CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
ComptiA Security+ Certification Exam Questions and answer - Part 28
1. An incident response analyst at a large corporation is reviewing proxy log data. The analyst believes a malware infection may have occurred. Upon further review,the analyst determines the computer responsible for the suspicious network traffic is used by the Chief Executive Officer (CEO). Which of the following is the best NEXT step for the analyst to take?
A) Call the CEO directly to ensure awareness of the event
B) Run a malware scan on the CEO - s workstation
C) Reimage the CEO - s workstation
D) Disconnect the CEO - s workstation from the network
2. An incident response manager has started to gather all the facts related to a SIEM alert showing multiple systems may have been compromised. The manager has gathered these facts: The breach is currently indicated on six user PCs One service account is potentially compromised Executive management has been notified In which of the following phases of the IRP is the manager currently working?
A) Recovery
B) Eradication
C) Containment
D) Identification
3. An information security analyst needs to work with an employee who can answer questions about how data for a specific system is used in the business. The analyst should seek out an employee who has the role of:
A) steward
B) owner
C) privacy officer
D) systems administrator
4. An information system owner has supplied a new requirement to the development team that calls for increased non-repudiation within the application. After undergoing several audits,the owner determined that current levels of non-repudiation were insufficient. Which of the following capabilities would be MOST appropriate to consider implementing is response to the new requirement?
A) Transitive trust
B) Symmetric encryption
C) Two-factor authentication
D) Digital signatures
E) One-time passwords
5. An in-house penetration tester has been asked to evade a new DLP system. The tester plans to exfiltrate data through steganography. Discovery of which of the following would help catch the tester in the act?
A) Abnormally high numbers of outgoing instant messages that contain obfuscated text
B) Large-capacity USB drives on the tester's desk with encrypted zip files
C) Outgoing emails containing unusually large image files
D) Unusual SFTP connections to a consumer IP address
A) Call the CEO directly to ensure awareness of the event
B) Run a malware scan on the CEO - s workstation
C) Reimage the CEO - s workstation
D) Disconnect the CEO - s workstation from the network
2. An incident response manager has started to gather all the facts related to a SIEM alert showing multiple systems may have been compromised. The manager has gathered these facts: The breach is currently indicated on six user PCs One service account is potentially compromised Executive management has been notified In which of the following phases of the IRP is the manager currently working?
A) Recovery
B) Eradication
C) Containment
D) Identification
3. An information security analyst needs to work with an employee who can answer questions about how data for a specific system is used in the business. The analyst should seek out an employee who has the role of:
A) steward
B) owner
C) privacy officer
D) systems administrator
4. An information system owner has supplied a new requirement to the development team that calls for increased non-repudiation within the application. After undergoing several audits,the owner determined that current levels of non-repudiation were insufficient. Which of the following capabilities would be MOST appropriate to consider implementing is response to the new requirement?
A) Transitive trust
B) Symmetric encryption
C) Two-factor authentication
D) Digital signatures
E) One-time passwords
5. An in-house penetration tester has been asked to evade a new DLP system. The tester plans to exfiltrate data through steganography. Discovery of which of the following would help catch the tester in the act?
A) Abnormally high numbers of outgoing instant messages that contain obfuscated text
B) Large-capacity USB drives on the tester's desk with encrypted zip files
C) Outgoing emails containing unusually large image files
D) Unusual SFTP connections to a consumer IP address
1. Right Answer: D
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: B
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: B
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: C
Explanation:
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment