WGU 178 CompTIA CE Security+ Domain 5.0 CERTMASTER Certification Exam Questions Review and Answers 2024/2025
6 views 0 purchase
Course
WGU 178 CompTIA Security
Institution
WGU 178 CompTIA Security
WGU 178 CompTIA CE Security+ Domain 5.0 CERTMASTER Certification Exam Questions Review and Answers 2024/2025
A technician prepares a presentation to the board of directors on the variances between compliance reporting and monitoring after the board receives word that the company did poorly on it...
WGU 178 comptia CE Security+ Domain 5.0
certmaster Certification Exam Questions
Review and Answers 2024/2025
A technician prepares a presentation to the board of directors on the variances between
compliance reporting and monitoring after the board receives word that the company did
poorly on its last assessment. What are the tenets of compliance reporting? (Select the
two best options.) - correct answer A. It aims to assess and disclose an organization's
compliance status.
B. It promotes accountability, transparency, and effective compliance management.
A healthcare organization is developing its data privacy and security strategy. The
leadership team is exploring different methods to monitor, evaluate, and improve
security practices to ensure compliance with the Health Insurance Portability and
Accountability Act (HIPAA). What would be the MOST appropriate measure to maintain
and oversee its privacy and security controls? - correct answer A. Establishing an audit
committee
The IT department in a technology company is finalizing an agreement with a cloud
service provider to host sensitive customer data. The company's legal team is drafting
the contract, which includes a service level agreement (SLA) and a non-disclosure
agreement (NDA). Which of the following explanations MOST accurately demonstrates
the primary purpose of including an NDA in the contract with the cloud service provider?
- correct answer B. To protect the confidentiality of the company's data and proprietary
information
An organization is restructuring its IT governance framework to improve its
cybersecurity strategy. The organization has several distributed offices across various
geographical regions, each having a unique set of IT policies and infrastructure. The
cybersecurity lead aims to increase control and consistency over the security practices
in each office while retaining some autonomy for the individual offices to manage their
specific risks. Which governance structure aligns with the objectives of the cybersecurity
lead and effectively mitigates risks associated with the security practices at each office?
- correct answer A. Change Control Board (CCB) (incorrect)
, A tech start-up company is considering deploying a new email system. The start-up is
currently identifying risks associated with the potential downtime of the new system and
considering the costs for each event. What metric should the company utilize during this
process? - correct answer B. Single Loss Expectancy
A medium-sized organization is undergoing an audit for its information security
practices. As a security analyst, the auditor seeks to assess the organization's use of an
Acceptable Use Policy (AUP). What crucial aspect of the AUP should the auditor focus
on to ensure the organization meets the standards set for information security? -
correct answer A. The AUP includes clear consequences for noncompliance.
In a cybersecurity firm, the IT department is preparing for a penetration testing
engagement to assess the organization's security posture. The team has decided to
conduct an external penetration test on the company's public-facing web applications
and networks. The primary goal is to identify vulnerabilities and potential entry points for
attackers. To ensure a smooth testing process and avoid misunderstandings, the IT
team has collaborated with the company's management and relevant stakeholders to
establish the assessment's rules of engagement (ROE). What is the purpose of
establishing ROE in a penetration testing engagement? - correct answer A. To define
the scope of the assessment, testing methods, and timeframe for conducting the test
The IT department at a governmental agency is actively responsible for ensuring the
security of the agency's sensitive information and physical assets. Recently, concerns
have arisen about unauthorized access to certain restricted areas within the building. To
address this issue, the IT team is implementing access control measures to enhance
physical security. The main objective is to restrict entry to authorized personnel only and
prevent unauthorized individuals from gaining access to sensitive areas. What access
control measures could the IT department implement in the office building to enhance
physical security and prevent unauthorized access to restricted areas? - correct
answer A. Biometric authentication system using fingerprint scanning
The IT department at a multinational organization is evaluating potential risks
associated with implementing a new network infrastructure. This includes identifying
potential vulnerabilities, estimating potential downtime, and assessing the financial
impact of potential cyberattacks. Which type of risk assessment BEST suits the
organization's requirements? - correct answer B. Quantitative risk assessment
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller KieranKent55. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.49. You're not tied to anything after your purchase.