Home / CompTIA / SY0-701

Question list

List of questions

Question 1

(5)

Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?

Question 2

(5)

Which of the following is used to add extra complexity before using a one-way data transformation algorithm?

Question 3

(3)

Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?

Question 4

(3)

The management team notices that new accounts that are set up manually do not always have correct access or permissions. Which of the following automation techniques should a systems administrator

Question 5

(5)

Which of the following involves an attempt to take advantage of database misconfigurations?

Question 6

(4)

An organization would like to store customer data on a separate part of the network that is not accessible to users on the main corporate network. Which of the following should the administrator use

Question 7

(1)

Which of the following is used to quantitatively measure the criticality of a vulnerability?

Question 8

(4)

A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?

Question 9

(4)

Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?

Question 10

(4)

A company is planning to set up a SIEM system and assign an analyst to review the logs on a weekly basis. Which of the following types of controls is the company setting up?

Question 76 - SY0-701 discussion

A company's legal department drafted sensitive documents in a SaaS application and wants to ensure the documents cannot be accessed by individuals in high-risk countries. Which of the following is the most effective way to limit this access?

Data masking

Encryption

Geolocation policy

Data sovereignty regulation

Suggested answer: C

Explanation:

A geolocation policy is a policy that restricts or allows access to data or resources based on the geographic location of the user or device. A geolocation policy can be implemented using various methods, such as IP address filtering, GPS tracking, or geofencing.A geolocation policy can help the company's legal department to prevent unauthorized access to sensitive documents from individuals in high-risk countries12.

The other options are not effective ways to limit access based on location:

Data masking: This is a technique of obscuring or replacing sensitive data with fictitious or anonymized data.Data masking can protect the privacy and confidentiality of data, but it does not prevent access to data based on location3.

Encryption: This is a process of transforming data into an unreadable format using a secret key or algorithm. Encryption can protect the integrity and confidentiality of data, but it does not prevent access to data based on location.Encryption can also be bypassed by attackers who have the decryption key or method4.

Data sovereignty regulation: This is a set of laws or rules that govern the storage, processing, and transfer of data within a specific jurisdiction or country. Data sovereignty regulation can affect the availability and compliance of data, but it does not prevent access to data based on location. Data sovereignty regulation can also vary depending on the country or region.

Reference=1: CompTIA Security+ SY0-701 Certification Study Guide, page 972: Account Policies -- SY0-601 CompTIA Security+ : 3.7, video by Professor Messer3: CompTIA Security+ SY0-701 Certification Study Guide, page 1004: CompTIA Security+ SY0-701 Certification Study Guide, page 101. : CompTIA Security+ SY0-701 Certification Study Guide, page 102.

Show Answer

asked 02/10/2024

Dusan Munjiza

42 questions

Your answer: A B C D

0 comments

Sorted by