What is the best method to secure data stored in a misconfigured cloud storage bucket?

Restrict public access and implement identity-based permissions

Configure logging to monitor access attempts

Deploy an intrusion detection system (IDS)

What is the best defense against credential stuffing attacks?

Deploy account lockout mechanisms and multi-factor authentication

Enforce complex password policies

Monitor network traffic for anomalies

Require password rotation every 90 days

An organization notices a significant increase in outbound traffic to an unfamiliar IP address. What is the most likely explanation?

Data exfiltration via a compromised system

Malware scanning the internal network

Which of the following is a key feature of WPA3 for wireless networks?

Opportunistic Wireless Encryption (OWE)

Secure Key Exchange (KRACK prevention)

Advanced Encryption Standard (AES)

What is the primary purpose of using a honeypot in a network?

Divert attackers and gather intelligence

Encrypt sensitive data stored on the server

Prevent denial-of-service attacks

Detect and block phishing emails

What is the best way to prevent SQL injection attacks?

Use parameterized queries and input validation

Encrypt all sensitive database records

Deploy a web application firewall (WAF)

Implement multi-factor authentication

An attacker exploits a buffer overflow vulnerability in an application. What is the likely goal?

Gain administrative access to the server

What is the primary purpose of network segmentation?

Limit the spread of malware within the network

Encrypt sensitive communications

Monitor all inbound and outbound traffic

Which of the following controls is an example of a compensating control?

Using a bastion host to access internal servers

Encrypting sensitive data in transit

Deploying a SIEM to correlate security events

Implementing multi-factor authentication for privileged accounts

An attacker exploits a web application vulnerability to steal session tokens. What is the best way to mitigate this risk?

Implement secure cookie attributes and session timeouts

Encrypt session tokens using HTTPS

Use input validation to sanitize user data

Deploy a firewall to block malicious traffic

What is the primary benefit of implementing network access control (NAC) in an organization?

Prevent unauthorized devices from connecting to the network

Encrypt data in transit across the network

Monitor user activity in real-time

Ensure compliance with data privacy laws

An attacker exploits an unpatched operating system to execute a remote code attack. What is the best remediation strategy?

Implement regular patch management processes

Conduct real-time monitoring of system logs

Enforce strict password policies

Deploy endpoint detection and response (EDR) solutions

What is the main purpose of a certificate revocation list (CRL) in PKI?

Identify and revoke invalid or compromised certificates

Provide encryption for sensitive communications

Authenticate public and private keys

What is the best way to mitigate risks associated with shadow IT within an organization?

Enforce a policy allowing only approved cloud services

Block unapproved software installations on endpoints

Conduct regular security awareness training

Monitor network traffic for unauthorized applications

An attacker modifies a web application's URL parameters to gain unauthorized access to resources. What is the best defense against this attack?

Validate and sanitize user input at the server level

Encrypt all HTTP traffic using HTTPS

Deploy a firewall between the application and the database

Implement multi-factor authentication

A malicious actor exploits a misconfigured S3 bucket to access sensitive files. What is the best remediation?

Restrict public access to the bucket and implement access control policies

Enable logging to monitor access to the bucket

Encrypt all files stored in the bucket

Use endpoint protection on systems accessing the bucket

An attacker exploits a man-in-the-middle vulnerability on an unsecured wireless network. What is the best way to mitigate this risk?

Require VPN connections for wireless users

Block access to public Wi-Fi networks

Configure static IP addresses for all devices

An organization uses a third-party vendor for cloud services. What is the best way to ensure compliance with security standards?

Review and enforce the service-level agreement (SLA)

Encrypt all communications between the organization and the cloud provider

Monitor the cloud environment with a SIEM solution

Deploy endpoint detection on all cloud servers

What is the main purpose of a data loss prevention (DLP) solution?

Prevent unauthorized transmission of sensitive data

Monitor network traffic for malware

Encrypt data in transit and at rest

Detect and block phishing emails

What is the most effective way to reduce the risk of insider threats?

Implement access controls and continuous monitoring

Conduct regular background checks on employees

Deploy endpoint detection and response (EDR) tools

Require complex passwords for all users

An attacker uses stolen credentials to gain access to a network. What is the most effective prevention mechanism?

Multi-factor authentication (MFA)

Role-based access control (RBAC)

What is the primary advantage of using elliptic curve cryptography (ECC) over RSA?

Faster key generation and encryption with shorter key lengths

Supports hashing for data integrity

Offers greater resistance to brute-force attacks

Provides easier certificate management

What is the primary purpose of implementing multi-factor authentication (MFA) for privileged accounts?

Reduce the risk of unauthorized access

Increase password complexity requirements

Encrypt all privileged account communications

Monitor all login attempts in real-time

Which tool would best identify security vulnerabilities in a web application before deployment?

Static Application Security Testing (SAST)

Intrusion Prevention System (IPS)

Endpoint Detection and Response (EDR)

An organization implements a honeynet in its infrastructure. What is the primary purpose of this strategy?

Divert attackers and gather intelligence about their methods

Prevent malware infections on critical systems

Encrypt sensitive data on the network

Test new security patches in a controlled environment

What is the best way to mitigate risks associated with an unsecured IoT device connected to a corporate network?

Implement network segmentation for IoT devices

Use endpoint protection on the device

Deploy a firewall to monitor device activity

Encrypt all communications to and from the device

Which security control ensures that log files cannot be tampered with after they are created?

Store logs on write-once-read-many (WORM) media

Encrypt logs before storing them

Rotate log files every 24 hours

Monitor logs with a SIEM system

A security analyst identifies outbound traffic to a known malicious IP address. What should be the first action?

Isolate the affected system from the network

Notify the incident response team

Block the IP address at the firewall

Conduct a vulnerability scan on the affected system

Which of the following best prevents replay attacks on a network?

Use encrypted session tokens with timestamps

Implement role-based access control

Require multi-factor authentication for all users

Deploy a web application firewall (WAF)

What is the purpose of using Perfect Forward Secrecy (PFS) in cryptographic communications?

Ensure that session keys are not reused

Protect against phishing attacks

Simplify key management for large-scale systems

Authenticate endpoints before communication

Which technology best protects a cloud storage bucket from unauthorized access?

Restrict bucket access using identity-based permissions

Enable encryption for all stored data

Configure static IP addresses for all accessing devices

Monitor bucket access logs with a SIEM solution

CompTIA Security Exam Questions

Authored by Walter Consuegra

Computers

University

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

99 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company implements a Zero Trust model to secure its infrastructure. What is the core principle of this model?

Implicit trust within the internal network

Continuous authentication and least privilege

Network segmentation with firewalls

Encrypting all data stored on-premises

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

An attacker exploits a weak API endpoint to access sensitive customer data. What is the best defense against such attacks?

Encrypt all API communications

Require multi-factor authentication for API users

Use input validation and rate limiting

Deploy endpoint protection on developer systems

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the primary purpose of a Business Impact Analysis (BIA)?

Ensure compliance with regulatory frameworks

Identify critical business functions and assess the impact of disruptions

Detect insider threats through behavior monitoring

Analyze vulnerabilities in legacy systems

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company experiences a ransomware attack. The attackers demand payment to decrypt critical files. What should the incident response team prioritize?

Notify law enforcement and preserve evidence

Pay the ransom to restore operations quickly

Isolate affected systems and restore from backups

Disable all network traffic to contain the attack

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which cryptographic technique ensures the integrity of a transmitted file?

Encryption

Hashing

Tokenization

Salting

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

An attacker sends phishing emails targeting executives of an organization. What is this attack called?

Spear phishing

Whaling

Vishing

Smishing

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is a primary function of a Security Information and Event Management (SIEM) system?

Encrypt sensitive files in real-time

Analyze and correlate security events across the network

Automatically patch vulnerable systems

Deploy firewalls and intrusion prevention systems

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

100 questions

Digital and Financial Literacy

Quiz

•

University

100 questions

Tin hoc ung dung chap3

Quiz

•

University

100 questions

Test CCNA 200-301

Quiz

•

University

100 questions

ข้อสอบปลายภาค MBI0403 การจัดการธุรกิจดิจิทัล

Quiz

•

University

94 questions

(2ND SEM IT) HISTORY OF COMPUTER

Quiz

•

University

102 questions

A+Core 1 (101-200)#2

Quiz

•

10th Grade - University

100 questions

SQL: Using Single-Row Functions

Quiz

•

8th Grade - Professio...

97 questions

Python Exam 1

Quiz

•

University

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

10 questions

Probability Practice

Quiz

•

4th Grade

15 questions

Probability on Number LIne

Quiz

•

4th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

6 questions

Appropriate Chromebook Usage

Lesson

•

7th Grade

10 questions

Greek Bases tele and phon

Quiz

•

6th - 8th Grade

Discover more resources for Computers

12 questions

IREAD Week 4 - Review

Quiz

•

3rd Grade - University

20 questions

Endocrine System

Quiz

•

University

7 questions

Renewable and Nonrenewable Resources

Interactive video

•

4th Grade - University

30 questions

W25: PSYCH 250 - Exam 2 Practice

Quiz

•

University

5 questions

Inherited and Acquired Traits of Animals

Interactive video

•

4th Grade - University

20 questions

Implicit vs. Explicit

Quiz

•

6th Grade - University

7 questions

Comparing Fractions

Interactive video

•

1st Grade - University

38 questions

Unit 8 Review - Absolutism & Revolution

Quiz

•

10th Grade - University

CompTIA Security Exam Questions

A company implements a Zero Trust model to secure its infrastructure. What is the core principle of this model?

An attacker exploits a weak API endpoint to access sensitive customer data. What is the best defense against such attacks?

What is the primary purpose of a Business Impact Analysis (BIA)?

A company experiences a ransomware attack. The attackers demand payment to decrypt critical files. What should the incident response team prioritize?

Which cryptographic technique ensures the integrity of a transmitted file?

An attacker sends phishing emails targeting executives of an organization. What is this attack called?

Which of the following is a primary function of a Security Information and Event Management (SIEM) system?

What is the best method to secure data stored in a misconfigured cloud storage bucket?

An attacker intercepts and modifies communication between two devices. What is this attack called?

Which of the following tools is used to analyze network traffic for suspicious activity?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers