CompTIA Security+ Question H-81

Allowing unauthorized removable devices to connect to computers increases the risk of which of the following?

A. Data leakage prevention
B. Data exfiltration
C. Data classification
D. Data deduplication

Answer: B

Explanation:
Data exfiltration is the unauthorized copying, transfer or retrieval of data from a system.

CompTIA Security+ Question F-85

Which of the following helps to apply the proper security controls to information?

A. Data classification
B. Deduplication
C. Clean desk policy
D. Encryption

Answer: A

Explanation:
Information classification is done by confidentiality and comprises of three categories, namely: public use, internal use and restricted use. These categories make applying the appropriate policies and security controls practical.

CompTIA Security+ Question F-54

An organization is recovering data following a datacenter outage and determines that backup copies of files containing personal information were stored in an unsecure location, because the sensitivity was unknown. Which of the following activities should occur to prevent this in the future?

A. Business continuity planning
B. Quantitative assessment
C. Data classification
D. Qualitative assessment

Answer: C

Explanation:
Information classification is done by confidentiality and comprises of three categories, namely: public use, internal use and restricted use. Knowing how to apply these categories and matching it up with the appropriate data handling will address the situation of the data ‘unknown sensitivity’

CompTIA Security+ Question A-29

The use of social networking sites introduces the risk of:

A. Disclosure of proprietary information
B. Data classification issues
C. Data availability issues
D. Broken chain of custody

Answer: A

Explanation:
People and processes must be in place to prevent the unauthorized disclosure or proprietary information and sensitive information s these pose a security risk to companies. With social networking your company can be exposed to as many threats as the amount of users that make use of social networking and are not advised on security policy regarding the use of social networking.

CompTIA Network+ Question B-16

In the past, a company has experienced several network breaches as a result of end-user actions. To help mitigate future breaches, which of the following documents should the security team ensure are up-to-date and enforced for all employees? (Select TWO)

A. Memorandum of understanding
B. Data classification document
C. Service level agreement
D. Interconnection security agreement
E. Consent to monitor
F. Acceptable use policy

Correct Answer: AF