Book Image

CompTIA Security+ Practice Tests SY0-501

By : Ian Neil
Book Image

CompTIA Security+ Practice Tests SY0-501

By: Ian Neil

Overview of this book

CompTIA Security+ is a core security certification that will validate your baseline skills for a career in cybersecurity. Passing this exam will not only help you identify security incidents but will also equip you to resolve them efficiently. This book builds on the popular CompTIA Security+ Certification Guide, which mirrors the SY0-501 exam pattern. This practice test-based guide covers all six domains of the Security+ SY0-501 exam: threats, attacks, and vulnerabilities; technologies and tools; architecture and design; identity and access management; cryptography and PKI; and risk management. You’ll take six mock tests designed as per the official Security+ certification exam pattern, each covering significant aspects from an examination point of view. For each domain, the book provides a dedicated cheat sheet that includes important concepts covered in the test. You can even time your tests to simulate the actual exam. These tests will help you identify gaps in your knowledge and discover answers to tricky exam questions. By the end of this book, you’ll have developed and enhanced the skills necessary to pass the official CompTIA Security+ exam.
Table of Contents (9 chapters)

Chapter 3: Architecture and Design Practice Tests

Practice Test 9 – Solution

1. Prior to creating policies, companies should look at all regulations and frameworks to ensure that they comply with them.

2. COBIT and ITIL are non-regulatory and not legally enforceable as they are both good practice frameworks.

3. Purchasing broadband from two different companies provides vendor diversity, therefore, if one company fails, then the other still provides broadband.

4. The boundary layer between the LAN and the WAN is called the DMZ; it hosts the extranet web server that is normally used for suppliers and needs credentials to access it.

5. If a laptop had sensitive information such as research and development data, the IT team could isolate it from the network by air gapping it so nobody could connect to it.

6. When full disk encryption such as BitLocker is used on a laptop, the laptop needs to have either a TPM chip or an HSM to store the encryption keys.

7. An IT security team would...