CompTIA Security Plus Mock Test Q1334

A user has an Android smartphone that supports full device encryption. However when the user plus into a computer all of the files are immediately accessible. Which of the following should the user do to enforce full device confidentiality should the phone be lost or stolen?

A. Establish a PIN passphrase
B. Agree to remote wipe terms
C. Generate new media encryption keys
D. Download the encryption control app from the store

Correct Answer: A
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1210

Two organizations want to share sensitive data with one another from their IT systems to support a mutual customer base. Both organizations currently have secure network and security policies and procedures. Which of the following should be the PRIMARY security considerations by the security managers at each organization prior to sharing information? (Select THREE)

A. Physical security controls
B. Device encryption
C. Outboarding/Offboarding
D. Use of digital signatures
E. SLA/ISA
F. Data ownership
G. Use of smartcards or common access cards
H. Patch management

Correct Answer: B,E,F
Section: Mixed Questions

CompTIA Security Plus Mock Test Q770

Jane, an IT security technician, needs to create a way to secure company mobile devices. Which of the following BEST meets this need?

A. Implement voice encryption, pop-up blockers, and host-based firewalls.
B. Implement firewalls, network access control, and strong passwords.
C. Implement screen locks, device encryption, and remote wipe capabilities.
D. Implement application patch management, antivirus, and locking cabinets.


Correct Answer: C
Section: Application, Data and Host Security

Explanation
Screen-lock is a security feature that requires the user to enter a password after a short period of inactivity before they can access the system again. This feature ensures that if your
device is left unattended or is lost or stolen, it will be difficult for anyone else to access your data or applications.
Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen.
Remote wipe is the process of deleting data on a device in the event that the device is stolen. This is performed over remote connections such as the mobile phone service or the
internet connection and helps ensure that sensitive data is not accessed by unauthorized people.

Incorrect Answers:
A: Voice encryption is used to protect audio (voice) transmission. It cannot secure data stored on a mobile device.
Pop-up blockers prevent websites from opening new browser windows without the users consent. These are often used for advertisements but can also be used to distribute malicious
code.
A host-based firewall is installed on a client system and is used to protect the client system from the activities of the user as well as from communication from the network or Internet
by filtering the type of network traffic that can sent or received by the systems.
B: Firewalls, network access control, and strong passwords would secure the network rather than the mobile device.
Firewalls protect systems from network attacks by filtering the type of network traffic that can sent or received by the systems.
Strong passwords are likely to mitigate risk of the user account being used to access the network. A strong password would be more difficult to crack. It does not secure the mobile
device.
D: Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems
from newly discovered attacks and vulnerabilities.
Antivirus software is used to protect systems against viruses, which are a form of malicious code designed to spread from one system to another, consuming network resources.
Locking cabinets would secure mobile device when they have not been issued to users.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 161-162, 220, 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 231-232, 236, 237, 246

CompTIA Security Plus Mock Test Q768

The chief Risk officer is concerned about the new employee BYOD device policy and has requested the security department implement mobile security controls to protect corporate data in the event that a device is lost or stolen. The level of protection must not be compromised even if the communication SIM is removed from the device. Which of the following BEST meets the requirements? (Select TWO)

A. Asset tracking
B. Screen-locks
C. GEO-Tracking
D. Device encryption

Correct Answer: A,D
Section: Application, Data and Host Security

Explanation:
A: Asset tracking is the process of maintaining oversight over inventory, and ensuring that a device is still in the possession of the assigned authorized user.
D: Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen.

Incorrect Answers:
B: Screen-lock is a security feature that requires the user to enter a password after a short period of inactivity before they can access the system again. This feature ensures that if
your device is left unattended or is lost or stolen, it will be difficult for anyone else to access your data or applications.
C: GEO tracking and GPS tracking can be used to identify its location of a stolen device and can allow authorities to recover the device. However, for GPS tracking to work, the device
must have an Internet connection or a wireless phone service over which to send its location information.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 236, 237, 238

CompTIA Security Plus Mock Test Q762

A way to assure data at-rest is secure even in the event of loss or theft is to use:

A. Full device encryption.
B. Special permissions on the file system.
C. Trusted Platform Module integration.
D. Access Control Lists.


Correct Answer: A
Section: Application, Data and Host Security

Explanation:
Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen.

Incorrect Answers:
B: Permissions on the file system define the level of access logged on users have to files and folders. However, should an unauthorized user gain access to an authorized user’s user
account, they would gain access to the files and folders.
C: Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard. It helps with hash key generation and stores cryptographic
keys, passwords, or certificates.
D: Access Control Lists (ACLs) define the level of access logged on users have to resources. However, should an unauthorized user gain access to an authorized user’s user account,
they would gain access to the data.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 156, 237, 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 236, 237

CompTIA Security Plus Mock Test Q761

Which of the following controls can be implemented together to prevent data loss in the event of theft of a mobile device storing sensitive information? (Select TWO).

A.
Full device encryption
B. Screen locks
C. GPS
D. Asset tracking
E. Inventory control


Correct Answer: A,B
Section: Application, Data and Host Security

Explanation:
A: Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen.
B: Screen locks are a security feature that requires the user to enter a PIN or a password after a short period of inactivity before they can access the system again. This feature
ensures that if your device is left unattended or is lost or stolen, it will be difficult for anyone else to access your data or applications.

Incorrect Answers:
C: Global Positioning System (GPS) tracking can be used to identify its location of a stolen device and can allow authorities to locate the device. However, for GPS tracking to work,
the device must have an Internet connection or a wireless phone service over which to send its location information.
D: Asset tracking is the process of maintaining oversight over inventory, and ensuring that a device is still in the possession of the assigned authorized user.
E: Inventory control is an aspect of asset tracking and the overseeing of inventory. It does not prevent data loss.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 236, 237, 238

CompTIA Security Plus Mock Test Q760

Which of the following can be used on a smartphone to BEST protect against sensitive data loss if the device is stolen? (Select TWO).

A. Tethering
B. Screen lock PIN
C. Remote wipe
D. Email password
E. GPS tracking
F. Device encryption


Correct Answer: C,F
Section: Application, Data and Host Security

Explanation:
C: Remote wipe is the process of deleting data on a device in the event that the device is stolen. This is performed over remote connections such as the mobile phone service or the
internet connection and helps ensure that sensitive data is not accessed by unauthorized people.
F: Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen.

Incorrect Answers:
A: Device tethering is the process of connecting one device to another over a wireless LAN (Wi-Fi) or Bluetooth connection or by using a cable. This allows the tethered devices to
share an Internet connection. It does not protect the device against data loss in the event of the device being stolen.
B: Screen locks are a security feature that requires the user to enter a PIN or a password after a short period of inactivity before they can access the system again. This feature
ensures that if your device is left unattended or is lost or stolen, it will be a bit difficult for anyone else to access your data or applications. However, screen locks may have
workarounds, such as accessing the phone application through the emergency calling feature.
D: Some email applications allow users to set a password on an email that could be shared with the recipient. This does not protect against sensitive data loss if the device is stolen.
E: Global Positioning System (GPS) tracking can be used to identify its location of a stolen device and can allow authorities to locate the device. However, for GPS tracking to work, the
device must have an Internet connection or a wireless phone service over which to send its location information.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 236, 237