helps ensure that sensitive data is not accessed by unauthorized people.
F: Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen.

Incorrect Answers:
A: Device tethering is the process of connecting one device to another over a wireless LAN (Wi-Fi) or Bluetooth connection or by using a cable. This allows the tethered devices to
share an Internet connection. It does not protect the device against data loss in the event of the device being stolen.
B: Screen locks are a security feature that requires the user to enter a PIN or a password after a short period of inactivity before they can access the system again. This feature
ensures that if your device is left unattended or is lost or stolen, it will be a bit difficult for anyone else to access your data or applications. However, screen locks may have
workarounds, such as accessing the phone application through the emergency calling feature.
D: Some email applications allow users to set a password on an email that could be shared with the recipient. This does not protect against sensitive data loss if the device is stolen.
E: Global Positioning System (GPS) tracking can be used to identify its location of a stolen device and can allow authorities to locate the device. However, for GPS tracking to work, the
device must have an Internet connection or a wireless phone service over which to send its location information.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 236, 237

CompTIA Security Plus Mock Test Q486

Several departments in a corporation have a critical need for routinely moving data from one system to another using removable storage devices. Senior management is concerned with data loss and the introduction of malware on the network. Which of the following choices BEST mitigates the range of risks associated with the continued use of removable storage devices?

A. Remote wiping enabled for all removable storage devices
B. Full-disk encryption enabled for all removable storage devices
C. A well defined acceptable use policy
D. A policy which details controls on removable storage use

Correct Answer: D
Section: Compliance and Operational Security

Explanation:
Removable storage is both a benefit and a risk and since not all mobile devices support removable storage, the company has to has a comprehensive policy which details the controls of the use of removable s to mitigate the range of risks that are associated with the use of these devices.

Incorrect Answers:
A: Remote wiping is the act of deleting data/all data and maybe even configuration settings from a device remotely, but it is not a guarantee of data security.
B: Full-disk encryption is used mainly to provide protection for an operating system and this is only best effective when the system is fully powered off. This is not going to mitigate the risks posed in this case.
C: Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware. This is not mitigating risk.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 236, 251-252
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 24
http://en.wikipedia.org/wiki/Acceptable_use_policy

CompTIA Security Plus Mock Test Q467

An organization processes credit card transactions and is concerned that an employee may intentionally email credit card numbers to external email addresses. This company should consider which of the following technologies?

A. IDS
B. Firewalls
C. DLP
D. IPS


Correct Answer: C
Section: Compliance and Operational Security

Explanation:
A Data Loss Prevention technology is aimed at detecting and preventing unauthorized access to, use of, or transmission of sensitive information such as credit card details.

Incorrect Answers:
A: IDS is designed to detect the presence of an unauthorized intruder or unwanted activity only.
B: Firewalls are usually employed on the networks together with IDS and IPS.
D: IPS is designed to detect attempts to gain unauthorized access and preventing access.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 100

CompTIA Security Plus Mock Test Q457

A company recently experienced data loss when a server crashed due to a midday power outage. Which of the following should be used to prevent this from occurring again?

A. Recovery procedures
B. EMI shielding
C. Environmental monitoring
D. Redundancy

Correct Answer: D
Section: Compliance and Operational Security

Explanation:
Redundancy refers to systems that either are duplicated or fail over to other systems in the event of a malfunction (in this case a power outage). Failover refers to the process of reconstructing a system or switching over to other systems when a failure is detected. In the case of a server, the server switches to a redundant server when a fault is detected. This strategy allows service to continue uninterrupted until the primary server can be restored.

Incorrect Answers:
A: A recovery procedure is done after the damage has occurred, it does not prevent the damage.
B: EMI Shielding refers to the process of preventing electronic emissions from your computer systems from being used to gather intelligence and preventing outside electronic emissions from disrupting your information-processing abilities.
C: Environmental concerns include considerations about water and flood damage as well as fire suppression.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 32, 380, 383