Security Awareness

Question 1

What is the goal of Security Awareness?

Answer 1

Equip individuals to recognize and respond to threats for data protection

Focuses on common threats, potential risks, and best practices for secure digital interactions.

Question 2

Who can be a source of Insider Threats?

Answer 2

• Employees
• Former employees
• Contractors
• Business partners

Insider threats involve security risks from individuals within an organization.

Question 3

What is the goal of Password Management?

Answer 3

Ensure strong, unique passwords; securely stored; reduces unauthorized access risk

Involves practices and tools for creating, storing, and managing passwords.

Question 4

Name two techniques to prevent Social Engineering Attacks.

Answer 4

• Maintaining situational awareness
• Avoiding shoulder surfing

Prevention includes recognizing phone scams and maintaining operational security.

Question 5

What is the difference between Remote Work and Hybrid Work?

Answer 5

• Remote Work: Performing job functions outside the office
• Hybrid Work: Combining in-office and remote work for flexibility

Both models have unique security challenges.

Question 6

True or false: Creating a Culture of Security involves integrating cybersecurity into the organization’s ethos.

Answer 6

TRUE

It requires organizational change management, strategic planning, execution, monitoring, and reporting.

Question 7

What are some Behavior Indicators of Insider Threats?

Answer 7

• Altered State or Substance Abuse
• Emotional Distress
• Lifestyle Incongruences
• Financial Struggles

Training employees to recognize these behaviors is essential.

Question 8

What is a Password Manager?

Answer 8

Specialized tool, plugin, or extension used with web browsers to securely store and manage usernames and passwords

Helps prevent password reuse and enhances security.

Question 9

What is Operational Security (OPSEC)?

Answer 9

Protects critical information from being used by adversaries

Safeguards sensitive data, daily routines, and internal procedures.

Question 10

What should organizations do to address Security Challenges in remote work?

Answer 10

• Establish comprehensive policies
• Use secure connections like VPN
• Implement multi-factor authentication
• Provide cybersecurity training

Regular security audits and feedback sessions are also important.

Question 11

What is the importance of Policies and Handbooks in an organization?

Answer 11

Guide decisions, ensuring compliance with legal and ethical standards

They shape behavior and decision-making in organizations.

Question 12

Fill in the blank: Policies and handbooks should be reviewed at least _______.

Answer 12

annually

Updates reflect the changing cybersecurity landscape.

Question 13

What are the five domains of CompTIA Security+ (SY0-701)?

Answer 13

• Domain 1: General Security Concepts
• Domain 2: Threats, Vulnerabilities, and Mitigations
• Domain 3: Security Architecture
• Domain 4: Security Operations
• Domain 5: Security Program Management and Oversight

Each domain has a specific percentage weight in the exam.

Question 14

What is the purpose of training employees in a security culture?

Answer 14

Recognizing phishing attempts, data privacy, and safe online behavior

Encourages reporting of suspicious activities and includes practical exercises.

Question 15

What is Dumpster Diving in the context of security threats?

Answer 15

Attackers sift through garbage for discarded information

Employees with situational awareness can spot such activities.

Question 16

What are the characteristics of a culture of security?

Answer 16

• Continuous education
• Proactive risk mitigation
• Collective responsibility

Essential for safeguarding an organization.

Question 17

What is the goal of establishing an insider threat program?

Answer 17

Create a security culture

Encourages employees to report suspicious activities and provides training.

Question 18

How many countries around the world are mentioned?

Answer 18

50

The organization is continually adding countries.

Question 19

What is the benefit of being a CompTIA Platinum Partner?

Answer 19

Special discounted rate on exam vouchers

These savings are passed onto students when ordering exam vouchers.

Question 20

List the top five tips for increasing your score on the exam.

Answer 20

• Use a cheat sheet
• Skip any questions that are giving you trouble
• Take a guess
• Pick the best time for your exam
• Be confident

These strategies can help improve exam performance.

Question 21

What should you do with a cheat sheet during the exam?

Answer 21

Write down important things you may forget

You can use a whiteboard or dry erase sheet provided at the testing center.

Question 22

True or false: You should try to answer every question, even if you’re struggling.

Answer 22

FALSE

Mark questions for review and skip them if they are too difficult.

Question 23

What is the penalty for guessing incorrectly on the exam?

Answer 23

There is no penalty

Guessing is encouraged if you are in doubt.

Question 24

What should you consider when choosing the best time for your exam?

Answer 24

Pick a time that works best for you

Avoid scheduling after a long workday.

Question 25

What should you do if you are not **confident** before the exam?

Answer 25

Wait a few days to schedule your exam ## Footnote Build confidence by taking practice exams.

Question 26

When taking a practice exam, what is the goal?

Answer 26

Understand why the right answer was right and the wrong answers are wrong ## Footnote Memorizing the answer key is not the objective.

Question 27

What certifications are mentioned as steps to continue climbing the **CompTIA certification ladder**?

Answer 27

* CySA+ * PenTest+ * CASP+ ## Footnote These certifications represent advanced levels in cybersecurity.