How to Interpret Security+ Questions

Posted by in Security+ | 6 comments

Do you know how to interpret Security+ questions? It’s often easier than you think, as long as you understand the underlying content.

People that memorize practice test questions and answers often fail the exam and don’t understand why. Instead, they blame CompTIA for creating “trick” questions.

In truth, the only people that are tricked by slightly modified questions are people that memorize them.

However, people that learn how to interpret Security+ questions typically pass the exam the first time they take it.

You might also like to view this video:

How to Practice Interpreting Security+ Questions

First, try to identify the correct answer without looking at the answers.

If you don’t see your answer as one of the possible answers, see if you can throw out two of them.

Last, identify the best answer between them.

When doing practice Security+ questions, your score isn’t the best measure of your readiness.  Instead, your understanding is.

Ideally, you should:

  • Understand why the correct answer is correct
  • Understand why the incorrect answers are incorrect

This way, no matter how CompTIA words the questions, you can answer them correctly.


Get Certified Get Ahead

Pass the First Time
CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide


Try This

With this in mind, consider this Security+ question derived from the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide.

Note that this question assumes you have an understanding of core cryptography concepts. If you don’t, review the notes on this page.

Q1. Homer needs to send an email to his HR department with an attachment that includes PII. He wants to maintain the confidentiality of this attachment. Which of the following choices is the BEST choice to meet his needs?

Notice that the first question sets up the scenario:

Homer needs to send an email to his HR department with an attachment that includes PII.

Homer is sending personally identifiable information (PII) as an email attachment.

The second sentence gives the requirement.

He wants to maintain the confidentiality of this attachment.

This is a key sentence. One of the primary ways that you maintain confidentiality is with encryption so I would be looking for encryption in the answer.

The third sentence just asks the question.

Which of the following choices is the BEST choice to meet his needs?

Here are the answers:

A. Hashing

B. Digital signature

C. Encryption

D. Certificate

Because encryption is the best choice to provide confidentiality of any type of information, including PII, I’d jump on answer C.

Even if I didn’t know encryption was the best answer, I could easily throw out two other answers – hashing and digital signatures.

Hashing provides integrity, not confidentiality.

Digital signatures provide authentication (verified identification) of the sender, non-repudiation, and integrity of the message. They do not provide confidentiality.

Now, which answer is the best answer – encryption or certificates?

Encryption speaks directly to the core requirement of confidentiality in the question.

Certificates are used for a variety of purposes, including encryption, authentication, and digital signatures. Because a certificate can have limited use (such as for authentication), it isn’t the best answer.

Security+ Practice Test Questions

SYO-501 Practice Test Questions Now Available

SYO-401 Practice Test Questions

Over 440 realistic Security+ practice test questions

All questions include explanations so you'll know why the correct answers are correct,

and why the incorrect answers are incorrect.

Pass the Security+ Exam

the First Time You Take It

Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode - randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Learn mode - not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Test mode - randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - not randomized. View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - 100 random questions. View 100 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 100 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.

Get the full bank of Security+ (SYO-401) Practice Test Questions Here

 SYO-401 Practice Test Questions


INCLUDES QUESTIONS TO HELP YOU PREPARE

FOR THE NEW PERFORMANCE BASED QUESTIONS 

Bonus - Performance Based Questions

Additional Security+ questions to help you prepare for the new performance based questions. These are included with the full bank of Security+ practice test questions and are divided into different sections. For example, you'll have access to the following links:

- Performance Based Question - Set 1

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of security to mobile devices and servers in a data center. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 2

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of attacks with the name of the attack type. You'll then have five questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 3

You'll see a graphic showing a network with computers and servers separated by a firewall. The firewall is used to control traffic between the computers and users using rules within an access control list (ACL).  You'll have three questions that test your knowledge and ability to correctly identify the relevant components of the rule. The incorrect answers and explanation provide you with insight into how to correctly answer this type of question on the actual exam.

- Performance Based Question - Set 4

You'll see a graphic explaining what you might be required to do on the actual exam related to what a forensic analyst would do during an investigation. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 5

You'll see a graphic explaining what you might be required to do on the actual exam to match protocols and ports. You'll then have seven questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 6

You'll see a list of security controls along with a graphic showing devices and locations within an organization, along with instructions on what you might be required to do on the actual exam to match the controls with the devices and locations. You'll then have four questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 7

You'll see a list of authentication methods and authentication factors along with instructions on what you might be required to do on the actual exam to match the authentication methods with the authentication factors. You'll then have six questions that test your knowledge and ability to correctly answer the questions. This set also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 8

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of attacks with the name of the attack type. You'll then have five questions that test your knowledge and ability to correctly answer the questions. This is similar to Set 2 but expands on the possibilities. The set also includes a link to a page showing the end solution for the overall performance based question simulation.

New - Performance Based Question - Set 9

New questions recently added using a different testing engine. See a demo here. This set includes drag and drop and matching questions on ports.

New - Performance Based Question - Set 10

A random set of 20 performance-based questions using drag and drop, matching, sorting, and fill in-the blank. This set includes performance-based questions on RAID.

Get the full bank of Security+ (SYO-401) Practice Test Questions Here

Get the full bank of Security+ Practice Test Questions

Click here if you're looking for SYO-501 Practice Test Questions

Can You Interpret this Security+ Question?

Q2. Homer needs to send an email to his HR department with an attachment that includes PII. He wants to provide assurances to the recipient that the email came from him. Which of the following choices is the BEST choice to meet his needs?

Notice that the first and last sentences, are exactly the same as the previous question.

If you memorized the question, you might not read past the first sentence and look for encryption as the answer. Unfortunately, you’d get the question wrong and might not understand why.

Notice how the second sentence completely changes the question.

He wants to provide assurances to the recipient that the email came from him.

A key phrase in this sentence is “provide assurances to the recipient that the email came from him.” This is the same as providing authentication or a verified identification.

Because a digital signature provides authentication (verified identification) of the sender, it is the clear answer so I’d be looking for digital signatures as an answer.

Here are the answers. Note that they are exactly the same as the previous question.

A. Hashing

B. Digital signature

C. Encryption

D. Certificate

Can you see two that you can throw out right away?

Hashing provides integrity, not authentication.

Encryption provides confidentiality, not authentication.

Now, which answer is the best answer – a digital signature or a certificate?

While a digital signature uses a certificate, the certificate itself doesn’t necessarily meet the needs in the scenario. Because a certificate can have limited use (such as for encryption), it isn’t the best answer to provide authentication for an email.

Simulated Performance-based Questions

Bonus - Performance Based Questions

Simulated performance-based questions included with all

packages that include practice test questions.

Additional Security+ questions to help you prepare for the new performance based questions. These are included with the full bank of Security+ practice test questions and are divided into different sections. For example, you'll have access to the following links:

- Performance Based Question - Set 1

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of security to mobile devices and servers in a data center. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 2

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of attacks with the name of the attack type. You'll then have five questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 3

You'll see a graphic showing a network with computers and servers separated by a firewall. The firewall is used to control traffic between the computers and users using rules within an access control list (ACL).  You'll have three questions that test your knowledge and ability to correctly identify the relevant components of the rule. The incorrect answers and explanation provide you with insight into how to correctly answer this type of question on the actual exam.

- Performance Based Question - Set 4

You'll see a graphic explaining what you might be required to do on the actual exam related to what a forensic analyst would do during an investigation. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 5

You'll see a graphic explaining what you might be required to do on the actual exam to match protocols and ports. You'll then have seven questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 6

You'll see a list of security controls along with a graphic showing devices and locations within an organization, along with instructions on what you might be required to do on the actual exam to match the controls with the devices and locations. You'll then have four questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 7

You'll see a list of authentication methods and authentication factors along with instructions on what you might be required to do on the actual exam to match the authentication methods with the authentication factors. You'll then have six questions that test your knowledge and ability to correctly answer the questions. This set also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 8

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of attacks with the name of the attack type. You'll then have five questions that test your knowledge and ability to correctly answer the questions. This is similar to Set 2 but expands on the possibilities. The set also includes a link to a page showing the end solution for the overall performance based question simulation.

New - Performance Based Question - Set 9

New questions recently added using a different testing engine. See a demo here. This set includes drag and drop and matching questions on ports.

New - Performance Based Question - Set 10

A random set of 20 performance-based questions using drag and drop, matching, sorting, and fill in-the blank. This set includes performance-based questions on RAID.

Get the full bank of Security+ Practice Test Questions Here

Simulated performance-based questions included with

all packages that include practice test questions.

How to Interpret Security+ Questions Summary

CompTIA changes their questions regularly to prevent people from simply memorizing practice test questions to pass the exam. However, by taking the time to understand the underlying content, you can interpret Security+ questions and correctly take them.

Remember, when taking practice test questions, your goal isn’t simply to get a good score. Instead, your goal is to ensure you understand the content.

With this in mind, it’s important to use quality practice test questions with explanations. This way you can:

  • Understand why the correct answer is correct
  • Understand why the incorrect answers are incorrect

And, no matter how CompTIA words the questions, you can answer them correctly.

6 Comments

  1. I have recently taken the CompTIA Security + exam and scored a 720. However, is there any form of the Microsoft-written questions/answers that I can read and answer to gain more understanding to give the correct answers? They are longer questions and the answers are too. I believe that because there is so much information in their questions I am getting lost in developing the correct answer. I am planning on retaking the exam in a few weeks. Thank you for your time and products.

    v/r
    Thomas

    • Hi Thomas,

      Sorry to hear you didn’t pass. The good news is that you’re close (probably missing it only by a couple of questions).

      I hear from people almost every day (including today) telling me that they passed the exam using the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide and/or packages on the gcgapremium site such as the Security+ Study Package.

      Here’s the key.

      Ideally, you should be able to look at any practice test question and not just know the correct answer. You should also know why the correct answer is correct, and also why the incorrect answers are incorrect. This way, you have the best chance of accurately interpreting the actual questions on the CompTIA exam and answering them correctly.

      When people tell me that they’ve failed after using the materials on the site, I typically see one (or more) of the following issues:

      – They didn’t use all the materials.
      – They didn’t get recommended scores of 90% on all the materials.
      – They memorized the questions and answers.

      As an example, if someone only took the Extras quiz once and only scored a 60% on it, they wouldn’t be prepared to answer similar questions on the live exam. Similarly, if someone took Set 10 of the performance-based questions but never scored higher than 60%, they wouldn’t be prepared to answer similar questions on the live exam.

      In contrast, if someone used all the materials, received passing scores on all the quizzes, received scores over 90% on the important quizzes, and understood why the correct answers are correct, and why the incorrect answers are incorrect, that person would be prepared for the exam.

      You might like to check out this FAQ: Am I Ready?

  2. Please explain this: In your book (page 407), it explains the steps of having Lisa sending encrypted email to Bart. Summarily, the recipient’s public key encrypts when encrypting an email message and the recipient uses the recipient’s private key to decrypt an encrypted email message.

    In the practice exam, the question asks “Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify that the email came from Joe and decrypt it? (Select TWO).”

    A. The CA’s public key
    B. Ann’s public key
    C. Joe’s private key
    D. Ann’s private key
    E. The CA’s private key
    F. Joe’s public key

    Answer: D,F I do not understand why the answer is D, F.

    Should it be B and D?

    • Hi Matthew,

      I saw your question and my first reaction was that that the explanation has the answer.

      However, I can’t figure out what book you’re using or where that question came from. If your source doesn’t have explanations, it might be causing you to memorize inaccurate information.

      I know that the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide has similar questions and explanations. I also know that the explanation on page 407 that you reference is accurate.

    • Hi Matthew,

      Joe is using Ann´s public key to encrypt the message and his own private key to sign it.

      So Ann does need her own private key (D) to decrypt it and Joe´s public key (F) to verify his signature.

      The difficulty of this question is to recognize that Joe is sending the email but the question is what Ann has to do with it.

      Kind regards,
      Sol

      • Perfect Sol. That’s the primary intention of this post – how to interpret questions.

        Some people still focus on memorizing questions and answers from sources without explanations. (Without a response from Matthew, I suspect that was the case with his question.) This memorization technique doesn’t translate well to a pass on the exam.

        However, seeking to interpret the questions and understand the underlying content provides a successful path to success.

Leave a Comment

CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide

Subscribe To Our Newsletter

Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide.  This excerpt includes the introduction and Chapter 1.

You have Successfully Subscribed!

Get Certified Get Ahead is a participant in the Amazon Services LLC Associates Program,
an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.

Copyright © 2015 Get Certified Get Ahead. All Rights Reserved.