.png){kind=logo}
Module 1
- After Bella earned her security certification, she was offered a promotion. As she reviewed the job
responsibilities, she saw that in this position she will report to the CISO and will be a supervisor over a group of security technicians. Which of these generally recognized security positions has she been offered?
- Security administrator
- Security technician
- Security officer
- Security manager
Analysis:
- Incorrect. A security administrator manages daily operations of security technology and may analyze
- Incorrect. This position is generally an entry-level position for a person who has the necessary
- Incorrect. A security officer is not one of the generally recognized security positions.
- Correct. The security manager reports to the CISO and supervises technicians, administrators, and
and design security solutions within a specific entity as well as identifying users’ needs.
technical skills. Technicians provide technical support to configure security hardware, implement security software, and diagnose and troubleshoot problems.
security staff.
LO:
A-head:
Bloom's:
- Which of the following is false about the CompTIA Security+ certification?
- Security+ is one of the most widely acclaimed security certifications.
- Security+ is internationally recognized as validating a foundation level of security skills and
- The Security+ certification is a vendor-neutral credential.
- Professionals who hold the Security+ certification earn about the same or slightly less than security
knowledge.
professionals who have not achieved this certification.
Analysis:
- Incorrect. Security+ is one of the most widely acclaimed security certifications.
- Incorrect. Security+ is internationally recognized as validating a foundation level of security skills and
knowledge.(CompTIA Security + Guide to Network Security Fundamentals, 7e Mark Ciampa) (Solution Manual, For Complete File, Download link at the end of this File) 1 / 4
- Incorrect. The Security+ certification is a vendor-neutral credential.
- Correct. The value for an IT professional who holds a CompTIA security certification is significant. On
average, an employee with a CompTIA certification will command a salary that is between 5 to 15 times higher than their counterparts with similar qualifications but lacking a certification.
LO:
A-head:
Bloom's:
- Which of the following is true regarding the relationship between security and convenience?
- Security and convenience are inversely proportional.
- Security and convenience have no relationship.
- Security is less importance than convenience.
- Security and convenience are equal in importance.
Analysis:
- Correct. The relationship between these two is inversely proportional so that as security is increased,
- Incorrect. There is a relationship between security and convenience.
- Incorrect. Security is never less important than convenience.
- Incorrect. Security and convenience are not equal in importance.
convenience is decreased.
LO:
A-head:
Bloom's:
- Which of the following of the CIA Triad ensures that the information is correct, and no unauthorized
person has altered it?
- Confidentiality
- Integrity
- Availability
- Assurance
Analysis:
- Incorrect. Confidentiality ensures that only authorized parties can view the information. 2 / 4
- Correct. Integrity ensures that the information is correct and no unauthorized person or malicious
- Incorrect. Availability ensures that data is accessible only to authorized users and not to unapproved
- Incorrect. Assurance is not part of the CIA Triad.
software has altered the data.
individuals.
LO:
A-head:
Bloom's:
- Which of the following is not used to describe those who attack computer systems?
- Threat actor
- Hacker
- Malicious agent
- Attacker
Analysis:
- Incorrect. In cybersecurity, a threat actor is a term used to describe individuals or entities who are
- Incorrect. In the past, the term hacker referred to a person who used advanced computer skills to
- Correct. A threat actor is also called a malicious actor, not a malicious agent.
- Incorrect. The generic term attackers is commonly used.
responsible for cyber incidents against the technology equipment of enterprises and users.
attack computers
LO:
A-head:
Bloom's:
- Which of the following is not true regarding security?
- Security is a goal.
- Security includes the necessary steps to protect from harm.
- Security is a process.
- Security is a war that must be won at all costs.
Analysis: 3 / 4
- Incorrect. Sometimes security is defined as the state of being free from danger, which is the goal of
- Incorrect. Since complete security can never be fully achieved, the focus of security is more often on
- Incorrect. Since complete security can never be fully achieved, the focus of security is more often on
- Correct. Information security should not be viewed as a war to be won or lost. Just as crimes such as
security.
the process instead of the goal. In this light, security can be defined as the necessary steps to protect from harm.
the process instead of the goal.
burglary can never be completely eradicated, neither can attacks against technology devices. The goal is not a complete victory but, instead, maintaining equilibrium: as attackers take advantage of a weakness in a defense, defenders must respond with an improved defense. Information security is an endless cycle between attacker and defender.
LO:
A-head:
Bloom's:
- Luna is reading a book about the history of cybercrime. She read that the very first cyberattacks that
occurred were mainly for what purpose?
- Fortune
- Fame
- Financial gain
- Personal security
Analysis:
- Incorrect. Later threat actors purposed fortune, not the first cyberattackers.
- Correct. Early cyberattackers were trying to show off their skills to generate fame.
- Incorrect. Financial security is the same as fortune, and later threat actors pursued fortune.
- Incorrect. Threat actors do not try to achieve personal security through their attacks.
LO:
A-head:
Bloom's:
- Which of the following ensures that only authorized parties can view protected information?
- / 4
.png)