How to Ace the SECURITY-PLUS: CompTIA Security+

Question 1 · General Security Concepts

A company wants to implement a security model that assumes no trust for any user or device, regardless of whether they are inside or outside the corporate network. Which architecture best supports this requirement?

• Role-Based Access Control
• Zero Trust
• Perimeter-based security
• Defense in Depth

Correct answer: Zero Trust

Zero Trust architecture operates on 'never trust, always verify' - requiring continuous authentication and authorization for every access request regardless of network location. Unlike perimeter security which trusts internal users, Zero Trust treats all access as potentially hostile.

Question 2 · Threats, Vulnerabilities, and Mitigations

A security administrator notices unusual outbound connections from a web server to known malicious IP addresses. The server is displaying IoCs associated with data exfiltration. Which attack type is most likely occurring?

• ARP poisoning
• Command and control communication
• Man-in-the-middle
• Denial of Service

Correct answer: Command and control communication

Outbound connections to malicious IPs with data exfiltration indicators strongly suggest compromised systems communicating with attacker command and control (C2) infrastructure. This is characteristic of advanced persistent threats and malware infections.

Question 3 · Security Architecture

An organization wants to host public web servers while protecting internal networks from direct internet exposure. Which network architecture should be implemented?

• Peer-to-peer network
• Direct internet connection
• Intranet only
• DMZ (Demilitarized Zone)

Correct answer: DMZ (Demilitarized Zone)

A DMZ creates a buffer network between trusted internal networks and untrusted external networks. Public-facing servers (web, email, DNS) reside in the DMZ, protecting internal networks while maintaining external service availability.

Question 4 · Security Operations

A security administrator receives an alert about suspicious lateral movement between servers in the data center. Network logs show unusual SMB connections from a compromised workstation. What is the immediate priority?

• Reboot the domain controller
• Update antivirus definitions
• Delete user accounts
• Isolate the compromised workstation and affected servers

Correct answer: Isolate the compromised workstation and affected servers

Immediate containment is critical to prevent further lateral movement and data exfiltration. Isolating affected systems stops the attack progression while preserving evidence for investigation. Other actions follow containment.

Question 5 · Security Program Management and Oversight

A European company processes personal data of EU residents. They must obtain explicit consent before collecting data and notify authorities of breaches within 72 hours. Which regulation applies?

• PCI-DSS
• HIPAA
• GDPR (General Data Protection Regulation)
• SOX

Correct answer: GDPR (General Data Protection Regulation)

GDPR is the EU data protection regulation requiring lawful basis for processing, consent management, data subject rights, 72-hour breach notification, privacy by design, and potential fines up to 4% of global revenue.

Question 6 · General Security Concepts

An organization needs to ensure that a financial transaction cannot be denied by either party after completion. Which security principle directly addresses this requirement?

• Availability
• Integrity
• Confidentiality
• Non-repudiation

Correct answer: Non-repudiation

Non-repudiation provides cryptographic proof of origin and prevents parties from denying their participation in a transaction. Digital signatures are commonly used to achieve non-repudiation.

Question 7 · General Security Concepts

A security administrator is comparing encryption methods. Which statement correctly describes the primary difference between symmetric and asymmetric encryption?

• Symmetric uses one shared key; asymmetric uses public/private key pairs
• Symmetric is more secure than asymmetric
• Asymmetric is faster than symmetric
• Symmetric uses public/private key pairs

Correct answer: Symmetric uses one shared key; asymmetric uses public/private key pairs

Symmetric encryption (AES) uses a single shared key for both encryption and decryption, making it fast but challenging for key distribution. Asymmetric encryption (RSA) uses mathematically related public and private keys, enabling secure key exchange but with higher computational overhead.

Question 8 · General Security Concepts

During a security audit, an analyst discovers that identical passwords produce identical hash values in the database. Which control should be implemented to prevent rainbow table attacks?

• Increase password length only
• Use symmetric encryption
• Implement password salting
• Disable password complexity

Correct answer: Implement password salting

Salting adds random data to passwords before hashing, ensuring identical passwords produce different hashes. This defeats precomputed rainbow table attacks by requiring attackers to compute hashes for each unique salt.

Question 9 · General Security Concepts

A company is designing authentication for a high-security data center. The solution requires users to present a smart card and enter a PIN. Which authentication factors are being used?

• Something you have and something you know
• Two instances of something you know
• Something you are and something you have
• Something you know and somewhere you are

Correct answer: Something you have and something you know

Smart cards represent 'something you have' (possession factor), while PINs represent 'something you know' (knowledge factor). Together they provide two-factor authentication requiring both possession and knowledge.

Question 10 · General Security Concepts

An organization experiences a data breach. Investigation reveals attackers accessed archived data from three years ago that was encrypted with the company's current key. Which cryptographic feature would have prevented access to historical data?

• Certificate pinning
• Digital signatures
• Key escrow
• Perfect Forward Secrecy

Correct answer: Perfect Forward Secrecy

Perfect Forward Secrecy (PFS) generates unique session keys for each communication session. Even if long-term private keys are compromised, past session keys cannot be recovered, protecting historical encrypted data.