CompTIA ITF+ Information Security Principles Questions and Answers

Question 1

An attacker sends a fraudulent email that appears to be from a legitimate online retailer, complete with official logos and a link to a fake login page.
The email asks the recipient to confirm their account details due to a supposed security breach.
What type of attack is this?

Accepted Answer

Phishing

Answer

Denial-of-Service

Answer

Spyware

Answer

Brute-force

Question 2

A company wants to ensure its critical sales data has not been altered or tampered with, either accidentally or maliciously. Which principle of the CIA triad is PRIMARILY concerned with the accuracy and trustworthiness of data?

Accepted Answer

Integrity

Answer

Confidentiality

Answer

Authorization

Answer

Availability

Question 3

A user logs into their online banking portal. After entering their password correctly, the system sends a unique, one-time code to their smartphone via a text message, which they must also enter to gain access. This is an example of which security practice?

Accepted Answer

Multi-factor Authentication (MFA)

Answer

Data Encryption

Answer

Single Sign-On (SSO)

Answer

Biometric Authentication

Question 4

An employee's computer suddenly becomes unusable. A message appears on the screen, stating that all of their files have been encrypted and will be deleted unless a payment is made to an anonymous digital wallet. Which of the following BEST describes this type of malware?

Accepted Answer

Ransomware

Answer

Spyware

Answer

Virus

Answer

Adware

Question 5

A company policy requires employees to create strong passwords for all their accounts. Which of the following passwords BEST adheres to the principles of creating a strong password?

Accepted Answer

BlueCar!Sun98Flower?

Answer

Password123

Answer

Jsmith2026!

Answer

Tr@vel2Fr@nce

Question 6

A hospital's IT department implements a robust disaster recovery plan with redundant servers and frequent data backups to ensure that patient records and critical systems are always accessible to doctors and nurses, especially during an emergency. This plan primarily supports which principle of the CIA triad?

Accepted Answer

Availability

Answer

Confidentiality

Answer

Integrity

Answer

Authentication

An attacker sends a fraudulent email that appears to be from a legitimate online retailer, complete with official logos and a link to a fake login page.The email asks the recipient to confirm their account details due to a supposed security breach.What type of attack is this?

An attacker sends a fraudulent email that appears to be from a legitimate online retailer, complete with official logos and a link to a fake login page.
The email asks the recipient to confirm their account details due to a supposed security breach.
What type of attack is this?