Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

CompTIA Security+ 2025 Exam Review Guide: Complete Domain Analysis, Scenario-Based, Exams of Computer Security

Joseph Chamberlain CollegeComputer Security

CompTIA Security+ 2025 Exam Review Guide: Complete Domain Analysis, Scenario-Based Practice, and Expert Insights

Typology: Exams

2024/2025

Available from 07/13/2025

edwards-christopher
edwards-christopher 🇬🇧

361 documents

1 / 30

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CompTIA Security+ 2025 Exam Review Guide:
Complete Domain Analysis, Scenario-Based
Practice, and Expert Insights
Here are the multiple-choice questions with rationales and the correct answers
indicated:
Question 1:
Human Resources (HR) would like executives to undergo only two specific security
training programs a year. Which of the following provides the BEST level of security
training for the executives? (Choose two.)
A. Acceptable use of social media
B. Data handling and disposal
C. Zero day exploits and viruses
D. Phishing threats and attacks - Correct Answer
E. Clean desk and BYOD
F. Information security awareness - Correct Answer
Rationale:
D. Phishing threats and attacks: Executives are often high-value targets for
phishing attacks, including spear-phishing and whaling, due to their access to
sensitive information and decision-making authority. Training on recognizing and
responding to these threats is crucial.
F. Information security awareness: A broad information security awareness
program will provide executives with a foundational understanding of various
security risks, policies, and best practices, making them more security-
conscious in their daily activities.
A. Acceptable use of social media: While relevant, it might be less critical than
phishing awareness for executives.
B. Data handling and disposal: Important, but perhaps less time-sensitive than
immediate threat awareness for busy executives.
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e

Partial preview of the text

Download CompTIA Security+ 2025 Exam Review Guide: Complete Domain Analysis, Scenario-Based and more Exams Computer Security in PDF only on Docsity!

CompTIA Security+ 2025 Exam Review Guide:

Complete Domain Analysis, Scenario-Based

Practice, and Expert Insights

Here are the multiple-choice questions with rationales and the correct answers indicated: Question 1: Human Resources (HR) would like executives to undergo only two specific security training programs a year. Which of the following provides the BEST level of security training for the executives? (Choose two.) A. Acceptable use of social media B. Data handling and disposal C. Zero day exploits and viruses D. Phishing threats and attacks - Correct Answer E. Clean desk and BYOD F. Information security awareness - Correct Answer Rationale:

  • D. Phishing threats and attacks: Executives are often high-value targets for phishing attacks, including spear-phishing and whaling, due to their access to sensitive information and decision-making authority. Training on recognizing and responding to these threats is crucial.
  • F. Information security awareness: A broad information security awareness program will provide executives with a foundational understanding of various security risks, policies, and best practices, making them more security- conscious in their daily activities.
  • A. Acceptable use of social media: While relevant, it might be less critical than phishing awareness for executives.
  • B. Data handling and disposal: Important, but perhaps less time-sensitive than immediate threat awareness for busy executives.
  • C. Zero day exploits and viruses: While understanding these is beneficial, the practical impact of falling victim to phishing is often more immediate and significant for executives.
  • E. Clean desk and BYOD: These are good security practices but might be less critical as standalone training topics compared to phishing and general security awareness for executives. Question 2: Sara, a company's security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building. Which of the following should Sara immediately implement? A. Acceptable Use Policy B. Physical security controls - Correct Answer C. Technical controls D. Security awareness training Rationale:
  • B. Physical security controls: The issue of unauthorized personnel possessing access codes to physical areas directly relates to weaknesses in physical security controls. Sara should immediately implement measures like changing the access codes, reviewing who has access and why, and potentially implementing a more robust access control system (e.g., key cards, biometrics) along with stricter policies on code sharing.
  • A. Acceptable Use Policy: An acceptable use policy governs the use of IT systems, not physical access to buildings.
  • C. Technical controls: Technical controls involve hardware and software solutions. While they could be part of a long-term solution (e.g., biometric locks), the immediate need is to address the compromised access codes, which is a physical security issue.
  • D. Security awareness training: While training on not sharing access codes is important, the immediate action should be to remediate the existing vulnerability by changing the codes and improving physical access controls. Question 3: After a number of highly publicized and embarrassing customer data leaks as a result of social engineering attacks by phone, the Chief Information Officer (CIO) has decided
  • A. Security awareness training: Security awareness training is specifically designed to educate end users on a wide range of security topics, including acceptable use policies, data privacy, emerging threats, and the secure use of technologies like social networking.
  • B. BYOD security training: BYOD training focuses specifically on the security implications of using personal devices for work purposes.
  • C. Role-based security training: Role-based training is tailored to the specific security responsibilities and risks associated with a user's job role.
  • D. Legal compliance training: Legal compliance training focuses on regulations and laws related to data privacy and security. Question 5: Sara, an employee, tethers her smartphone to her work PC to bypass the corporate web security gateway while connected to the LAN. While Sara is out at lunch her PC is compromised via the tethered connection and corporate data is stolen. Which of the following would BEST prevent this from occurring again? A. Disable the wireless access and implement strict router ACLs. B. Reduce restrictions on the corporate web security gateway. C. Security policy and threat awareness training. - Correct Answer D. Perform user rights and permissions reviews Rationale:
  • C. Security policy and threat awareness training: The root cause of this incident is a user bypassing security controls due to a lack of understanding of the risks. Security policy should explicitly prohibit unauthorized network connections like tethering, and threat awareness training should educate users about the dangers of bypassing security controls and the potential for their devices to introduce threats to the corporate network.
  • A. Disable the wireless access and implement strict router ACLs: While this might prevent wireless tethering, it doesn't address other potential bypass methods and could hinder legitimate wireless use cases.
  • B. Reduce restrictions on the corporate web security gateway: Reducing security restrictions would increase the risk of malware and data breaches, the opposite of the desired outcome.
  • D. Perform user rights and permissions reviews: While important for least privilege, this doesn't directly prevent users from making unauthorized network connections. Question 6: Which of the following is the BEST reason to provide user awareness and training programs for organizational staff? A. To ensure proper use of social media B. To reduce organizational IT risk - Correct Answer C. To detail business impact analyses D. To train staff on zero-days Rationale:
  • B. To reduce organizational IT risk: The primary goal of user awareness and training programs is to reduce organizational IT risk. By educating employees about security threats, policies, and best practices, organizations can minimize the likelihood of human error leading to security incidents, data breaches, and other risks.
  • A. To ensure proper use of social media: While social media usage can be part of security awareness, it's not the overarching reason for the entire program.
  • C. To detail business impact analyses: Business impact analyses are conducted by security professionals, not typically part of end-user training.
  • D. To train staff on zero-days: While awareness of advanced threats is beneficial, focusing solely on zero-day exploits in general user training might be too technical and less impactful than broader security awareness. Question 7: Ann would like to forward some Personally Identifiable Information to her HR department by email, but she is worried about the confidentiality of the information. Which of the following will accomplish this task securely? A. Digital Signatures B. Hashing C. Secret Key D. Encryption - Correct Answer Rationale:

End-user awareness training for handling sensitive personally identifiable information would include secure storage and transmission of customer: A. Date of birth. - Correct Answer B. First and last name. - Correct Answer C. Phone number. - Correct Answer D. Employer name. Rationale: Options A, B, and C all constitute Personally Identifiable Information (PII). End-user awareness training on handling sensitive PII would cover the secure storage and transmission of all data that could directly or indirectly identify an individual. This includes:

  • A. Date of birth: Can be used to identify an individual.
  • B. First and last name: Directly identifies an individual.
  • C. Phone number: Can be linked to an individual.
  • D. Employer name: While it provides context, the employer name alone is generally not considered sensitive PII in the same way as the other options. Question 10: Which of the following concepts is a term that directly relates to customer privacy considerations? A. Data handling policies B. Personally identifiable information - Correct Answer C. Information classification D. Clean desk policies Rationale:
  • B. Personally identifiable information (PII): Personally identifiable information (PII) is data that can be used to identify an individual.^1 Protecting PII is a core aspect of customer privacy considerations and is often mandated by privacy laws and regulations.
  • A. Data handling policies: While data handling policies are important for managing data securely, they are a means to protect privacy, not the term that directly relates to the information itself.
  • C. Information classification: Information classification categorizes data based on its sensitivity, which informs security controls but isn't the term directly related to customer privacy.
  • D. Clean desk policies: Clean desk policies are physical security measures to protect sensitive information left unattended, indirectly supporting privacy but not the primary term. Question 11: Which of the following policies is implemented in order to minimize data loss or theft? A. PII handling - Correct Answer B. Password policy C. Chain of custody D. Zero day exploits Rationale:
  • A. PII handling policy: A comprehensive PII (Personally Identifiable Information) handling policy outlines procedures for the secure collection, storage, processing, transmission, and disposal of PII. Properly implemented, this policy directly minimizes the risk of data loss or theft of sensitive customer and employee information.
  • B. Password policy: A password policy aims to secure access to systems and data by requiring strong and regularly changed passwords, primarily preventing unauthorized access rather than addressing data loss or theft after access is gained.
  • C. Chain of custody: Chain of custody documents the chronological history of evidence, ensuring its integrity and accountability, primarily relevant in forensic investigations.
  • D. Zero day exploits: Zero-day exploits are vulnerabilities unknown to the vendor, posing a threat of data breach if exploited, but not a policy implemented to minimize data loss. DE - - correct ans- - Used in conjunction, which of the following are PII? (Choose two.) A. Marital status B. Favorite movie

A - - correct ans- - What is the term for the process of luring someone in (usually done by an enforcement officer or a government agent)? A. Enticement B. Entrapment C. Deceit D. Sting B - - correct ans- - In which of the following categories would creating a corporate privacy policy, drafting acceptable use policies, and group based access control be classified? A. Security control frameworks B. Best practice C. Access control methodologies D. Compliance activity B - - correct ans- - Which of the following is the process in which a law enforcement officer or a government agent encourages or induces a person to commit a crime when the potential criminal expresses a desire not to go ahead? A. Enticement B. Entrapment C. Deceit D. Sting C - - correct ans- - Results from a vulnerability analysis indicate that all enabled virtual terminals on a router can be accessed using the same password. The company's network device security policy mandates that at least one virtual terminal have a

different password than the other virtual terminals. Which of the following sets of commands would meet this requirement? A. line vty 0 6 P@s5W0Rd password line vty 7 Qwer++!Y password B. line console 0 password password line vty 0 4 password P@s5W0Rd C. line vty 0 3 password Qwer++!Y line vty 4 password P@s5W0Rd D. line vty 0 3 password Qwer++!Y line console 0 password P@s5W0Rd A - - correct ans- - Why would a technician use a password cracker? A. To look for weak passwords on the network B. To change a user's passwords when they leave the company C. To enforce password complexity requirements D. To change user's passwords if they have forgotten them B - - correct ans- - Which of the following security concepts would Sara, the security administrator, use to mitigate the risk of data loss? A. Record time offset B. Clean desk policy C. Cloud computing D. Routine log review AE - - correct ans- - The manager has a need to secure physical documents every night, since the company began enforcing the clean desk policy. The BEST solution would include: (Choose two.) A. Fire- or water-proof safe. B. Department door locks.

A. Cross-platform compatibility issues between personal devices and server-based applications B. Lack of controls in place to ensure that the devices have the latest system patches and signature files C. Non-corporate devices are more difficult to locate when a user is terminated D. Non-purchased or leased equipment may cause failure during the audits of company-owned assets C - - correct ans- - Several employees submit the same phishing email to the administrator. The administrator finds that the links in the email are not being blocked by the company's security device. Which of the following might the administrator do in the short term to prevent the emails from being received? A. Configure an ACL B. Implement a URL filter C. Add the domain to a block list D. Enable TLS on the mail server C - - correct ans- - A security researcher wants to reverse engineer an executable file to determine if it is malicious. The file was found on an underused server and appears to contain a zero-day exploit. Which of the following can the researcher do to determine if the file is malicious in nature? A. TCP/IP socket design review B. Executable code review C. OS Baseline comparison D. Software architecture review C - - correct ans- - A security administrator has concerns about new types of media which allow for the mass distribution of personal comments to a select group of people.

To mitigate the risks involved with this media, which of the following should employees receive training on? A. Peer to Peer B. Mobile devices C. Social networking D. Personally owned devices D - - correct ans- - The information security team does a presentation on social media and advises the participants not to provide too much personal information on social media websites. Which of the following would this advice BEST protect people from? A. Rainbow tables attacks B. Brute force attacks C. Birthday attacks D. Cognitive passwords attacks B - - correct ans- - Pete, the system administrator, has blocked users from accessing social media websites. In addition to protecting company information from being accidentally leaked, which additional security benefit does this provide? A. No competition with the company's official social presence B. Protection against malware introduced by banner ads C. Increased user productivity based upon fewer distractions D. Elimination of risks caused by unauthorized P2P file sharing A - - correct ans- - Which of the following is a security risk regarding the use of public P2P as a method of collaboration? A. Data integrity is susceptible to being compromised.

A. Policies B. Procedures C. Metrics D. Standards C - - correct ans- - Which of the following is an attack vector that can cause extensive physical damage to a datacenter without physical access? A. CCTV system access B. Dial-up access C. Changing environmental controls D. Ping of death A - - correct ans- - A company that purchased an HVAC system for the datacenter is MOST concerned with he following: A. Availability B. Integrity C. Confidentiality D. Fire suppression C - - correct ans- - Which of the following should be connected to the fire alarm system in order to help prevent the spread of a fire in a server room without data loss to assist in an FM-200 deployment? A. Water base sprinkler system B. Electrical C. HVAC

D. Video surveillance B - - correct ans- - Which of the following is a security benefit of providing additional HVAC capacity or increased tonnage in a datacenter? A. Increased availability of network services due to higher throughput B. Longer MTBF of hardware due to lower operating temperatures C. Higher data integrity due to more efficient SSD cooling D. Longer UPS run time due to increased airflow A - - correct ans- - Which of the following fire suppression systems is MOST likely used in a datacenter? A. FM- 200 B. Dry-pipe C. Wet-pipe D. Vacuum B - - correct ans- - When implementing fire suppression controls in a datacenter it is important to: A. Select a fire suppression system which protects equipment but may harm technicians. B. Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers. C. Integrate maintenance procedures to include regularly discharging the system. D. Use a system with audible alarms to ensure technicians have 20 minutes to evacuate. D - - correct ans- - Which of the following should be considered to mitigate data theft when using CAT5 wiring?

C. HVAC system D. EMI shielding D - - correct ans- - Which of the following is an effective way to ensure the BEST temperature for all equipment within a datacenter? A. Fire suppression B. Raised floor implementation C. EMI shielding D. Hot or cool aisle containment BD - - correct ans- - Which of the following results in datacenters with failed humidity controls? (Choose two.) A. Excessive EMI B. Electrostatic charge C. Improper ventilation D. Condensation E. Irregular temperature B - - correct ans- - The datacenter manager is reviewing a problem with a humidity factor that is too low. Which of the following environmental problems may occur? A. EMI emanations B. Static electricity C. Condensation D. Dry-pipe fire suppression

C - - correct ans- - A technician is investigating intermittent switch degradation. The issue only seems to occur when the building's roof air conditioning system runs. Which of the following would reduce the connectivity issues? A. Adding a heat deflector B. Redundant HVAC systems C. Shielding D. Add a wireless network B - - correct ans- - A malicious person gained access to a datacenter by ripping the proximity badge reader off the wall near the datacenter entrance. This caused the electronic locks on the datacenter door to release because the: A. badge reader was improperly installed. B. system was designed to fail open for life-safety. C. system was installed in a fail closed configuration. D. system used magnetic locks and the locks became demagnetized. C - - correct ans- - A company is trying to implement physical deterrent controls to improve the overall security posture of their data center. Which of the following BEST meets their goal? A. Visitor logs B. Firewall C. Hardware locks D. Environmental monitoring B - - correct ans- - Pete, an IT Administrator, needs to secure his server room. Which of the following mitigation methods would provide the MOST physical protection?