CompTIA Certmaster CE Security+ Domain 2.0 Threats, Exams of Information Technology

CompTIA Certmaster CE Security+ Domain 2.0 Threats

Typology: Exams

2025/2026

Available from 01/03/2026

KattyJennifer-1
KattyJennifer-1 🇺🇸

5

(2)

6.1K documents

1 / 6

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1 / 6
CompTIA Certmaster CE Security+ Domain 2.0 Threats, Vulnerabilities,
and Mitigations Assessment Questions and Answers Graded A+
During a cybersecurity attack, how would a threat
actor use image files as a lure to target a
vulnerability in a browser or document editing
software? - ANSWER -A .The threat actor
conceals exploit code within an image file that
targets a vulnerability in the browser or document
editing software.
A large corporation is assessing its cybersecurity
practices by focusing on potential security risks
linked to hardware and firmware within the
company's extensive network of computer
systems. For the IT department, which of the
following strategies MOST effectively mitigates
the risks related to hardware and firmware
security vulnerabilities? - ANSWER -B.
Regularly update firmware to the latest, most
secure versions.
The server manager of a tech company observes
a significant increase in server resource
consumption, which is not proportional to the
workload on the server. Which of the following is
the MOST plausible cause for these
observations? - ANSWER -A. Radio-
frequency ID cloning (incorrect)
C. Malware infection (incorrect)
A cyber technician works on a corporate laptop
where an employee complains the software is
outdated. What type of vulnerability describes the
continued use of outdated software methods,
technology, computer systems, or application
programs despite known shortcomings? -
ANSWER -A. Legacy
The security team in a financial organization
identified a zero-day vulnerability that enables
cross-site scripting (XSS) attacks on its internal
web portal. The chief information security officer
(CISO) instructs the team to take immediate
action. Which action most effectively minimizes
the threat from the zero-day vulnerability and the
potential XSS attacks? - ANSWER -A.
Implement a web application firewall (WAF).
An IT security specialist at a mid-size corporation
observes a trend of unauthorized apps appearing
on company-provided mobile devices. The
specialist suspects the employees are either
sideloading apps or have jailbroken their devices.
What steps should the security specialist take to
verify the cause of the unauthorized applications
and to re-establish proper security protocols?
(Select the two best options.) - ANSWER -
B. Implement mobile device management (MDM)
policies to restrict unauthorized application
installation.
C. Conduct device audits to identify and detect
unauthorized applications and signs of
jailbreaking or sideloading.
Which of the following is an example of a
watering hole attack? - ANSWER -C.
Compromising a site often visited by a target
group to breach their devices.
A systems administrator notices that several user
accounts are frequently getting locked out.
Simultaneously, during these lockout instances,
the system did not record any logs. Which of the
following is the MOST likely explanation for the
lack of logs during these events? -
ANSWER -C. Log tampering or deletion
A system administrator is upgrading a company's
network security infrastructure and notices
several legacy machines running end-of-life
operating systems (OS). These machines are no
longer upgradeable as the developer has
stopped issuing security patches and updates.
However, the machines are still necessary for
pf3
pf4
pf5

Partial preview of the text

Download CompTIA Certmaster CE Security+ Domain 2.0 Threats and more Exams Information Technology in PDF only on Docsity!

and Mitigations Assessment Questions and Answers Graded A+

During a cybersecurity attack, how would a threat actor use image files as a lure to target a vulnerability in a browser or document editing software? - ANSWER - A .The threat actor conceals exploit code within an image file that targets a vulnerability in the browser or document editing software. A large corporation is assessing its cybersecurity practices by focusing on potential security risks linked to hardware and firmware within the company's extensive network of computer systems. For the IT department, which of the following strategies MOST effectively mitigates the risks related to hardware and firmware security vulnerabilities? - ANSWER - B. Regularly update firmware to the latest, most secure versions. The server manager of a tech company observes a significant increase in server resource consumption, which is not proportional to the workload on the server. Which of the following is the MOST plausible cause for these observations? - ANSWER - A. Radio- frequency ID cloning (incorrect) C. Malware infection (incorrect) A cyber technician works on a corporate laptop where an employee complains the software is outdated. What type of vulnerability describes the continued use of outdated software methods, technology, computer systems, or application programs despite known shortcomings? - ANSWER - A. Legacy The security team in a financial organization identified a zero-day vulnerability that enables cross-site scripting (XSS) attacks on its internal web portal. The chief information security officer (CISO) instructs the team to take immediate action. Which action most effectively minimizes the threat from the zero-day vulnerability and the potential XSS attacks? - ANSWER - A. Implement a web application firewall (WAF). An IT security specialist at a mid-size corporation observes a trend of unauthorized apps appearing on company-provided mobile devices. The specialist suspects the employees are either sideloading apps or have jailbroken their devices. What steps should the security specialist take to verify the cause of the unauthorized applications and to re-establish proper security protocols? (Select the two best options.) - ANSWER - B. Implement mobile device management (MDM) policies to restrict unauthorized application installation. C. Conduct device audits to identify and detect unauthorized applications and signs of jailbreaking or sideloading. Which of the following is an example of a watering hole attack? - ANSWER - C. Compromising a site often visited by a target group to breach their devices. A systems administrator notices that several user accounts are frequently getting locked out. Simultaneously, during these lockout instances, the system did not record any logs. Which of the following is the MOST likely explanation for the lack of logs during these events? - ANSWER - C. Log tampering or deletion A system administrator is upgrading a company's network security infrastructure and notices several legacy machines running end-of-life operating systems (OS). These machines are no longer upgradeable as the developer has stopped issuing security patches and updates. However, the machines are still necessary for

and Mitigations Assessment Questions and Answers Graded A+

certain critical tasks. What is the system administrator's MOST effective course of action to reduce potential security vulnerabilities caused by these legacy machines running end-of-life operating systems? - ANSWER - C. Isolate the legacy machines on a separate network segment. In a recent incident, a hacker group infiltrated a global financial institution's systems and stole the credit card information of millions of customers. The valuable information was soon available on the dark web. Based on the scenario, what is the MOST likely motivation of the hacker group? - ANSWER - B. Financial gain A major online retailer experiences a sudden halt in its services during the peak holiday shopping season. It traces the cause back to an orchestrated distributed denial of service (DDoS) attack, which overwhelmed the retailer's servers with traffic, making it impossible for legitimate users to access the site. This attack BEST aligns with which type of threat motivation? - ANSWER - B. Service disruption A multinational corporation recently fell victim to a series of cyberattacks, disrupting services and leading to significant financial losses. After an investigation, the corporation found that these attacks were part of a systematic campaign to undermine the corporation's market position. The highly sophisticated attacks suggest the involvement of a well-resourced entity with specific strategic objectives. Which of the following motivations BEST describes this scenario? - ANSWER - A. Political What social engineering attack relies on targeting individuals who frequent an unsecured third- party website to compromise their computers and gain access to a specific organization's systems?

  • ANSWER - D. Watering hole A global technology firm detected unauthorized access to its proprietary designs for an upcoming product. The intruders remained undetected for an extended period and extracted a large volume of confidential data without disrupting the company's operations. This stealthy, long-term breach aimed at acquiring secret information aligns BEST with which type of threat motivation?
  • ANSWER - B. Espionage A hacker targets a cloud security firm's network devices, including routers and switches. The hacker knows that companies often neglect changing vendor default login credentials for these devices. Using this knowledge, the hacker gains unauthorized access to the network by simply entering the default vendor username and password. Which of the following describes the type of attack in this scenario? - ANSWER - C. Default credentials A cyber team presents a discussion on the use of sideloading and jailbreaking to a group of board members. Which of the following best describe sideloading? (Select the two best options.) - ANSWER - C. It refers to the installation of applications from sources other than the official application store of the platform. D. It does not undergo the same scrutiny and vetting process as those on official application stores. An e-commerce company recently identified suspicious activity on its web-based application, suggesting a zero-day exploit. The security team suspects that a vulnerability in the application might be under active exploitation by malicious actors before the company identified and patched

and Mitigations Assessment Questions and Answers Graded A+

behavior? - ANSWER - B. Network congestion (incorrect) C. Blocked content D. Server downtime (incorrect) The cybersecurity team at a large company has recently uncovered evidence of a successful malicious cryptographic attack on their data servers facilitated by a misconfiguration in the cryptographic systems. What is the MOST appropriate initial response that the team should employ to address this critical security issue? - ANSWER - B. Correct the misconfiguration, implementing secure cryptographic controls. What technique does the threat actor use in a Bluetooth network attack to transmit malicious files to a user's device? - ANSWER - D. Exploiting vulnerabilities or misconfigurations in the Bluetooth protocol A prominent multinational corporation has experienced an unexpected spike in unauthorized network traffic aimed at its web servers. Upon investigation, the corporation discovered that the goal of this traffic was to disrupt its online services rather than gain unauthorized access or steal data. The attack started shortly after the corporation made a controversial policy decision that sparked a public backlash. Which type of attacker is MOST likely responsible? - ANSWER - D. Hacktivist An organization's system alerting tool detects a series of unsuccessful attempts by someone trying to gain unauthorized access to its servers. These attempts lack sophistication and appear to be using publicly available hacking tools. Which type of threat actor is MOST likely responsible for these attempts? - ANSWER - A. Unskilled attacker A software engineer trains new employees on the impacts of hardware and software vulnerabilities. The trainees must analyze and identify the vulnerability in their training session. During the session, the trainees experience a vulnerability where an attacker with access to a virtual machine (VM) breaks out of this isolated environment and gains access to the host system or other VMs running on the same host. What type of vulnerability did the trainees experience in this situation? - ANSWER - C. Virtualization A company's cybersecurity team evaluates threats that could exploit vulnerabilities in its physical infrastructure. The team is specifically considering threats that can directly harm the company's systems and potentially damage data or services. What type of threat does this scenario BEST describe? - ANSWER - D. Network attacks A cybersecurity analyst for a large organization permits employees to use Instant Messaging (IM) services on their devices. Despite using encryption, the analyst's concern is the potential software vulnerabilities and difficulty scanning messages and attachments for threats. Which actions should the cybersecurity analyst use to address this concern? - ANSWER - A. Regularly update and patch the Instant Messaging apps to address any known software vulnerabilities. A software technician presents a forum on sideloading and jailbreaking to a group of new mobile users. Which of the following points will the technician include in their discussion of the use of jailbreaking? (Select the two best options.)

  • ANSWER - A. It is a method used to gain

and Mitigations Assessment Questions and Answers Graded A+

elevated privileges and access to system files on mobile devices. B. It allows users to install unauthorized applications and customize device appearance and behavior. An organization observes several computer systems in a secured area showing signs of damage, having various cables disconnected, or hardware component tampering. Which type of attack is likely responsible for these issues? - ANSWER - C. Physical attacks A threat actor exploits the vulnerabilities or misconfigurations in a device's wireless networking protocol to transmit a malicious file to a user's device. This scenario is an example of what type of networking vector? - ANSWER - A. Bluetooth Network In a rapidly evolving IT environment, a cloud service provider offers various services to businesses, enabling them to store and process data securely. To enhance security, the provider regularly updates its systems and software. Despite these efforts, a security researcher discovers a previously unknown vulnerability in one of the cloud-specific applications, leaving customer data exposed to potential threats. In this scenario, which vulnerability is the security researcher likely to have found in the cloud- specific application? - ANSWER - A. SQL injection vulnerability (incorrect) A system administrator at a software company is reviewing the company's security procedures. The company uses various cryptographic techniques for data security and is currently concerned about potential misconfigurations that could compromise data integrity and confidentiality. The system administrator aims to mitigate the risk of misconfigurations in the company's cryptographic settings that could lead to potential security vulnerabilities. Which of the following actions should the system administrator prioritize to ensure the cryptographic systems are well-configured and avoid possible security gaps? (Select the two best options.) - ANSWER - C. Regularly update and patch cryptographic software. D. Conduct periodic penetration testing. An organization's IT security team has discovered that a recent software update, unknowingly deployed, contained a zero-day exploit. This vulnerability has now made the company's systems susceptible to potential unauthorized access. Which of the following immediate actions should the security team execute to manage this zero-day exploit situation? - ANSWER - B. Isolate the impacted systems and apply a patch or remediation strategy. A security analyst is investigating a security breach in a network system that involves unauthorized access to user credentials and reusing them multiple times. What is the MOST likely type of attack that has occurred? - ANSWER - D. Credential replay A web designer at a cybersecurity corporation receives an email from what appears to be a trusted colleague within the company. The email requests sensitive financial information to complete an urgent transaction and looks legitimate, displaying the colleague's name, company logo, and formatting. What type of sophisticated phishing attack occurs in this scenario? - ANSWER - D. Business email compromise