ExamGecko
Search Search Login
Home Home / CompTIA / SY0-701

CompTIA SY0-701 Practice Test - Questions Answers, Page 28

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?
Which of the following is used to add extra complexity before using a one-way data transformation algorithm?
An organization is building a new backup data center with cost-benefit as the primary requirement and RTO and RPO values around two days. Which of the following types of sites is the best for this scenario?
A Chief Information Security Officer wants to monitor the company's servers for SQLi attacks and allow for comprehensive investigations if an attack occurs. The company uses SSL decryption to allow traffic monitoring. Which of the following strategies would best accomplish this goal?
Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?
A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?
A newly identified network access vulnerability has been found in the OS of legacy loT devices. Which of the following would best mitigate this vulnerability quickly?
Which of the following involves an attempt to take advantage of database misconfigurations?
An employee receives a text message that appears to have been sent by the payroll department and is asking for credential verification. Which of the following social engineering techniques are being attempted? (Choose two.)
Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?

Question 271

Report
Export
Collapse

Which of the following is die most important security concern when using legacy systems to provide production service?

A.
Instability
A.
Instability
Answers
B.
Lack of vendor support
B.
Lack of vendor support
Answers
C.
Loss of availability
C.
Loss of availability
Answers
D.
Use of insecure protocols
D.
Use of insecure protocols
Answers
Suggested answer: B

Explanation:

The most important security concern when using legacy systems is the lack of vendor support. Without support from the vendor, systems may not receive critical security patches and updates, leaving them vulnerable to exploitation. This lack of support can result in increased risk of security breaches, as vulnerabilities discovered in the software may never be addressed.

Reference = CompTIA Security+ SY0-701 study materials, particularly in the context of risk management and the challenges posed by legacy systems.

Question 272

Report
Export
Collapse

Cadets speaking a foreign language are using company phone numbers to make unsolicited phone calls lo a partner organization. A security analyst validates through phone system logs that the calls are occurring and the numbers are not being spoofed. Which of the following is the most likely explanation?

A.
The executive team is traveling internationally and trying to avoid roaming charges
A.
The executive team is traveling internationally and trying to avoid roaming charges
Answers
B.
The company's SIP server security settings are weak.
B.
The company's SIP server security settings are weak.
Answers
C.
Disgruntled employees are making calls to the partner organization.
C.
Disgruntled employees are making calls to the partner organization.
Answers
D.
The service provider has assigned multiple companies the same numbers
D.
The service provider has assigned multiple companies the same numbers
Answers
Suggested answer: B

Explanation:

If cadets are using company phone numbers to make unsolicited calls, and the logs confirm the numbers are not being spoofed, it suggests that the SIP (Session Initiation Protocol) server's security settings might be weak. This could allow unauthorized access or exploitation of the company's telephony services, potentially leading to misuse by unauthorized individuals.

Reference = CompTIA Security+ SY0-701 study materials, especially on SIP security and common vulnerabilities.

Question 273

Report
Export
Collapse

An IT security team is concerned about the confidentiality of documents left unattended in MFPs. Which of the following should the security team do to mitigate the situation?

A.
Educate users about the importance of paper shredder devices.
A.
Educate users about the importance of paper shredder devices.
Answers
B.
Deploy an authentication factor that requires ln-person action before printing.
B.
Deploy an authentication factor that requires ln-person action before printing.
Answers
C.
Install a software client m every computer authorized to use the MFPs.
C.
Install a software client m every computer authorized to use the MFPs.
Answers
D.
Update the management software to utilize encryption.
D.
Update the management software to utilize encryption.
Answers
Suggested answer: B

Explanation:

To mitigate the risk of confidential documents being left unattended in Multi-Function Printers (MFPs), implementing an authentication factor that requires in-person action before printing (such as PIN codes or badge scanning) is the most effective measure. This ensures that documents are only printed when the authorized user is present to collect them, reducing the risk of sensitive information being exposed.

Reference = CompTIA Security+ SY0-701 study materials, particularly in the domain of physical security and access control.

Question 274

Report
Export
Collapse

A systems administrator is auditing all company servers to ensure. They meet the minimum security baseline While auditing a Linux server, the systems administrator observes the /etc/shadow file has permissions beyond the baseline recommendation. Which of the following commands should the systems administrator use to resolve this issue?

A.
chmod
A.
chmod
Answers
B.
grep
B.
grep
Answers
C.
dd
C.
dd
Answers
D.
passwd
D.
passwd
Answers
Suggested answer: A

Explanation:

The chmod command is used to change file permissions on Unix and Linux systems. If the /etc/shadow file has permissions beyond the baseline recommendation, the systems administrator should use chmod to modify the file's permissions, ensuring it adheres to the security baseline and limits access to authorized users only.

Reference = CompTIA Security+ SY0-701 study materials, focusing on system hardening and file permissions management.

Question 275

Report
Export
Collapse

During a recent company safety stand-down, the cyber-awareness team gave a presentation on the importance of cyber hygiene. One topic the team covered was best practices for printing centers. Which of the following describes an attack method that relates to printing centers?

A.
Whaling
A.
Whaling
Answers
B.
Credential harvesting
B.
Credential harvesting
Answers
C.
Prepending
C.
Prepending
Answers
D.
Dumpster diving
D.
Dumpster diving
Answers
Suggested answer: D

Explanation:

Dumpster diving is an attack method where attackers search through physical waste, such as discarded documents and printouts, to find sensitive information that has not been properly disposed of. In the context of printing centers, this could involve attackers retrieving printed documents containing confidential data that were improperly discarded without shredding or other secure disposal methods. This emphasizes the importance of proper disposal and physical security measures in cyber hygiene practices.

Reference =

CompTIA Security+ SY0-701 Course Content: Domain 04 Security Operations.

CompTIA Security+ SY0-601 Study Guide: Chapter on Physical Security and Cyber Hygiene.

Question 276

Report
Export
Collapse

A software developer would like to ensure. The source code cannot be reverse engineered or debugged. Which of the following should the developer consider?

A.
Version control
A.
Version control
Answers
B.
Obfuscation toolkit
B.
Obfuscation toolkit
Answers
C.
Code reuse
C.
Code reuse
Answers
D.
Continuous integration
D.
Continuous integration
Answers
E.
Stored procedures
E.
Stored procedures
Answers
Suggested answer: B

Explanation:

An obfuscation toolkit is used by developers to make source code difficult to understand and reverse engineer. This technique involves altering the code's structure and naming conventions without changing its functionality, making it much harder for attackers to decipher the code or use debugging tools to analyze it. Obfuscation is an important practice in protecting proprietary software and intellectual property from reverse engineering.

Reference =

CompTIA Security+ SY0-701 Course Content: Domain 03 Security Architecture.

CompTIA Security+ SY0-601 Study Guide: Chapter on Secure Coding Practices.

Question 277

Report
Export
Collapse

Which of the following is a common source of unintentional corporate credential leakage in cloud environments?

A.
Code repositories
A.
Code repositories
Answers
B.
Dark web
B.
Dark web
Answers
C.
Threat feeds
C.
Threat feeds
Answers
D.
State actors
D.
State actors
Answers
E.
Vulnerability databases
E.
Vulnerability databases
Answers
Suggested answer: A

Explanation:

Code repositories are a common source of unintentional corporate credential leakage, especially in cloud environments. Developers may accidentally commit and push sensitive information, such as API keys, passwords, and other credentials, to public or poorly secured repositories. These credentials can then be accessed by unauthorized users, leading to security breaches. Ensuring that repositories are properly secured and that sensitive data is never committed is critical for protecting against this type of leakage.

Reference =

CompTIA Security+ SY0-701 Course Content: Domain 03 Security Architecture.

CompTIA Security+ SY0-601 Study Guide: Chapter on Threats and Vulnerability Management.

Question 278

Report
Export
Collapse

A security audit of an organization revealed that most of the IT staff members have domain administrator credentials and do not change the passwords regularly. Which of the following solutions should the security learn propose to resolve the findings in the most complete way?

A.
Creating group policies to enforce password rotation on domain administrator credentials
A.
Creating group policies to enforce password rotation on domain administrator credentials
Answers
B.
Reviewing the domain administrator group, removing all unnecessary administrators, and rotating all passwords
B.
Reviewing the domain administrator group, removing all unnecessary administrators, and rotating all passwords
Answers
C.
Integrating the domain administrator's group with an IdP and requiring SSO with MFA for all access
C.
Integrating the domain administrator's group with an IdP and requiring SSO with MFA for all access
Answers
D.
Securing domain administrator credentials in a PAM vault and controlling access with role-based access control
D.
Securing domain administrator credentials in a PAM vault and controlling access with role-based access control
Answers
Suggested answer: D

Explanation:

Using a Privileged Access Management (PAM) vault to secure domain administrator credentials and enforcing role-based access control (RBAC) is the most comprehensive solution. PAM systems help manage and control access to privileged accounts, ensuring that only authorized personnel can access sensitive credentials. This approach also facilitates password rotation, auditing, and ensures that credentials are not misused or left unchanged. Integrating PAM with RBAC ensures that access is granted based on the user's role, further enhancing security.

Reference =

CompTIA Security+ SY0-701 Course Content: Domain 05 Security Program Management and Oversight.

CompTIA Security+ SY0-601 Study Guide: Chapter on Identity and Access Management.

Question 279

Report
Export
Collapse

A company wants to get alerts when others are researching and doing reconnaissance on the company One approach would be to host a part of the Infrastructure online with known vulnerabilities that would appear to be company assets. Which of the following describes this approach?

A.
Watering hole
A.
Watering hole
Answers
B.
Bug bounty
B.
Bug bounty
Answers
C.
DNS sinkhole
C.
DNS sinkhole
Answers
D.
Honeypot
D.
Honeypot
Answers
Suggested answer: D

Explanation:

A honeypot is a security mechanism set up to attract and detect potential attackers by simulating vulnerable assets. By hosting a part of the infrastructure online with known vulnerabilities that appear to be company assets, the company can observe and analyze the behavior of attackers conducting reconnaissance. This approach allows the company to get alerts and gather intelligence on potential threats.

Reference = CompTIA Security+ SY0-701 study materials, particularly on threat detection techniques such as honeypots.

Question 280

Report
Export
Collapse

Which of the following best describes why me SMS DIP authentication method is more risky to implement than the TOTP method?

A.
The SMS OTP method requires an end user to have an active mobile telephone service and SIM card.
A.
The SMS OTP method requires an end user to have an active mobile telephone service and SIM card.
Answers
B.
Generally. SMS OTP codes are valid for up to 15 minutes while the TOTP time frame is 30 to 60 seconds
B.
Generally. SMS OTP codes are valid for up to 15 minutes while the TOTP time frame is 30 to 60 seconds
Answers
C.
The SMS OTP is more likely to be intercepted and lead to unauthorized disclosure of the code than the TOTP method.
C.
The SMS OTP is more likely to be intercepted and lead to unauthorized disclosure of the code than the TOTP method.
Answers
D.
The algorithm used to generate on SMS OTP code is weaker than the one used to generate a TOTP code
D.
The algorithm used to generate on SMS OTP code is weaker than the one used to generate a TOTP code
Answers
Suggested answer: C

Explanation:

The SMS OTP (One-Time Password) method is more vulnerable to interception compared to TOTP (Time-based One-Time Password) because SMS messages can be intercepted through various attack vectors like SIM swapping or SMS phishing. TOTP, on the other hand, generates codes directly on the device and does not rely on a communication channel like SMS, making it less susceptible to interception.

Reference = CompTIA Security+ SY0-701 study materials, particularly in the domain of identity and access management.

===============

Total 350 questions
Go to page: of 35
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms