CompTIA Security+ Guide to Network Security Fundamentals: Ch. 1 Review Questions
Which tool is most commonly associated with nation-state actors?
Advanced persistent threat (APT)
Which specific type of control is intended to mitigate (lessen) damage caused by an attack?
Corrective control
Which of the following controls is NOT implemented before an attack occurs?
Detective Control
Which control is designed to ensure that a particular outcome is achieved by providing incentives?
Directive Control
Which of the following is NOT considered an attribute of threat actors?
Educated/uneducated
Which of the following is NOT a message-based attack surface?
Network Protocols
Which of the following is false about the CompTIA Security+ certification
The Security+ certification is a vendor-neutral credential
What is another name for "attack surface"?
Threat Vector
Complete this definition of information security: That which protects the integrity, confidentiality, and availability of information _____.
through products, people, and procedures on the devices that store, manipulate, and transmit the information
Ginevra is explaining to her roommate the relationship between security and convenience. Which statement most accurately indicated this relationship
Any proportions between security and convenience depends on the type of attack.
Which of the following AAA elements is applied immediately after a user has logged into a computer with their username and password?
Authentication
Serafina is studying to take the Security+ certification exam. Which of the following of the CIA elements ensures that the only authorized parties can view protected information?
Credentiality
Ilaria is explaining to her parents why Information Security is the preferred term when talking about security in the enterprise. Which of following would Ilaria NOT say?
Cybersecurity is a subject of information security
What is the primary motivation of hacktivists?
Disruption/chaos
What is considered the motivation of an employee who practices shadow IT?
Ethical
Flavia is reading about insider threats. Which of the following is NOT true about insider threats?
Insider threats are usually dismissed as not being a serious risk
Gia has been asked to enhance the security awareness training workshop for new hires. Which category of security control would Gia be using?
Operational
Vittoria is working on her computer information systems degree at a local college and has started researching information security positions. Because she has no prior experience, which of the following positions would Vittoria most likely be offered?
Security Technician
Which of the following groups have the lowest level of technical knowledge for carrying out cyberattacks?
Unskilled attackers
Which of the following is NOT true about supply chain?
Vendors are the first step in a supply chain
