CompTIA Security+ Question D-23

An email client says a digital signature is invalid and the sender cannot be verified. The recipient is concerned with which of the following concepts?

A. Integrity
B. Availability
C. Confidentiality
D. Remediation

Answer: A

Explanation:
A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender. The message is encrypted using the encryption system, and a second piece of information, the digital signature, is added to the message. Digital Signatures is used to validate the integrity of the message and the sender. Integrity means the message can’t be altered without detection.

CompTIA Security+ Question C-100

Ann is an employee in the accounting department and would like to work on files from her home computer. She recently heard about a new personal cloud storage service with an easy web interface. Before uploading her work related files into the cloud for access, which of the following is the MOST important security concern Ann should be aware of?

A. Size of the files
B. Availability of the files
C. Accessibility of the files from her mobile device
D. Sensitivity of the files

Answer: D

Explanation:
Cloud computing has privacy concerns, regulation compliance difficulties, use of open-/closed­source solutions, and adoption of open standards. It is also unsure whether cloud-based data is actually secured (or even securable).

CompTIA Security+ Question C-98

Ann, the system administrator, is installing an extremely critical system that can support ZERO downtime. Which of the following BEST describes the type of system Ann is installing?

A. High availability
B. Clustered
C. RAID
D. Load balanced

Answer: A

Explanation:
High Availability is he term used to refer to a system that has been secured and set up/configured in such a way so as to be online, active and able to respond and thus have zero downtime as a result.

CompTIA Security+ Question C-88

A program displays:
ERROR: this program has caught an exception and will now terminate.
Which of the following is MOST likely accomplished by the program’s behavior?

A. Operating system’s integrity is maintained
B. Program’s availability is maintained
C. Operating system’s scalability is maintained
D. User’s confidentiality is maintained

Answer: A

Explanation:
The purpose of error handling is to maintain the security and integrity of the system. Integrity is compromised when unauthorized modification occurs.

CompTIA Security+ Question C-77

Peter, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Peter’s BEST option?

A. Use hardware already at an offsite location and configure it to be quickly utilized.
B. Move the servers and data to another part of the company’s main campus from the server room.
C. Retain data back-ups on the main campus and establish redundant servers in a virtual environment.
D. Move the data back-ups to the offsite location, but retain the hardware on the main campus for redundancy.

Answer: A

Explanation:
A warm site provides some of the capabilities of a hot site, but it requires the customer to do more work to become operational. Warm sites provide computer systems and compatible media capabilities. If a warm site is used, administrators and other staff will need to install and configure systems to resume operations. For most organizations, a warm site could be a remote office, a leased facility, or another organization with which yours has a reciprocal agreement. Warm sites may be for your exclusive use, but they don’t have to be. A warm site requires more advanced planning, testing, and access to media for system recovery. Warm sites represent a compromise between a hot site, which is very expensive, and a cold site, which isn’t preconfigured.

CompTIA Security+ Question C-45

A network administrator has purchased two devices that will act as failovers for each other. Which of the following concepts does this BEST illustrate?

A. Authentication
B. Integrity
C. Confidentiality
D. Availability

Answer: D

Explanation:
Failover refers to the process of reconstructing a system or switching over to other systems when a failure is detected. In the case of a server, the server switches to a redundant server when a fault is detected. This strategy allows service to continue uninterrupted until the primary server can be restored. In the case of a network, this means processing switches to another network path in the event of a network failure in the primary path. This means availability.

CompTIA Security+ Question C-36

Digital signatures are used for ensuring which of the following items? (Select TWO).

A. Confidentiality
B. Integrity
C. Non-Repudiation
D. Availability
E. Algorithm strength

Answer: B,C

Explanation:
A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender. The message is encrypted using the encryption system, and a second piece of information, the digital signature, is added to the message. Nonrepudiation prevents one party from denying actions that they carried out and in the electronic world nonrepudiation measures can be a two-key cryptographic system and the involvement of a third party to verify the validity. This respected third party ‘vouches’ for the individuals in the two-key system. Thus non-repudiation also impacts on integrity.

CompTIA Security+ Question B-83

A company that purchased an HVAC system for the datacenter is MOST concerned with which of the following?

A. Availability
B. Integrity
C. Confidentiality
D. Fire suppression

Answer: A

Explanation:
Availability means simply to make sure that the data and systems are available for authorized users. Data backups, redundant systems, and disaster recovery plans all support availability; as does environmental support by means of HVAC.

CompTIA Security+ Question B-70

The main corporate website has a service level agreement that requires availability 100% of the time, even in the case of a disaster. Which of the following would be required to meet this demand?

A. Warm site implementation for the datacenter
B. Geographically disparate site redundant datacenter
C. Localized clustering of the datacenter
D. Cold site implementation for the datacenter

Answer: B

Explanation:
Data backups, redundant systems, and disaster recovery plans all support availability. AN in this case a geographically disparate site redundant datacenter represents 100% availability regardless of whether a disaster event occurs.