Test Bank for CompTIA Security+ Guide to Network Security Fundamentals, 8th Edition by Mark Ciampa
2 views 0 purchase
Course
Graduation in computer science
Institution
Graduation In Computer Science
Test Bank for CompTIA Security+ Guide to Network Security Fundamentals, 8e 8th Edition by Mark Ciampa. All Modules (Module 1 to 15) test bank are included with answers.
Module 1: Introduction to Information Security
Module 2: Pervasive Attack Surfaces and Controls
Module 3: Fundamentals of Cry...
Test Bank for CompTIA Security+ Guide to Network Security Fundamentals, 8th Edition by Mark Ciampa
Mod 01 Introduction to Information Security
1. You have excellent technical acumen. Part of your responsibilities where you work include overlooking daily
operations as well as analyzing and designing security solutions in a specific area. You encounter a situation
that needs to be escalated. Which of the following are you most likely to approach with the situation?
a. CIO
b. CISO
c. Security manager
d. Security administrator
ANSWER: c
RATIONALE: The question is implying you are the security administrator so you will most
likely approach the security manager with the issue. The security manager reports
to the CISO and supervises technicians, administrators, and security staff. The
security administrator has both technical knowledge and managerial skills. A
security administrator manages daily operations of security technology and may
analyze and design security solutions within a specific entity as well as identify
users" needs.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: Ciampa.Sec+8e.25.1.1 - Define information security and explain its principles.
ACCREDITING STANDARDS: Ciampa.SY0-701.25.1.2 - Summarize fundamental security concepts.
TOPICS: None specified
KEYWORDS: Bloom's: Remember
DATE CREATED: 11/30/2023 7:40 PM
DATE MODIFIED: 11/30/2023 7:40 PM
2. When analyzing a security breach, Acer determines the attacker was able to change the price of an item from
$200 to $20. What security protection was compromised?
a. Confidentiality
b. Integrity
c. Authorization
d. Authentication
ANSWER: b
RATIONALE: Integrity ensures that the information is correct and no unauthorized person or
malicious software has altered the data. An attacker changing data, such as the
price of an item, violates the integrity of the data.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: Ciampa.Sec+8e.25.1.1 - Define information security and explain its principles.
ACCREDITING STANDARDS: Ciampa.SY0-701.25.1.2 - Summarize fundamental security concepts.
TOPICS: What Is Information Security?
Page 1
,Name: Class: Date:
Mod 01 Introduction to Information Security
KEYWORDS: Bloom's: Remember
DATE CREATED: 11/30/2023 7:40 PM
DATE MODIFIED: 11/30/2023 7:40 PM
3. A visitor is trying to access a military base. The visitor needs to supply their license and enter other personal
information via a kiosk. The visitor is eventually allowed to enter the base but is limited to certain areas only.
What security principles are being employed? Select two.
a. Authentication
b. Authorization
c. Confidentiality
d. Accounting
e. Availability
ANSWER: a, b
RATIONALE: Authentication is used to verify the visitor is who they claim to be. Authorization
is used to grant the visitor permission to enter the base because their credentials
are authentic.
POINTS: 1
QUESTION TYPE: Multiple Response
HAS VARIABLES: False
LEARNING OBJECTIVES: Ciampa.Sec+8e.25.1.1 - Define information security and explain its principles.
ACCREDITING STANDARDS: Ciampa.SY0-701.25.1.2 - Summarize fundamental security concepts.
TOPICS: What Is Information Security?
KEYWORDS: Bloom's: Remember
DATE CREATED: 11/30/2023 7:40 PM
DATE MODIFIED: 11/30/2023 7:40 PM
4. Which of the following best describes what Della could do to prevent unauthorized parties from viewing
sensitive customer information at her retail store?
a. Use software to encrypt data in a secure database.
b. Verify the ID of the party requesting access to the data.
c. Limit access to certain areas once access is granted.
d. Ensure the data cannot be manipulated or changed.
ANSWER: a
RATIONALE: Confidentiality ensures that only authorized parties can view the information.
Providing confidentiality can involve several different security tools such as using
software to encrypt credit card numbers stored on the web server or in a database,
for example.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: Ciampa.Sec+8e.25.1.1 - Define information security and explain its principles.
Page 2
,Name: Class: Date:
Mod 01 Introduction to Information Security
ACCREDITING STANDARDS: Ciampa.SY0-701.25.1.2 - Summarize fundamental security concepts.
TOPICS: What Is Information Security?
KEYWORDS: Bloom's: Apply
DATE CREATED: 11/30/2023 7:40 PM
DATE MODIFIED: 11/30/2023 7:40 PM
5. Evin thinks one of the computer systems where he works may have been compromised. He does not currently
have a good way of determining if an unauthorized user logged in successfully. Which of the following can
Evin implement that will, going forward, help him identify who logs in?
a. Authentication
b. Authorization
c. Availability
d. Accounting
ANSWER: d
RATIONALE: Accounting is a component of the security principle that involves controlling
access to information. Accounting creates a record that is preserved of who
accessed the enterprise network, what resources they accessed, and when they
disconnected from the network.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: Ciampa.Sec+8e.25.1.1 - Define information security and explain its principles.
ACCREDITING STANDARDS: Ciampa.SY0-701.25.1.2 - Summarize fundamental security concepts.
TOPICS: What Is Information Security?
KEYWORDS: Bloom's: Apply
DATE CREATED: 11/30/2023 7:40 PM
DATE MODIFIED: 11/30/2023 7:40 PM
6. A friend gets a virus and asks if you can help them fix the problem. You boot the computer with a bootable
flash drive containing security-related tools and remove the virus. What type of control did you employ?
a. Deterrent
b. Corrective
c. Directive
d. Compensating
ANSWER: b
RATIONALE: A corrective control lessens the damage from an attack. An example is cleaning a
virus from an infected system; the corrective action occurs after the attack has
taken place.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
Page 3
, Name: Class: Date:
Mod 01 Introduction to Information Security
LEARNING OBJECTIVES: Ciampa.Sec+8e.25.1.1 - Define information security and explain its principles.
ACCREDITING STANDARDS: Ciampa.SY0-701.25.1.1 - Compare and contrast various types of security controls.
TOPICS: What Is Information Security?
KEYWORDS: Bloom's: Remember
DATE CREATED: 11/30/2023 7:40 PM
DATE MODIFIED: 11/30/2023 7:40 PM
7. As a consultant, you are asked by a company to help them work on a security-related project that falls under
the operational control scope. Which of the following will you help implement?
a. Define an acceptable use policy
b. Install a card reader to access the data center
c. Install hardware to block malicious content
d. Implement security awareness training
ANSWER: d
RATIONALE: Conducting security awareness training falls under the operational control
category. This is considered a broad category that is implemented and executed
by people.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: Ciampa.Sec+8e.25.1.1 - Define information security and explain its principles.
ACCREDITING STANDARDS: Ciampa.SY0-701.25.1.1 - Compare and contrast various types of security controls.
TOPICS: What Is Information Security?
KEYWORDS: Bloom's: Apply
DATE CREATED: 11/30/2023 7:40 PM
DATE MODIFIED: 11/30/2023 7:40 PM
8. Which of the following best describes the differences or similarities between cybersecurity and information
security? Select three.
a. Cybersecurity primarily protects devices.
b. Information security falls under the cybersecurity umbrella.
c. Cybersecurity guarantees more safety than information security.
d. Information security protects using products, people, and procedures.
e. Cybersecurity induces a lot more inconvenience than information security.
ANSWER: a, b, d
RATIONALE: Cybersecurity usually involves a range of practices, processes, and technologies
intended to protect devices, networks, and programs that process and store data in
an electronic form. Cybersecurity is generally considered an overall umbrella
term under which information security is found. Information security achieves
protection through a process that is a combination of three entities: products,
people, and policies and procedures.
Page 4
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller StepsSol. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $39.49. You're not tied to anything after your purchase.
