CompTIA Security+ Practice Test (SY0-701)

Changes, even urgent ones, should be documented and approved based on company policy. This is typically called something like a "Change Request" or CR, or a "Request For Change" or RFC. This is the first step in deploying updates, configuration changes, etc.

The Recovery Time Objective (RTO) specifies the target amount of time a service provider aims to restore a business process after a disruption and is therefore the primary focus when ensuring timely restoration of services as per the service-level agreement (SLA). Mean Time to Repair (MTTR) refers to the average time to repair a broken component, which, although important, is not specific to service-level targets for business processes. Annualized Loss Expectancy (ALE) is used in risk assessment and financial impact analysis, not in SLAs. Reconnaissance is related to information gathering, typical in security assessments like penetration testing, and is unrelated to SLAs.

Data remanence is the primary risk. If RAM or storage blocks are not sanitized before being reassigned, residual information from the previous VM can persist. A new VM might be able to read that leftover data, exposing sensitive information. While privilege escalation, denial-of-service conditions, and virtual-switch misconfigurations are genuine virtualization issues, none of them directly stem from reusing uncleared resources.

RPO (Recovery Point Objective) defines the amount of data an organization can afford to lose, measured in time. This helps in determining the frequency of data backups to ensure data loss stays within acceptable limits. The other options relate to different aspects of disaster recovery, such as restoration time, incident response procedures, and access prevention strategies.

An organization needs to comply with local and regional regulations to ensure that they are not violating any laws that may be specific to the jurisdictions they operate in. Not understanding these local nuances could lead to legal issues, such as fines or sanctions. For example, certain regions may have specific requirements for data protection that differ from national laws, such as stricter privacy regulations that mandate data residency within the region. National and global standards, while essential, may not cover all aspects of the local regulatory environment, and universal standards do not typically exist for cybersecurity, hence the specificity of the correct answer.

Managerial controls are the correct answer because they involve establishing security policies, procedures, and guidelines to manage security risks. These controls are implemented at the management level and provide the framework for the overall security strategy. Technical controls, on the other hand, involve implementing and managing security technologies like firewalls and encryption. Operational controls focus on day-to-day operations and tasks, such as incident response and access controls. Physical controls protect physical assets and premises, such as using biometrics and surveillance.

An Acceptable Use Policy (AUP) outlines the appropriate behavioral expectations for users accessing and utilizing company IT assets, including internet and email use, software, and hardware. It is essential for maintaining security by informing users of their responsibilities and limiting risky behavior.

Password spraying is a technique used by attackers where they try common passwords against many different accounts to find a match. They do this without triggering the account's lockout policy as they do not make too many attempts on a single account. It differs from brute force attacks which generally try many password combinations on one account, potentially triggering lockout mechanisms.

Using automated deployment tools with security checks integrated into the deployment pipeline provides the most secure and efficient deployment strategy. It leverages scripting and automated processes to enforce security baselines, apply configurations, and ensure that all steps are consistently followed for each deployment. Automation reduces the risk of human error and ensures that security controls are integrated throughout the deployment process. Manual deployment increases risk as it's more prone to errors and inconsistencies. Scheduled deployment may not address the immediate security needs of the environment, and phased deployment focuses more on functionality and user adaptation rather than security.

The term Internet of Things (IoT) refers to a network of physical objects that are equipped with sensors, software, and communication capabilities so they can connect to, exchange, and sometimes act on data with other devices and systems-usually over the internet or other networks. Choices that focus only on traditional IT infrastructure, a single software protocol, or centralized industrial platforms do not capture the defining elements of IoT: physical "things" and autonomous connectivity.

Resource provisioning refers to the process of allocating and managing computing resources, like user accounts and permission sets, to users or systems in a way that aligns with organizational security policies. Incorrect answers might seem plausible because they involve similar processes, but they do not accurately describe the act of resource allocation and management as resource provisioning does.

Implementing key escrow involves securely storing copies of cryptographic keys with a trusted third party or designated authority. This allows the organization to recover encrypted data if the original keys are lost or inaccessible. Key stretching strengthens weak keys against brute-force attacks but does not help in recovering lost keys. Digital certificates associate public keys with user identities but do not provide a means for key recovery. Certificate Revocation Lists (CRLs) are used to revoke untrusted certificates and do not aid in data recovery.

An incremental backup captures only the data that has changed since the last backup of any type-either full or incremental-so it typically requires the least storage space. A differential backup records all changes since the last full backup, so its size grows each day until another full backup occurs. A snapshot represents a point-in-time copy of a volume rather than a true change-based backup method. A full backup duplicates every selected file and therefore consumes the most storage.

High availability refers to systems that are dependable enough to operate continuously without failing for a long period of time. It is often measured by the uptime in the context of an annual percentage. The incorrect options, while related to system performance and design, do not specifically relate to the concept of being operational and accessible when required.

Employing a biometric authentication system increases security by requiring personal physical attributes, making it significantly more resistant to systematic guessing and unauthorized entry compared to numerical access codes. Updating numerical access codes intermittently can temporarily prevent unauthorized access but does not inherently improve resistance against a focused attack. An audible alert after a set number of failed attempts might deter but not prevent an intruder who can still continue to attempt access. Video surveillance, although useful for monitoring and recording, does not in itself prevent unauthorized access.