- (Exam Topic 3)
Which of the following automation use cases would best enhance the security posture Of an organi-zation by rapidly updating permissions when employees leave a company Or change job roles inter-nally?
Correct Answer:
B
Disabling access is an automation use case that can enhance the security posture of an organization by rapidly updating permissions when employees leave a company or change job roles internally. It can prevent unauthorized access and data leakage by revoking or modifying the access rights of employees based on their current status and role.
- (Exam Topic 1)
Which of the following conditions impacts data sovereignty?
Correct Answer:
D
Data sovereignty refers to the legal concept that data is subject to the laws and regulations of the country in which it is located. International operations can impact data sovereignty as companies operating in multiple countries may need to comply with different laws and regulations. References:
CompTIA Security+ Study Guide, Exam SY0-601, 4th Edition, Chapter 5
- (Exam Topic 4)
The concept of connecting a user account across the systems of multiple enterprises is best known as:
Correct Answer:
D
The concept of connecting a user account across the systems of multiple enterprises is best known as federation. Federation is a process that allows users to authenticate once and access multiple resources or services across different domains or organizations. For example, a user can use their Google account to sign in to various websites or applications that support federation, without creating separate accounts or passwords for each one. Federation can improve user convenience and security, as well as reduce administrative overhead.
- (Exam Topic 3)
Which of the following security concepts should an e-commerce organization apply for protection against erroneous purchases?
Correct Answer:
C
Integrity is a security concept that ensures that data is accurate, complete and consistent, and that it has not been tampered with or modified in an unauthorized or unintended way. Integrity is important for e-commerce organizations to protect against erroneous purchases, as it can prevent data corruption, duplication, loss or manipulation that could affect the transactions or the records of the customers. Integrity can be achieved by using methods such as hashing, digital signatures, checksums, encryption and access control. Verified References:
Security+ (Plus) Certification | CompTIA IT Certifications https://www.comptia.org/certifications/security (See What Skills Will You Learn?) CompTIA Security+ 601 - Infosec
https://www.infosecinstitute.com/wp-content/uploads/2021/03/CompTIA-Security-eBook.pdf (See Security+: 5 in-demand cybersecurity skills) CompTIA Security+ SY0-601 Certification Study Guide https://www.comptia.org/training/books/security-sy0-601-study-guide (See Chapter 1: Threats, Attacks and Vulnerabilities, Section 1.4: Cryptography and PKI)
- (Exam Topic 3)
An organization routes all of its traffic through a VPN Most users are remote and connect into a corporate data center that houses confidential information There is a firewall at the internet border, followed by a DLP appliance, the VPN server and the data center itself Which of the following is the weakest design element?
Correct Answer:
C
VPN (Virtual Private Network) traffic is encrypted to protect its confidentiality and integrity over the internet. However, this also means that it cannot be inspected by security devices or tools when entering or leaving the network, unless it is decrypted first. This can create a blind spot or a vulnerability for the network security posture, as malicious traffic or data could bypass detection or prevention mechanisms by using VPN encryption