CompTIA exam questions
A security administrator discovers an image file that has several plain text documents hidden in the file. Which of the following security goals is met by camouflaging data inside of other files?
A. Integrity
B. Confidentiality
C. Steganography
D. Availability
A system administrator wants to confidentially send a user name and password list to an individual outside the company without the information being detected by security controls. Which of the following would BEST meet this security goal?
A. Digital signatures
B. Hashing
C. Full-disk encryption
D. Steganography
A security audit identifies a number of large email messages being sent by a specific user from their company email account to another address external to the company. These messages were sent prior to a company data breach, which prompted the security audit. The user was one of a few people who had access to the leaked data. Review of the suspect’s emails show they consist mostly of pictures of the user at various locations during a recent vacation. No suspicious activities from other users who have access to the data were discovered.
Which of the following is occurring?
A. The user is encrypting the data in the outgoing messages.
B. The user is using steganography.
C. The user is spamming to obfuscate the activity.
D. The user is using hashing to embed data in the emails.
A security administrator has implemented a policy to prevent data loss. Which of the following is the BEST method of enforcement?
A. Internet networks can be accessed via personally-owned computers.
B. Data can only be stored on local workstations.
C. Wi-Fi networks should use WEP encryption by default.
D. Only USB devices supporting encryption are to be used.
Which of the following can hide confidential or malicious data in the whitespace of other files (e.g. JPEGs)?
A. Hashing
B. Transport encryption
C. Digital signatures
D. Steganography
Ann, a newly hired human resource employee, sent out confidential emails with digital signatures, to an unintended group. Which of the following would prevent her from denying accountability?
A. Email Encryption
B. Steganography
C. Non Repudiation
D. Access Control
Which of the following is the BEST technology for the sender to use in order to secure the in-band exchange of a shared key?
A. Steganography
B. Hashing algorithm
C. Asymmetric cryptography
D. Steam cipher
Peter, a user, wants to protect sensitive information stored on his hard drive. He uses a program that encrypted the whole hard drive. Once the hard drive is fully encrypted, he uses the same program to create a hidden volume within the encrypted hard drive and stores the sensitive information within the hidden volume. This is an example of which of the following? (Select TWO).
A. Multi-pass encryption
B. Transport encryption
C. Plausible deniability
D. Steganography
E. Transitive encryption
F. Trust models
Which of the following is the BEST method for ensuring all files and folders are encrypted on all corporate laptops where the file structures are unknown?
A. Folder encryption
B. File encryption
C. Whole disk encryption
D. Steganography
A security administrator must implement a system to allow clients to securely negotiate encryption keys with the company’s server over a public unencrypted communication channel.
Which of the following implements the required secure key negotiation? (Select TWO).
A. PBKDF2
B. Symmetric encryption
C. Steganography
D. ECDHE
E. Diffie-Hellman