CompTIA Security + (Part 1) 12th Grade Quiz

1.

MULTIPLE SELECT QUESTION

1 min • 3 pts

Upon receiving the findings from a recent inspection, a senior technician must identify the various parties needed to implement change management solutions. Based on those impacted by the change, who is a stakeholder within the change management spectrum? (Select the three best options.)

Project manager

Partners

Vendors

Change Advisory Board (CAB)

Answer explanation

The stakeholders in change management include those directly impacted. Partners, Vendors, and the Change Advisory Board (CAB) are essential as they provide support, resources, and guidance for implementing changes effectively.

2.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A financial services company is decommissioning many servers that contain highly sensitive financial information. The company's data protection policy stipulates the need to use the MOST secure data destruction methods and comply with strict regulatory requirements. The company also has a significant environmental sustainability commitment and seeks to minimize waste wherever possible. What should the company's primary course of action be during this process?

Degaussing the servers, rendering the data irretrievable, followed by reselling or recycling the servers after certification

Overwriting the data on the servers multiple times, then disposing of the servers without any certification

Incinerating the servers, as it's the most effective method of data destruction

Storing the servers indefinitely in a secure location to avoid any risk of data leakage

Answer explanation

Degaussing effectively destroys data by demagnetizing the drives, ensuring irretrievability. This method aligns with the company's data protection policy and allows for environmentally responsible reselling or recycling after certification.

3.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A group of threat actors disrupts the online services of an oil company due to their disagreement with the company's environmental policies. They believe their actions can force the company to change its practices. This type of threat actor is primarily driven by what kind of motivation?

Political/philosophical beliefs

Espionage

Financial gain

Service disruption

Answer explanation

The threat actors are motivated by their political/philosophical beliefs regarding environmental policies, aiming to influence the company's practices through disruption.

4.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

An educational institution plans to transition from a traditional to a digital learning system. The school's administration has assembled a Change Management Board (CMB) to ensure smooth and secure execution. Within the scope of this educational institution's digital transformation project, what would be the primary role of the CMB?

Overseeing the daily operations of the school's IT department

Conducting cybersecurity awareness training for all school staff

Assessing, approving, and managing changes in the IT infrastructure

Developing and implementing the school's digital learning curriculum

Answer explanation

The primary role of the Change Management Board (CMB) is to assess, approve, and manage changes in the IT infrastructure, ensuring a smooth transition to the digital learning system.

5.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

An educational institution plans to transition from a traditional to a digital learning system. The school's administration has assembled a Change Management Board (CMB) to ensure smooth and secure execution. Within the scope of this educational institution's digital transformation project, what would be the primary role of the CMB?

Overseeing the daily operations of the school's IT department

Conducting cybersecurity awareness training for all school staff

Assessing, approving, and managing changes in the IT infrastructure

Developing and implementing the school's digital learning curriculum

Answer explanation

The primary role of the Change Management Board (CMB) is to assess, approve, and manage changes in the IT infrastructure, ensuring a smooth transition to the digital learning system.

6.

MULTIPLE SELECT QUESTION

1 min • 3 pts

A system administrator implemented encryption across the organization's IT infrastructure. The infrastructure includes various types of data storage methods. Which of the following data storage methods can the system administrator encrypt to increase the security of data at rest? (Select the three best options.)

Volume

User interface

Partition

File

Answer explanation

Encrypting data at rest is crucial for security. The best options are Volume, Partition, and File, as these represent different storage methods that can be encrypted to protect sensitive information effectively.

7.

MULTIPLE SELECT QUESTION

1 min • 2 pts

A system admin is reviewing the company's environmental variables as there have been several new additions to workstations and servers. One of the primary environmental factors is the organization's IT infrastructure. What are two other environmental factors? (Select the two best options.)

Risk tolerance

External threat landscape

Prioritization

Regulatory/compliance environment

Answer explanation

The external threat landscape refers to potential risks from outside the organization, while the regulatory/compliance environment encompasses laws and regulations that the organization must adhere to, both crucial for IT infrastructure.

8.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A cyber intern implements new endpoint configurations after advisement of a data exfiltration that includes top-secret information. What configuration consideration can ensure that systems and devices within an organization's network adhere to mandatory security configurations?

Access control

Configuration enforcement

Monitoring

Access control lists

Answer explanation

Configuration enforcement ensures that all systems and devices comply with mandatory security settings, preventing unauthorized changes and maintaining security integrity, especially after a data exfiltration incident.

9.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A company's IT department considers different approaches to obtaining digital certificates for its internal network infrastructure. The IT department evaluated the use of a Certificate Signing Request (CSR) and third-party Certificate Authorities (CAs) to meet their security requirements. What is the primary advantage of using a CSR and a third-party CA for obtaining digital certificates compared to other methods?

Using a Certificate Signing Request and a third-party Certificate Authority allows for faster deployment of digital certificates within the network.

Using a Certificate Signing Request and a third-party Certificate Authority eliminates the need for regular certificate renewals and maintenance.

Digital certificates obtained through a Certificate Signing Request and a third-party Certificate Authority provide stronger encryption algorithms and key lengths.

Digital certificates obtained through a Certificate Signing Request and a third-party Certificate Authority have a higher level of trust and recognition within the industry.

Answer explanation

Digital certificates from a CSR and third-party CA are widely recognized and trusted, enhancing security and credibility within the industry compared to self-signed certificates or internal CAs.

10.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

CloudSecure is facing a cybersecurity challenge where some of its critical software applications are no longer supported by vendors, making them vulnerable to potential exploits. The IT team is exploring various strategies to mitigate the risk posed by these unsupported apps. What’s the MOST effective approach to enhance the security posture?

Ignoring the vulnerability as it can only be exploited in specific circumstances.

Consolidating all operating systems and applications into one product.

Implementing regular patch management to fix the faulty code.

Isolating the unsupported apps from other systems to reduce the attack surface.

Answer explanation

Isolating the unsupported apps reduces their exposure to potential attacks, effectively minimizing the risk. This approach is more secure than ignoring vulnerabilities or consolidating systems, which could increase risk.

Create a free account and access millions of resources

Similar Resources on Quizizz

Popular Resources on Quizizz

Discover more resources for Computers