Home / CompTIA / SY0-701

Question list

List of questions

Question 1

(5)

Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?

Question 2

(5)

Which of the following is used to add extra complexity before using a one-way data transformation algorithm?

Question 3

(3)

Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?

Question 4

(3)

The management team notices that new accounts that are set up manually do not always have correct access or permissions. Which of the following automation techniques should a systems administrator

Question 5

(5)

Which of the following involves an attempt to take advantage of database misconfigurations?

Question 6

(4)

An organization would like to store customer data on a separate part of the network that is not accessible to users on the main corporate network. Which of the following should the administrator use

Question 7

(1)

Which of the following is used to quantitatively measure the criticality of a vulnerability?

Question 8

(4)

A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?

Question 9

(4)

Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?

Question 10

(4)

A company is planning to set up a SIEM system and assign an analyst to review the logs on a weekly basis. Which of the following types of controls is the company setting up?

Question 15 - SY0-701 discussion

Which of the following would be the best way to block unknown programs from executing?

Access control list

Application allow list.

Host-based firewall

DLP solution

Suggested answer: B

Explanation:

An application allow list is a security technique that specifies which applications are permitted to run on a system or a network. An application allow list can block unknown programs from executing by only allowing the execution of programs that are explicitly authorized and verified.An application allow list can prevent malware, unauthorized software, or unwanted applications from running and compromising the security of the system or the network12.

The other options are not the best ways to block unknown programs from executing:

Access control list: This is a security technique that specifies which users or groups are granted or denied access to a resource or an object.An access control list can control the permissions and privileges of users or groups, but it does not directly block unknown programs from executing13.

Host-based firewall: This is a security device that monitors and filters the incoming and outgoing network traffic on a single host or system.A host-based firewall can block or allow network connections based on predefined rules, but it does not directly block unknown programs from executing1.

DLP solution: This is a security system that detects and prevents the unauthorized transmission or leakage of sensitive data.A DLP solution can protect the confidentiality and integrity of data, but it does not directly block unknown programs from executing1.

Reference=1: CompTIA Security+ SY0-701 Certification Study Guide, page 972: Application Whitelisting -- CompTIA Security+ SY0-701 -- 3.5, video by Professor Messer3: CompTIA Security+ SY0-701 Certification Study Guide, page 98. : CompTIA Security+ SY0-701 Certification Study Guide, page 99. : CompTIA Security+ SY0-701 Certification Study Guide, page 100.

Show Answer

asked 02/10/2024

Jaimie Lloyd

39 questions