ExamGecko
Search Search Login
Home Home / CompTIA / SY0-701

CompTIA SY0-701 Practice Test - Questions Answers, Page 25

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?
Which of the following is used to add extra complexity before using a one-way data transformation algorithm?
An organization is building a new backup data center with cost-benefit as the primary requirement and RTO and RPO values around two days. Which of the following types of sites is the best for this scenario?
A Chief Information Security Officer wants to monitor the company's servers for SQLi attacks and allow for comprehensive investigations if an attack occurs. The company uses SSL decryption to allow traffic monitoring. Which of the following strategies would best accomplish this goal?
Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?
A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?
A newly identified network access vulnerability has been found in the OS of legacy loT devices. Which of the following would best mitigate this vulnerability quickly?
Which of the following involves an attempt to take advantage of database misconfigurations?
An employee receives a text message that appears to have been sent by the payroll department and is asking for credential verification. Which of the following social engineering techniques are being attempted? (Choose two.)
Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?

Question 241

Report
Export
Collapse

A company is implementing a vendor's security tool in the cloud. The security director does not want to manage users and passwords specific to this tool but would rather utilize the company's standard user directory. Which of the following should the company implement?

A.
802.1X
A.
802.1X
Answers
B.
SAML
B.
SAML
Answers
C.
RADIUS
C.
RADIUS
Answers
D.
CHAP
D.
CHAP
Answers
Suggested answer: B

Explanation:

The company should implement Security Assertion Markup Language (SAML) to integrate the vendor's security tool with their existing user directory. SAML is an open standard that allows identity providers (IdP) to pass authorization credentials to service providers (SP), enabling Single Sign-On (SSO). This allows the company to use its existing directory services for authentication, avoiding the need to manage a separate set of user credentials for the new tool.

CompTIA Security+ SY0-701 Course Content: Domain 4: Identity and Access Management, which includes SAML as a key identity federation standard for SSO.

CompTIA Security+ Study Guide (SY0-601): Chapter 8, 'Identity and Access Management,' details the role of SAML in enabling SSO by utilizing an existing identity provider.

Question 242

Report
Export
Collapse

An employee fell for a phishing scam, which allowed an attacker to gain access to a company PC. The attacker scraped the PC's memory to find other credentials. Without cracking these credentials, the attacker used them to move laterally through the corporate network. Which of the following describes this type of attack?

A.
Privilege escalation
A.
Privilege escalation
Answers
B.
Buffer overflow
B.
Buffer overflow
Answers
C.
SQL injection
C.
SQL injection
Answers
D.
Pass-the-hash
D.
Pass-the-hash
Answers
Suggested answer: D

Explanation:

The scenario describes an attacker who obtained credentials from a compromised system's memory and used them without cracking to move laterally within the network. This technique is known as a 'pass-the-hash' attack, where the attacker captures hashed credentials (e.g., NTLM hashes) and uses them to authenticate and gain access to other systems without needing to know the plaintext password. This is a common attack method in environments where weak security practices or outdated protocols are in use.

Reference =

CompTIA Security+ SY0-701 Course Content: The course discusses credential-based attacks like pass-the-hash, emphasizing their impact and the importance of protecting credential stores.

Question 243

Report
Export
Collapse

A company wants to reduce the time and expense associated with code deployment. Which of the following technologies should the company utilize?

A.
Serverless architecture
A.
Serverless architecture
Answers
B.
Thin clients
B.
Thin clients
Answers
C.
Private cloud
C.
Private cloud
Answers
D.
Virtual machines
D.
Virtual machines
Answers
Suggested answer: A

Explanation:

Serverless architecture allows companies to deploy code without managing the underlying infrastructure. This approach significantly reduces the time and expense involved in code deployment because developers can focus solely on writing code, while the cloud provider manages the servers, scaling, and maintenance. Serverless computing also enables automatic scaling and pay-per-execution billing, which further optimizes costs.

Reference =

CompTIA Security+ SY0-701 Course Content: The course covers cloud technologies, including serverless architectures, which are highlighted as a method to streamline and reduce costs associated with code deployment.

Question 244

Report
Export
Collapse

A security team created a document that details the order in which critical systems should be through back online after a major outage. Which of the following documents did the team create?

A.
Communication plan
A.
Communication plan
Answers
B.
Incident response plan
B.
Incident response plan
Answers
C.
Data retention policy
C.
Data retention policy
Answers
D.
Disaster recovery plan
D.
Disaster recovery plan
Answers
Suggested answer: D

Explanation:

The document described in the question is a Disaster Recovery Plan (DRP). A DRP outlines the process and procedures for restoring critical systems and operations after a major disruption or outage. It includes the order in which systems should be brought back online to ensure minimal impact on business operations, prioritizing the most critical systems to recover first.

CompTIA Security+ SY0-701 Course Content: Domain 5: Security Program Management and Oversight, which discusses the development and implementation of disaster recovery plans.

Question 245

Report
Export
Collapse

Which of the following best represents an application that does not have an on-premises requirement and is accessible from anywhere?

A.
Pass
A.
Pass
Answers
B.
Hybrid cloud
B.
Hybrid cloud
Answers
C.
Private cloud
C.
Private cloud
Answers
D.
IaaS
D.
IaaS
Answers
E.
SaaS
E.
SaaS
Answers
Suggested answer: E

Explanation:

Software as a Service (SaaS) represents an application that is hosted in the cloud and accessible via the internet from anywhere, with no requirement for on-premises infrastructure. SaaS applications are managed by a third-party provider, allowing users to access them through a web browser, making them highly scalable and flexible for remote access.

CompTIA Security+ SY0-701 Course Content: Domain 3: Security Architecture, where cloud service models such as SaaS are discussed, highlighting their accessibility and lack of on-premises requirements.

Question 246

Report
Export
Collapse

A company is utilizing an offshore team to help support the finance department. The company wants to keep the data secure by keeping it on a company device but does not want to provide equipment to the offshore team. Which of the following should the company implement to meet this requirement?

A.
VDI
A.
VDI
Answers
B.
MDM
B.
MDM
Answers
C.
VPN
C.
VPN
Answers
D.
VPC
D.
VPC
Answers
Suggested answer: A

Explanation:

Virtual Desktop Infrastructure (VDI) allows a company to host desktop environments on a centralized server. Offshore teams can access these virtual desktops remotely, ensuring that sensitive data stays within the company's infrastructure without the need to provide physical devices to the team. This solution is ideal for maintaining data security while enabling remote work, as all data processing occurs on the company's secure servers.

Reference =

CompTIA Security+ SY0-701 Course Content: VDI is discussed as a method for securely managing remote access to company resources without compromising data security.

Question 247

Report
Export
Collapse

The application development teams have been asked to answer the following questions:

* Does this application receive patches from an external source?

* Does this application contain open-source code?

* is this application accessible by external users?

* Does this application meet the corporate password standard?

Which of the following are these questions port of?

A.
Risk control self-assessment
A.
Risk control self-assessment
Answers
B.
Risk management strategy
B.
Risk management strategy
Answers
C.
Risk acceptance
C.
Risk acceptance
Answers
D.
Risk matrix
D.
Risk matrix
Answers
Suggested answer: A

Explanation:

The questions listed are part of a Risk Control Self-Assessment (RCSA), which is a process where teams evaluate the risks associated with their operations and assess the effectiveness of existing controls. The questions focus on aspects such as patch management, the use of open-source code, external access, and compliance with corporate standards, all of which are critical for identifying and mitigating risks.

Reference =

CompTIA Security+ SY0-701 Course Content: The course discusses various risk management processes, including self-assessments that help in identifying and managing risks within the organization.

Question 248

Report
Export
Collapse

An administrator is Investigating an incident and discovers several users' computers were Infected with malware after viewing files mat were shared with them. The administrator discovers no degraded performance in the infected machines and an examination of the log files does not show excessive failed logins. Which of the following attacks Is most likely the cause of the malware?

A.
Malicious flash drive
A.
Malicious flash drive
Answers
B.
Remote access Trojan
B.
Remote access Trojan
Answers
C.
Brute-forced password
C.
Brute-forced password
Answers
D.
Cryptojacking
D.
Cryptojacking
Answers
Suggested answer: D

Explanation:

Cryptojacking is the likely cause in this scenario. It involves malware that hijacks the resources of infected computers to mine cryptocurrency, usually without the user's knowledge. This type of attack doesn't typically degrade performance significantly or result in obvious system failures, which matches the situation described, where the machines showed no signs of degraded performance or excessive failed logins.

Reference =

CompTIA Security+ SY0-701 Course Content: Cryptojacking is covered under types of malware attacks, highlighting its stealthy nature and impact on infected systems.

Question 249

Report
Export
Collapse

Which of the following is an algorithm performed to verify that data has not been modified?

A.
Hash
A.
Hash
Answers
B.
Code check
B.
Code check
Answers
C.
Encryption
C.
Encryption
Answers
D.
Checksum
D.
Checksum
Answers
Suggested answer: A

Explanation:

A hash is an algorithm used to verify data integrity by generating a fixed-size string of characters from input data. If even a single bit of the input data changes, the hash value will change, allowing users to detect any modification to the data. Hashing algorithms like SHA-256 and MD5 are commonly used to ensure data has not been altered.

CompTIA Security+ SY0-701 Course Content: Domain 6: Cryptography and PKI, which discusses the role of hashing in verifying data integrity.

Question 250

Report
Export
Collapse

An employee recently resigned from a company. The employee was responsible for managing and supporting weekly batch jobs over the past five years. A few weeks after the employee resigned. one of the batch jobs talked and caused a major disruption. Which of the following would work best to prevent this type of incident from reoccurring?

A.
Job rotation
A.
Job rotation
Answers
B.
Retention
B.
Retention
Answers
C.
Outsourcing
C.
Outsourcing
Answers
D.
Separation of duties
D.
Separation of duties
Answers
Suggested answer: A

Explanation:

Job rotation is a security control that involves regularly moving employees to different roles within an organization. This practice helps prevent incidents where a single employee has too much control or knowledge about a specific job function, reducing the risk of disruption when an employee leaves. It also helps in identifying any hidden issues or undocumented processes that could cause problems after an employee's departure.

CompTIA Security+ SY0-701 Course Content: Domain 5: Security Program Management and Oversight, which includes job rotation as a method to ensure business continuity and reduce risks.

Total 350 questions
Go to page: of 35
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms