CompTIA Security+ Question I-14

When confidentiality is the primary concern, and a secure channel for key exchange is not available, which of the following should be used for transmitting company documents?

A. Digital Signature
B. Symmetric
C. Asymmetric
D. Hashing

Answer: C

Explanation:
Asymmetric algorithms use two keys to encrypt and decrypt data. These asymmetric keys are referred to as the public key and the private key. Asymmetric algorithms do not require a secure channel for the initial exchange of secret keys between the parties.

CompTIA Security+ Question I-8

Which of the following provides the HIGHEST level of confidentiality on a wireless network?

A. Disabling SSID broadcast
B. MAC filtering
C. WPA2
D. Packet switching

Answer: C

Explanation:
The Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2) authentication protocols were designed to address the core, easy-to-crack problems of WEP.

CompTIA Security+ Question I-1

Ann would like to forward some Personal Identifiable Information to her HR department by email, but she is worried about the confidentiality of the information. Which of the following will accomplish this task securely?

A. Digital Signatures
B. Hashing
C. Secret Key
D. Encryption

Answer: D

Explanation:
Encryption is used to prevent unauthorized users from accessing data. Data encryption will support the confidentiality of the email.

CompTIA Security+ Question H-86

A security administrator wants to ensure that the message the administrator sends out to their Chief Financial Officer (CFO) does not get changed in route. Which of the following is the administrator MOST concerned with?

A. Data confidentiality
B. High availability
C. Data integrity
D. Business continuity

Answer: C

Explanation:
Integrity is the process of ensuring that the information has not been altered during transmission. This can be accomplished by means of hashing.

CompTIA Security+ Question H-58

Protecting the confidentiality of a message is accomplished by encrypting the message with which of the following?

A. Sender’s private key
B. Recipient’s public key
C. Sender’s public key
D. Recipient’s private key

Answer: B

Explanation:
To achieve both authentication and confidentiality, the sender should include the recipient’s name in the message, sign it using his private key, and then encrypt both the message and the signature using the recipient’s public key.

Topic 7, Mixed Questions

CompTIA Security+ Question H-35

Which of the following controls can be used to prevent the disclosure of sensitive information stored on a mobile device’s removable media in the event that the device is lost or stolen?

A. Hashing
B. Screen locks
C. Device password
D. Encryption

Answer: D

Explanation:
Encryption is used to ensure the confidentiality of information.

CompTIA Security+ Question H-21

A software firm posts patches and updates to a publicly accessible FTP site. The software firm also posts digitally signed checksums of all patches and updates. The firm does this to address:

A. Integrity of downloaded software.
B. Availability of the FTP site.
C. Confidentiality of downloaded software.
D. Integrity of the server logs.

Answer: A

Explanation:
Digital Signatures is used to validate the integrity of the message and the sender. In this case the software firm that posted the patches and updates digitally signed the checksums of all patches and updates.

CompTIA Security+ Question H-6

A security manager requires fencing around the perimeter, and cipher locks on all entrances. The manager is concerned with which of the following security controls?

A. Integrity
B. Availability
C. Confidentiality
D. Safety

Answer: D

Explanation:
Fencing is used to increase physical security and safety. Locks are used to keep those who are unauthorized out.

CompTIA Security+ Question G-93

A software company has completed a security assessment. The assessment states that the company should implement fencing and lighting around the property. Additionally, the assessment states that production releases of their software should be digitally signed. Given the recommendations, the company was deficient in which of the following core security areas? (Select TWO).

A. Fault tolerance
B. Encryption
C. Availability
D. Integrity
E. Safety
F. Confidentiality

Answer: D,E

Explanation:
Aspects such as fencing, proper lighting, locks, CCTV, Escape plans Drills, escape routes and testing controls form part of safety controls. Integrity refers to aspects such as hashing, digital signatures, certificates and non-repudiation – all of which has to do with data integrity.

CompTIA Security+ Question G-64

Several departments within a company have a business need to send high volumes of confidential information to customers via email. Which of the following is the BEST solution to mitigate unintentional exposure of confidential information?

A. Employ encryption on all outbound emails containing confidential information.
B. Employ exact data matching and prevent inbound emails with Data Loss Prevention.
C. Employ hashing on all outbound emails containing confidential information.
D. Employ exact data matching and encrypt inbound e-mails with Data Loss Prevention.

Answer: A

Explanation:
Encryption is used to ensure the confidentiality of information and in this case the outbound email that contains the confidential information should be encrypted.