WGU C178 CompTIA Security+ Actual final Exam Questions and Accurately verified Answers latest 2024/2025
4 views 0 purchase
Course
WGU 178 CompTIA Security
Institution
WGU 178 CompTIA Security
WGU C178 CompTIA Security+ Actual final Exam Questions and Accurately verified Answers latest 2024/2025
Policies - correct answer Rules or standards governing usage. These are typically high level in nature.
Privacy policy - correct answer Defines what controls are required to implement and m...
RAID levels - correct answer A set of RAID configurations that consists of striping,
mirroring, or parity.
Recovery point objective - correct answer Defines the point at which the system needs
to be restored.
Recovery time objective - correct answer Maximum amount of time that a process or
service is allowed to be down and consequences still be considered acceptable.
Redundancy - correct answer Refers to systems that either are duplicated or failover to
other systems in the event of a malfunction.
Redundant Array of Independent (or Inexpensive) Disks (RAID) - correct answer A
configuration of multiple hard disks used to provide fault tolerance, should a disk fails, or
gains in efficiency. Different levels of RAID exist.
Replication - correct answer The process of copying directory information to other
servers to keep them all synchronized.
,Risk acceptance - correct answer The choice you must make when the cost of
implementing any of the other four choices exceeds the value of the harm that would
occur if the risk came to fruition.
Risk analysis - correct answer An evaluation of each risk that can be identified. Each
risk should be outlined, described, and evaluated on the likelihood of it occurring.
Risk assessment - correct answer Deals with the threats, vulnerabilities, and impacts
of a loss of information-processing capabilities or a loss of information itself.
Risk avoidance - correct answer Involves identifying a risk and making the decision to
no longer engage in the actions associated with that risk.
Risk calculation - correct answer Weighs a potential threat against the likelihood or
probability of it occurring.
Risk deterrence - correct answer Involves understanding about the enemy and letting
them know the harm that can come their way if they cause harm to you.
Risk mitigation - correct answer Accomplished any time you take steps to reduce risk.
Risk transference - correct answer Involves sharing some of the risk burden with
someone else, such as an insurance company.
Security policies - correct answer Rules set in place by a company to ensure the
security of a network. These may include how often a password must be changed or
how many characters a password should be.
Define how identification and authorization occur and determine access control, audits,
and network connectivity
Server - correct answer A computer that provides resources to clients on the network.
,Single loss expectancy (SLE) - correct answer The cost of a single loss when it occurs.
This loss can be a critical failure, or it can be the result of an attack.
Threat vectors - correct answer Ways in which an attacker poses a threat.
Uninterruptible power supply (UPS) - correct answer A device that can provide short-
term power, usually by using batteries.
User - correct answer A person using a computer or network or a resource.
Vulnerability - correct answer A weakness that could be exploited by a threat.
Scope statement - correct answer outlines what the policy intends to accomplish and
which documents, laws, and practices the policy addresses. The scope statement
provides background to help readers understand what the policy is about and how it
applies to them.
Risk mitigation - correct answer is accomplished any time you take steps to reduce the
risk. This category includes installing antivirus software, educating users about possible
threats, monitoring the network traffic, adding a firewall, and so on. In Microsoft's
Security Intelligence Report, Volume 13, the following suggestions for mitigating risk
through user awareness training are listed:
Risk avoidance - correct answer involves identifying a risk and making the decision not
to engage any longer in the actions associated with that risk
Risk transferrence - correct answer contrary to what the name may imply, does not
mean that you shift the risk completely to another entity. What you do instead is share
some of the burden of the risk with someone else, such as an insurance company. A
typical policy would pay you a cash amount if all the steps were in place to reduce risk
and your system was still harmed.
, Risk deterrence - correct answer involves understanding something about the enemy
and letting them know the harm that can come their way if they cause harm to you. This
can be as simple as posting prosecution policies on your login pages and convincing
them that you have steps in place to identify intrusions and to act on them.
Risk acceptance - correct answer often the choice you must make when the cost of
implementing any of the other four choices exceeds the value of the harm that would
occur if the risk came to fruition. To truly qualify as acceptance, it cannot be a risk where
the administrator or manager is unaware of its existence; it has to be an identified risk
for which those involved understand the potential cost or damage and agree to accept
it.
Equation for Annualized Loss Expectancy - correct answer SLE × ARO = ALE
SLE - correct answer Single Loss Expectancy
ALE - correct answer Annualized Loss Expectancy
AV - correct answer Asset Value
Equation for SLE - correct answer AV x EF = SLE
DLP - correct answer Data Loss Prevention
Policy Overview Statement - correct answer provides the goal of the policy, why it's
important, and how to comply with it. Ideally, a single paragraph is all you need to
provide readers with a sense of the policy
Policy Statement - correct answer Once the policy's readers understand its
importance, they should be informed about the substance of the policy. A policy
statement should be as clear and unambiguous as possible. The policy may be
presented in paragraph form, as bulleted lists, or as checklists.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller KieranKent55. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.49. You're not tied to anything after your purchase.
