Scroll down to see your responses and detailed results
Prepare for the CompTIA Security+ SY0-701 exam with our free practice test. Randomly generated and customizable, this test allows you to choose the number of questions.
A company has recently decided to allow employees to access corporate email and applications on their personal smartphones. The IT department is tasked to ensure that corporate data is secure on these devices without completely restricting personal use. Which of the following MDM deployment models should be utilized?
Bring your own device (BYOD)
Corporate-owned, personally enabled (COPE)
Corporate-owned, business-only (COBO)
Choose your own device (CYOD)
The correct answer is Bring your own device (BYOD). This model allows employees to use their personal devices to access corporate resources while maintaining the security of the company's data. The IT department will use MDM solutions to create a secure container for corporate data on personal devices. It enables the management of corporate applications and data without taking full control of the personal device, providing a balance between security and privacy. Corporate-owned, personally enabled (COPE) provides devices owned by the company to the employees, which doesn't apply here because employees are using their own devices. Choose your own device (CYOD) involves employees choosing from a list of approved devices provided by the company, which is also not applicable in this scenario. Lastly, Corporate-owned, business-only (COBO) is when the company owns the device and restricts it to business use only, which is not suitable for personal devices.
Your company issues cell phones to employees that they are authorized to use for personal use as well as business. This is an example of which mobile device policy?
POCE
CYOD
BYOD
COPE
When a company uses a corporate owned, personally enabled (COPE) device policy employees are issued a mobile device that is owned by the company but is authorized to use the device for personal use in addition to business.
Bring your own device (BYOD )—also called bring your own technology (BYOT), bring your own phone (BYOP), and bring your own personal computer (BYOPC)—refers to being allowed to use one's personally owned device, rather than being required to use an officially provided device. There are two major contexts in which this term is used. One is in the mobile phone industry, where it refers to carriers allowing customers to activate their existing phone (or other cellular device) on the network, rather than being forced to buy a new device from the carrier.The other, and the main focus of this article, is in the workplace, where it refers to a policy of permitting employees to bring personally owned devices (laptops, tablets, smartphones, etc.) to work, and to use those devices to access privileged company information and applications. This phenomenon is commonly referred to as IT consumerization.BYOD is making significant inroads in the business world, with about 75% of employees in high-growth markets such as Brazil and Russia and 44% in developed markets already using their own technology at work. Surveys have indicated that businesses are unable to stop employees from bringing personal devices into the workplace. Research is divided on benefits. One survey shows around 95% of employees stating they use at least one personal device for work.
Bring_your_own_device#Corporate-owned,_personally_enabled_(COPE) - Wikipedia, the free encyclopediaWhich of the following best describes controls that are designed to establish security policies, procedures, and guidelines?
Managerial Controls
Technical Controls
Operational Controls
Physical Controls
Managerial controls are designed to establish security policies, procedures, and guidelines within an organization. They help in the strategic alignment of security practices with business operations and in ensuring that organizational security objectives are met. They are essential for the governance of security within the company.
Technical controls, on the other hand, involve the use of technology to enforce security measures, such as firewalls and encryption. Operational controls are more about implementing and maintaining day-to-day security tasks. Physical controls include tangible measures like locks, biometrics, and surveillance systems.
A large enterprise is seeking to enhance their system's reliability and ensure that their web application remains accessible to users, even during high traffic periods or one or more server failures. They require a solution that distributes incoming network traffic across multiple servers. Which of the following options would BEST meet their needs?
Load balancer
Failover
Clustering
Replication
A Load balancer is designed to distribute network traffic across multiple servers. This helps to ensure that no single server bears too much demand, thereby increasing the reliability and availability of the application. Failover is a process related to standby operational mode, where the functions of a system component (like a server) are assumed by secondary system components when the primary component becomes unavailable. However, it doesn't cater to distributing traffic during normal operations. Clustering does provide high availability but does not specifically distribute network traffic like a load balancer. Replication is a process of copying data from one location to another but does not pertain to traffic distribution or immediate high availability during peak loads.
Which of the following is considered a guideline within effective security governance frameworks?
Change management procedure
Data retention guidelines
Disaster recovery policy
Acceptable Use Policy (AUP)
Password standard
Encryption policies
A guideline is a general rule, principle, or piece of advice that is intended to advise or guide behavior within an organization. Guidelines are not mandatory or enforceable but serve to direct consistent security practices throughout an entity.
When using a cloud service provider, which matrix is typically used to delineate the security responsibilities held by the customer versus the service provider?
Cloud Security Alliance Matrix
Shared Responsibility Model
Service Level Agreement Matrix
Cloud Control Matrix
The correct answer is 'Shared Responsibility Model.' This model is essential in cloud computing as it clearly outlines what security controls are the responsibility of the cloud service provider and what controls are the responsibility of the customer. Understanding this division is key to maintaining security in a cloud environment.
Your company's online retail system has been experiencing irregular traffic patterns which often lead to unplanned downtime, especially during peak shopping seasons. As a security professional tasked with enhancing system resilience, which of the following solutions would best ensure that the retail platform remains available and responsive under varying load conditions?
Implementing load balancers to distribute the traffic across multiple servers
Implementing redundant physical links to ensure network connectivity
Upgrading the system to use a single, high-performance server that can handle more requests
Deploying additional intrusion detection systems (IDS) and intrusion prevention systems (IPS)
Installing more powerful security software to identify traffic anomalies and possible DDoS attacks
Implementing load balancers helps distribute traffic across multiple server resources, thereby reducing the burden on any single server and improving the overall responsiveness and availability of the system during peak times or during a DDoS attack. Load balancers can dynamically add or remove resources based on demand, making them an ideal solution for handling unpredictable traffic patterns and enhancing system resilience. Redundant physical links, while useful for network resilience, do not directly address the load issues on application servers. Using a single powerful server is a risky strategy, because it creates a single point of failure and such servers still have limits to their capacity. Employing IDS/IPS systems and upgrading security software are important measures, but they do not primarily deal with load distribution.
In an effort to mitigate the risk of insider threats, an organization's security team has drafted a set of guidelines that require employees to report any suspicious behavior or policy violations to the security office immediately. What type of security control are these guidelines?
Deterrent Control
Directive Control
Technical Control
Physical Control
The guidelines requiring employees to report suspicious behavior represent a directive control. Directive controls are policies, regulations, and guidelines that mandate specific actions or behavior to ensure compliance and enhance the security posture of an organization. The focus on behavior and reporting in this scenario aligns with the intention behind directive controls to guide user actions. The other options, while plausible, do not fulfill the purpose of directing specific actions. Technical controls involve technology and devices, deterrent controls aim to discourage but don't direct specific reporting actions, and physical controls involve tangible measures to secure assets, which do not include guidelines for behavior.
A company wants to reduce the amount of different login IDs and passwords their employees need to access the different company resources. What type of authentication scheme would you recommend they implement to provide that functionality?
SSO
RADIUS
802.1x
TACACS+
Single sign-on (SSO) is an authentication scheme that allows for the use of a single login/password to access multiple related, yet separate applications.
Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems. True single sign-on allows the user to log in once and access services without re-entering authentication factors. It should not be confused with same-sign on (Directory Server Authentication), often accomplished by using the Lightweight Directory Access Protocol (LDAP) and stored LDAP databases on (directory) servers.A simple version of single sign-on can be achieved over IP networks using cookies but only if the sites share a common DNS parent domain.For clarity, a distinction is made between Directory Server Authentication (same-sign on) and single sign-on: Directory Server Authentication refers to systems requiring authentication for each application but using the same credentials from a directory server, whereas single sign-on refers to systems where a single authentication provides access to multiple applications by passing the authentication token seamlessly to configured applications. Conversely, single sign-off or single log-out (SLO) is the property whereby a single action of signing out terminates access to multiple software systems. As different applications and resources support different authentication mechanisms, single sign-on must internally store the credentials used for initial authentication and translate them to the credentials required for the different mechanisms. Other shared authentication schemes, such as OpenID and OpenID Connect, offer other services that may require users to make choices during a sign-on to a resource, but can be configured for single sign-on if those other services (such as user consent) are disabled. An increasing number of
Single_sign-on - Wikipedia, the free encyclopediaKey Escrow is required for all implementations of Public Key Infrastructure to ensure third-party access to encrypted data in case of emergencies.
False
True
Key Escrow is not mandatory for all PKI implementations. It is an arrangement in which the keys needed to decrypt encrypted data are securely held so that, under certain circumstances, an authorized third party may gain access to those keys. However, the use of Key Escrow depends on the policies and requirements of the organization. In many cases, for privacy or security reasons, Key Escrow may not be implemented at all.
As a security architect, your company is expanding into new markets and is now subject to different regional regulations regarding data sovereignty. You need to ensure that customer data remains within legal borders according to these regulations. Which of the following methods would be the MOST effective to comply with these data sovereignty requirements?
Geographic restrictions
Tokenization
Hashing
Data masking
Encryption
Obfuscation
Geographic restrictions are a set of controls implemented to ensure that data does not leave a specific geographic area, which is essential for meeting data sovereignty requirements. This method allows organizations to comply with regional regulations by preventing the transfer of data across borders that could lead to legal and compliance issues.
Which of the following BEST describes a primary security concern for an RTOS in the context of an industrial control system?
Blocking port scanning and reconnaissance activities on the network.
Protecting against data leakage by employing full disk encryption.
Preventing unauthorized physical access to the system hardware.
Ensuring tasks are processed within a specific time frame to maintain operational continuity.
RTOS are designed to handle real-time applications that require a deterministic response to events. The most critical aspect of securing an RTOS is ensuring the availability and timely processing of tasks, which can be crucial for safety and operational continuity in industrial environments. If tasks are not completed within the required time frame, it could result in system failures or hazards. Other answers, such as data leakage and physical tampering, although important for general security, are not as central to RTOS security concerns as availability and timely task execution.
What type of security device deployment allows network traffic to flow through it, potentially blocking or modifying packets if malicious activity is detected?
Inline device
Monitoring device
Tap device
Passive sensor
An inline security device is placed directly in the path of the network traffic. It has the ability to actively block, permit, or modify the traffic passing through it based on the security policies in place, similar to how a checkpoint can stop or allow traffic in a roadway. In contrast, a tap (test access point) or monitoring device connects to a network segment but does not directly interact with the traffic flow; it merely duplicates the data for analysis, thus incapable of affecting the original traffic.
A company's publicly accessible blog has been defaced with political slogans and messages. These unauthorized alterations have not resulted in any financial demand, data theft, or additional malfunctions within the company's IT infrastructure. Which type of threat actor is MOST likely to be responsible for this incident?
Unskilled attacker
Hacktivist
Organized crime
Insider threat
The correct answer is Hacktivist, as their primary motivation is often to promote political or social change, and they are known to deface websites to send a message. This type of activity is consistent with the observed unauthorized alterations containing political slogans without any financial gain or significant disruption of services, which diverges from the modus operandi of other threat actors like nation-states or organized crime groups.
Which protocol is primarily used to secure HTTP traffic by providing encryption, authentication, and integrity?
SSH
SSL
TLS
AES
TLS is the correct answer because it is the protocol specifically designed to secure transmission of data over the internet, ensuring the encryption of data, authentication of the server, and integrity of the transmitted data. SSL, while historically used for similar purposes, has been deprecated in favor of the more secure TLS. SSH is used for secure remote administration of systems, not for securing HTTP traffic.
Looks like thats it! You can go back and review your answers or click the button below to grade your test.