CompTIA Module 1-4 Review Questions

3.8 (41 reviews)
After Bella earned her security certification, she was offered a promotion. As she reviewed the job responsibilities, she saw that in this position she will report to the CISO and supervise a group of security technicians. Which of these generally recognized security positions has she been offered?

a) Security administrator
b) Security technician
c) Security officer
d) Security manager
Click the card to flip 👆
1 / 80
Terms in this set (80)
After Bella earned her security certification, she was offered a promotion. As she reviewed the job responsibilities, she saw that in this position she will report to the CISO and supervise a group of security technicians. Which of these generally recognized security positions has she been offered?

a) Security administrator
b) Security technician
c) Security officer
d) Security manager
d) Security manager
Which of the following is false about the CompTIA Security+ certification?
Security+ is one of the most widely acclaimed security certifications.
Which of the following is true regarding the relationship between security and convenience?
Security and convenience are inversely proportional.
Which of the following of the CIA Triad ensures that information is correct, and no unauthorized person has altered it?
Integrity
Which of the following is not used to describe those who attack computer systems?
Malicious agent
Which of the following is not true regarding security?
Security is a war that must be won at all costs.
Luna is reading a book about the history of cybercrime. She read that the very first cyberattacks were mainly for what purpose?
Fame
Which of the following ensures that only authorized parties can view protected information?
Availability
Which type of hacker will probe a system for weaknesses and then privately provide that information back to the organization?
White hat hackers
Complete this definition of information security:
through products, people, and procedures on the devices that store, manipulate, and transmit the information.
Which of the following groups have the lowest level of technical knowledge?Script kiddiesWhich of the following groups use advanced persistent threats?State actorsWhich of the following is not a reason a legacy platform has not been updated?No compelling reason for any updatesHow do vendors decide which should be the default settings on a system?Those settings that provide the means by which the user can immediately begin to use the product.Which tool is most commonly associated with state actors?advanced persistent threat (APT)What is the term used to describe the connectivity between an organization and a third party?System integrationWhat is an objective of state-sponsored attackers?To spy on citizensWhich of the following is not an issue with patching?Patches address zero-day vulnerabilitiesWhich of the following is not a recognized attack vector?On-premWhat is the category of threat actors that sell their knowledge of vulnerabilities to other attackers or governments?BrokersEbba has received a new initiative for her security team to perform an in-house penetration test. What is the first step that Ebba should undertake?PlanningWhich of the following is NOT a characteristic of a penetration test?AutomatedLinnea has requested to be placed on the penetration testing team that scans for vulnerabilities to exploit them. Which team does she want to be placed on?Red TeamLykke's supervisor is evaluating whether to use internal security employees to conduct a penetration test. Lykke does not consider this a good idea and has created a memo with several reasons they should not be used. Which of the following would NOT be part of that memo?They would have to stay overnight to perform the test.What penetration testing level name is given to testers who have no knowledge of the network and no special privileges?Black boxWhich of the following is NOT an advantage of crowdsourced penetration testing?Less expensiveTilde is working on a contract with the external penetration testing consultants. She does not want any executives to receive spear-phishing emails. Which rule of engagement would cover this limitation?ScopeWhich is the final rule of engagement that would be conducted in a pen test?ReportingWhat is another name for footprinting?Active reconnaissance?When researching how an attack recently took place, Nova discovered that the threat actor, after penetrating the system, started looking to move through the network with their elevated position. What is the name of this technique?Lateral movementWhat are documents that are authored by technology bodies employing specialists, engineers, and scientists who are experts in those areas?Requests for comments (RFCs)Which of the following is not a general information source that can provide valuable in-depth information on cybersecurity?TwitterWhich of the following is a standard for the handling of customer card information?PCI DSSWhich of the following are developed by established professional organizations or government agencies using the expertise of seasoned security professionals?RegulationsWhich group is responsible for the Cloud Controls Matrix?CSATuva's supervisor wants to share a recent audit outside the organization. Tuva warns him that this type of audit can only be read by those within the organization. What audit does Tuva's supervisor want to distribute?SSAE SOC 2 Type IIWhich ISO contains controls for managing and controlling risk?ISO 31000Which premise is the foundation of threat hunting?Threat actors have already infiltrated our network.Which of the following can automate an incident response?SOARWhich of the following is NOT something that a SIEM can perform?Incident responseWhat word is the currently accepted term to refer to network-connected hardware devices?EndpointWhich of the following is NOT a characteristic of malware?DiffusionGabriel's sister called him about a message that suddenly appeared on her screen that says her software license has expired and she must immediately pay $500 to have it renewed before control of the computer will be returned to her. What type of malware has infected her computer?Blocking ransomwareMarius's team leader has just texted him that an employee, who violated company policy by bringing in a file on her USB flash drive, has just reported that her computer is suddenly locked up with cryptomalware. Why would Marius consider this a dangerous situation?Cryptomalware can encrypt all files on any network that is connected to the employee's computer.Which type of malware relies on LOLBins?Fileless virusWhich of the following is known as a network virus?WormJosh is researching the different types of attacks that can be generated through a botnet. Which of the following would NOT be something distributed by a botnet?LOLBinsWhich of the following is NOT a means by which a bot communicates with a C&C device?EmailRandall's roommate is complaining to him about all of the software that came pre-installed on his new computer. He doesn't want the software because it slows down the computer. What type of software is this?PUPWhat is the difference between a Trojan and a RAT?A RAT gives the attacker unauthorized remote access to the victim's computer.Which of these would NOT be considered the result of a logic bomb?Send an email to Rowan's inbox each Monday morning with the agenda of that week's department meeting.Which of the following attacks is based on a website accepting user input without sanitizing it?XSSWhich of the following attacks is based on the principle that when a user is currently authenticated on a website and then loads another webpage, the new page inherits the identity and privileges of the first website?CSRFWhich of the following manipulates the trusting relationship between web servers?SSRFWhich type of memory vulnerability attack manipulates the "return address" of the memory location of a software program?Buffer overflow attackWhat race condition can result in a NULL pointer/object dereference?Time of check/time of use race conditionWhich of the following attacks targets the external software component that is a repository of both code and data?Dynamic-link library (DLL) injection attackWhat term refers to changing the design of existing code?RefactoringWhich of the following is technology that imitates human abilities?AIWhich statement regarding a keylogger is NOT true?Software keyloggers are generally easy to detect.An IOC occurs when what metric exceeds its normal bounds?KRIWhat are the two concerns about using public information sharing centers?Privacy and speedWhich privacy protection uses four colors to indicate the expected sharing limitations that are to be applied by recipients of the information?TLPOskar has been receiving emails about critical threat intelligence information from a public information sharing center. His team leader has asked him to look into how the process can be automated so that the information can feed directly into the team's technology security. What technology will Oskar recommend?Automated Indicator Sharing (AIS)Which of the following is an application protocol for exchanging cyberthreat intelligence over HTTPS?TAXIIWhat are the two limitations of private information sharing centers?Access to data and participationWhich of the following is NOT a limitation of a threat map?They can be difficult to visualize.Luka has been asked by his supervisor to monitor the dark web for any IOCs concerning their organization. The next week, Luca reports that he was unable to find anything because looking for information on the dark web is different from using the regular web. Which of the following is FALSE about looking for information on the dark web?Dark web search engines are identical to regular search engines.Which of the following is NOT an improvement of UEFI over BIOS?Support of USB 3.0Which boot security mode sends information on the boot process to a remote server?Measured BootWhich of the following is NOT an important OS security configuration?Restricting patch managementWhich stage conducts a test that will verify the code functions as intended?Staging stageWhich model uses a sequential design process?Waterfall modelWhich of the following is NOT an advantage of an automated patch update service?Users can disable or circumvent updates just as they can if their computer is configured to use the vendor's online update service.What type of analysis is heuristic monitoring based on?Dynamic analysisWhich of these is a list of preapproved applications?WhitelistWhat is the advantage of a secure cookie?It is sent to the server over HTTPS.Which of the following tries to detect and stop an attack?HIPSWhat does Windows 10 Tamper Protection do?Limits access to the registry.Which of the following is FALSE about a quarantine process?It holds a suspicious application until the user gives approval.