100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Solution and Answer Guide CompTIA Security+ Guide to Network Security Fundamentals 8th Edition 2025 by Mark Ciampa Chapter 1-15 $18.48
Add to cart

Exam (elaborations)

Solution and Answer Guide CompTIA Security+ Guide to Network Security Fundamentals 8th Edition 2025 by Mark Ciampa Chapter 1-15

 2 purchases
  • Course
  • Solution Manual
  • Institution
  • Solution Manual

Solution and Answer Guide CompTIA Security+ Guide to Network Security Fundamentals 8th Edition 2025 by Mark Ciampa Chapter 1-15

Preview 4 out of 150  pages

  • November 21, 2024
  • 150
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • Solution Manual
  • Solution Manual
avatar-seller
SolutionsStuvia
Solution and Answer Guide
COMPTIA SECURITY+ GUIDE TO NETWORK SECURITY FUNDAMENTALS 8TH EDITION 2025 BY MARK
CIAMPA

CHAPTER 1-15
MODULE 1: INTRODUCTION TO INFORMATION SECURITY


TABLE OF CONTENTS
Review Questions ........................................................................................................................................ 1
Hands-On Projects ...................................................................................................................................... 6
Hands-On Project 1-1: Examine Data Breaches - Visual ......................................................................... 6
Hands-On Project 1-2: Configure Microsoft Windows Sandbox ............................................................. 6
Hands-On Project 1-3: Are You a Victim? ............................................................................................... 7
Case Project ................................................................................................................................................. 7
Case Project 1-1: #TrendingCyber ............................................................................................................ 7
Case Project 1-2: Personal Attack Experience .......................................................................................... 8
Case Project 1-3: Security Podcasts or Video Series ................................................................................ 8
Case Project 1-4: Sources of Security Information ................................................................................... 8
Case Project 1-5: Career Information Security ......................................................................................... 9
Case Project 1-6: Bay Point Ridge Security ............................................................................................. 9
Activity Rubric ............................................................................................................................................ 9




REVIEW QUESTIONS
1. Vittoria is working on her computer information systems degree at a local college and has started researching
information security positions. Because she has no prior experience, which of the following positions would
Vittoria most likely be offered?
A. Security administrator
B. Security technician
C. Security officer
D. Security manager

Answer: B. Security technician
Explanation: A security technician position is generally an entry-level position for a person who has the
necessary technical skills. Technicians provide technical support to configure security hardware, implement
security software, and diagnose and troubleshoot problems.


© 2022 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible 1
website, in whole or in part.

,2. Which of the following is false about the CompTIA Security+ certification?
A. Security+ is one of the most widely acclaimed security certifications.
B. Security+ is internationally recognized as validating a foundation level of security skills and knowledge.
C. The Security+ certification is a vendor-neutral credential.
D. Professionals who hold the Security+ certification earn about the same or slightly less than security
professionals who have not achieved this certification.

Answer: D. Professionals who hold the Security+ certification earn about the same or slightly less than security
professionals who have not achieved this certification.
Explanation: When hiring workers for cybersecurity positions, an overwhelming majority of enterprises use
the Computing Technology Industry Association (CompTIA) Security+ certification to verify security
competency. Of the hundreds of security certifications currently available, Security+ is one of the most widely
acclaimed security certifications. Because it is internationally recognized as validating a foundation level of
security skills and knowledge, the Security+ certification has become the security baseline for today‘s IT
security professionals.

3. Ginevra is explaining to her roommate the relationship between security and convenience. Which statement
most accurately indicates this relationship?
A. Security and convenience are directly proportional.
B. Security and convenience have no relationship.
C. Any proportions between security and convenience depends on the type of attack.
D. Security and convenience are inversely proportional.

Answer: D. Security and convenience are inversely proportional.
Explanation: It is important to understand the relationship between security and convenience. The relationship
between these two is not directly proportional (as security is increased, convenience is increased) but, instead, it
is completely the opposite, known as inversely proportional (as security is increased, convenience is decreased).

4. Serafina is studying to take the Security+ certification exam. Which of the following of the CIA elements
ensures that only authorized parties can view protected information?
A. Confidentiality
B. Integrity
C. Availability
D. Credentiality

Answer: A. Confidentiality
Explanation: It is important that only approved individuals are able to access sensitive information. For example,
the credit card number used to make an online purchase must be kept secure and not made available to other parties.
Confidentiality ensures that only authorized parties can view the information. Providing confidentiality can involve
several different security tools, ranging from software to encrypt the credit card number stored on the web server to
door locks to prevent access to those servers.

5. Which of the following AAA elements is applied immediately after a user has logged into a computer with their
username and password?
A. Authentication
B. Authorization
C. Identification



© 2022 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible 2
website, in whole or in part.

, D. Recording

Answer: B. Authorization
Explanation: Authorization, granting permission to take an action, is the next step after authentication. Once users
have presented their identification and been authenticated, they can log in to a computer system. Computer users are
granted access only to the specific services, devices, applications, and files needed to perform their job duties.

6. Gia has been asked to enhance the security awareness training workshop for new hires. Which category of
security control would Gia be using?
A. Managerial
B. Technical
C. Operational
D. Physical

Answer: C. Operational
Explanation: Operational controls are implemented and executed by people. One example is conducting workshops
to help train users to identify and delete suspicious messages.

7. Which specific type of control is intended to mitigate (lessen) damage caused by an attack?
A. Corrective control
B. Compensating control
C. Preventive control
D. Restrictive control

Answer: A. Corrective control
Explanation: A control that is intended to mitigate or lessen the damage caused by the incident is called a corrective
control.

8. Which control is designed to ensure that a particular outcome is achieved by providing incentives?
A. Deterrent control
B. Incentive control
C. Detective control
D. Directive control

Answer: D. Directive control
Explanation: A directive control is designed to ensure that a particular outcome is achieved. One type of directive
control is an incentive, which is the ―carrot‖ instead of the ―stick.‖ Incentives are often overlooked as a control, but
they can be very powerful.

9. Which of the following controls is NOT implemented before an attack occurs?
A. Detective control
B. Deterrent control
C. Preventive control
D. Directive control

Answer: A. Detective control
Explanation: A detective control is used to identify an attack and occurs during an attack.




© 2022 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible 3
website, in whole or in part.

, 10. Complete this definition of information security: That which protects the integrity, confidentiality, and
availability of information _____.
A. on electronic digital devices and limited analog devices that can connect via the Internet or through a local
area network
B. through a long-term process that results in ultimate security
C. using both open-sourced as well as supplier-sourced hardware and software that interacts appropriately
with limited resources
D. through products, people, and procedures on the devices that store, manipulate, and transmit the
information

Answer: D. through products, people, and procedures on the devices that store, manipulate, and transmit the
information.
Explanation: Information security may be defined as that which protects the integrity, confidentiality, and
availability of information through products, people, and procedures on the devices that store, manipulate, and
transmit the information.

11. Which of the following groups have the lowest level of technical knowledge for carrying out cyberattacks?
A. Unskilled attackers
B. Hacktivists
C. Nation-state actors
D. Organized crime

Answer: A. Unskilled attackers
Explanation: Individuals who want to perform attacks yet lack the technical knowledge to carry out these attacks
are sometimes called unskilled attackers.

12. Ilaria is explaining to her parents why information security is the preferred term when talking about security in
the enterprise. Which of the following would Ilaria NOT say?
A. Cybersecurity usually involves a range of practices, processes, and technologies intended to protect
devices, networks, and programs that process and store data in an electronic form.
B. In a business information may be in any format, from electronic files to paper documents.
C. Cybersecurity is a subset of information security.
D. Information security protects ―processed data‖ or information.

Answer: C. Cybersecurity is a subset of information security.
Explanation: Cybersecurity is considered an overall umbrella term under which information security is found.

13. Which of the following is not considered an attribute of threat actors?
A. Level of sophistication/capability
B. Educated/uneducated
C. Resources/funding
D. Internal/external

Answer: B. Educated/uneducated
Explanation: The attributes, or characteristic features, of the different groups of threat actors vary widely. Some
groups have a high level of power and complexity (called level of sophistication/capability) and have a massive
network of resources, while others are ―lone wolves‖ with minimal skills and no resources. In addition, some groups




© 2022 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible 4
website, in whole or in part.

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller SolutionsStuvia. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $18.48. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

66139 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 15 years now

Start selling
$18.48  2x  sold
  • (0)
Add to cart
Added