ExamGecko
Search Search Login
Home Home / CompTIA / SY0-701

CompTIA SY0-701 Practice Test - Questions Answers, Page 29

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?
Which of the following is used to add extra complexity before using a one-way data transformation algorithm?
An organization is building a new backup data center with cost-benefit as the primary requirement and RTO and RPO values around two days. Which of the following types of sites is the best for this scenario?
A Chief Information Security Officer wants to monitor the company's servers for SQLi attacks and allow for comprehensive investigations if an attack occurs. The company uses SSL decryption to allow traffic monitoring. Which of the following strategies would best accomplish this goal?
Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?
A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?
A newly identified network access vulnerability has been found in the OS of legacy loT devices. Which of the following would best mitigate this vulnerability quickly?
Which of the following involves an attempt to take advantage of database misconfigurations?
An employee receives a text message that appears to have been sent by the payroll department and is asking for credential verification. Which of the following social engineering techniques are being attempted? (Choose two.)
Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?

Question 281

Report
Export
Collapse

A website user is locked out of an account after clicking an email link and visiting a different website Web server logs show the user's password was changed, even though the user did not change the password. Which of the following is the most likely cause?

A.
Cross-sue request forgery
A.
Cross-sue request forgery
Answers
B.
Directory traversal
B.
Directory traversal
Answers
C.
ARP poisoning
C.
ARP poisoning
Answers
D.
SQL injection
D.
SQL injection
Answers
Suggested answer: A

Explanation:

The scenario describes a situation where a user unknowingly triggers an unwanted action, such as changing their password, by clicking a malicious link. This is indicative of a Cross-Site Request Forgery (CSRF) attack, where an attacker tricks the user into executing actions they did not intend to perform on a web application in which they are authenticated.

Reference = CompTIA Security+ SY0-701 study materials, particularly in the domain of web application security and common attack vectors like CSRF.

Question 282

Report
Export
Collapse

A security engineer is working to address the growing risks that shadow IT services are introducing to the organization. The organization has taken a cloud-first approach end does not have an on-premises IT infrastructure. Which of the following would best secure the organization?

A.
Upgrading to a next-generation firewall
A.
Upgrading to a next-generation firewall
Answers
B.
Deploying an appropriate in-line CASB solution
B.
Deploying an appropriate in-line CASB solution
Answers
C.
Conducting user training on software policies
C.
Conducting user training on software policies
Answers
D.
Configuring double key encryption in SaaS platforms
D.
Configuring double key encryption in SaaS platforms
Answers
Suggested answer: B

Explanation:

A Cloud Access Security Broker (CASB) solution is the most suitable option for securing an organization that has adopted a cloud-first strategy and does not have an on-premises IT infrastructure. CASBs provide visibility and control over shadow IT services, enforce security policies, and protect data across cloud services.

Reference = CompTIA Security+ SY0-701 study materials, particularly in the domain of cloud security and managing risks associated with shadow IT.

Question 283

Report
Export
Collapse

A cybersecurity incident response team at a large company receives notification that malware is present on several corporate desktops No known Indicators of compromise have been found on the network. Which of the following should the team do first to secure the environment?

A.
Contain the Impacted hosts
A.
Contain the Impacted hosts
Answers
B.
Add the malware to the application blocklist.
B.
Add the malware to the application blocklist.
Answers
C.
Segment the core database server.
C.
Segment the core database server.
Answers
D.
Implement firewall rules to block outbound beaconing
D.
Implement firewall rules to block outbound beaconing
Answers
Suggested answer: A

Explanation:

The first step in responding to a cybersecurity incident, particularly when malware is detected, is to contain the impacted hosts. This action prevents the spread of malware to other parts of the network, limiting the potential damage while further investigation and remediation actions are planned.

Reference = CompTIA Security+ SY0-701 study materials, particularly on incident response procedures and the importance of containment in managing security incidents.

Question 284

Report
Export
Collapse

Various stakeholders are meeting to discuss their hypothetical roles and responsibilities in a specific situation, such as a security incident or major disaster. Which of the following best describes this meeting?

A.
Penetration test
A.
Penetration test
Answers
B.
Continuity of operations planning
B.
Continuity of operations planning
Answers
C.
Tabletop exercise
C.
Tabletop exercise
Answers
D.
Simulation
D.
Simulation
Answers
Suggested answer: C

Explanation:

A tabletop exercise is a discussion-based exercise where stakeholders gather to walk through the roles and responsibilities they would have during a specific situation, such as a security incident or disaster. This type of exercise is designed to identify gaps in planning and improve coordination among team members without the need for physical execution.

Reference = CompTIA Security+ SY0-701 study materials, particularly in the domain of security operations and disaster recovery planning.

Question 285

Report
Export
Collapse

Which of the following best describe why a process would require a two-person integrity security control?

A.
To Increase the chance that the activity will be completed in half of the time the process would take only one user to complete
A.
To Increase the chance that the activity will be completed in half of the time the process would take only one user to complete
Answers
B.
To permit two users from another department to observe the activity that is being performed by an authorized user
B.
To permit two users from another department to observe the activity that is being performed by an authorized user
Answers
C.
To reduce the risk that the procedures are performed incorrectly or by an unauthorized user
C.
To reduce the risk that the procedures are performed incorrectly or by an unauthorized user
Answers
D.
To allow one person to perform the activity while being recorded on the CCTV camera
D.
To allow one person to perform the activity while being recorded on the CCTV camera
Answers
Suggested answer: C

Explanation:

A two-person integrity security control is implemented to minimize the risk of errors or unauthorized actions. This control ensures that at least two individuals are involved in critical operations, which helps to verify the accuracy of the process and prevents unauthorized users from acting alone. It's a security measure commonly used in sensitive operations, like financial transactions or access to critical systems, to ensure accountability and accuracy.

Reference =

CompTIA Security+ SY0-701 Course Content: Domain 05 Security Program Management and Oversight.

CompTIA Security+ SY0-601 Study Guide: Chapter on Security Operations and Management.

Question 286

Report
Export
Collapse

A company recently decided to allow employees to work remotely. The company wants to protect us data without using a VPN. Which of the following technologies should the company Implement?

A.
Secure web gateway
A.
Secure web gateway
Answers
B.
Virtual private cloud end point
B.
Virtual private cloud end point
Answers
C.
Deep packet Inspection
C.
Deep packet Inspection
Answers
D.
Next-gene ration firewall
D.
Next-gene ration firewall
Answers
Suggested answer: A

Explanation:

A Secure Web Gateway (SWG) protects users by filtering unwanted software/malware from user-initiated web traffic and enforcing corporate and regulatory policy compliance. This technology allows the company to secure remote users' data and web traffic without relying on a VPN, making it ideal for organizations supporting remote work.

Reference = CompTIA Security+ SY0-701 study materials, particularly in the domain of network security and remote access technologies.

Question 287

Report
Export
Collapse

In a rush to meet an end-of-year business goal, the IT department was told to implement a new business application. The security engineer reviews the attributes of the application and decides the time needed to perform due diligence is insufficient from a cybersecurity perspective. Which of the following best describes the security engineer's response?

A.
Risk tolerance
A.
Risk tolerance
Answers
B.
Risk acceptance
B.
Risk acceptance
Answers
C.
Risk importance
C.
Risk importance
Answers
D.
Risk appetite
D.
Risk appetite
Answers
Suggested answer: D

Explanation:

Risk appetite refers to the level of risk that an organization is willing to accept in order to achieve its objectives. In this scenario, the security engineer is concerned that the timeframe for implementing a new application does not allow for sufficient cybersecurity due diligence. This reflects a situation where the organization's risk appetite might be too high if it proceeds without the necessary security checks.

Reference = CompTIA Security+ SY0-701 study materials, particularly in the domain of risk management and understanding organizational risk appetite.

Question 288

Report
Export
Collapse

An organization has too many variations of a single operating system and needs to standardize the arrangement prior to pushing the system image to users. Which of the following should the organization implement first?

A.
Standard naming convention
A.
Standard naming convention
Answers
B.
Mashing
B.
Mashing
Answers
C.
Network diagrams
C.
Network diagrams
Answers
D.
Baseline configuration
D.
Baseline configuration
Answers
Suggested answer: D

Explanation:

Baseline configuration is the process of standardizing the configuration settings for a system or network. In this scenario, the organization needs to standardize the operating system configurations before deploying them across the network. Establishing a baseline configuration ensures that all systems adhere to the organization's security policies and operational requirements.

Reference = CompTIA Security+ SY0-701 study materials, particularly in the domain of system hardening and configuration management.

Question 289

Report
Export
Collapse

A growing company would like to enhance the ability of its security operations center to detect threats but reduce the amount of manual work required tor the security analysts. Which of the following would best enable the reduction in manual work?

A.
SOAR
A.
SOAR
Answers
B.
SIEM
B.
SIEM
Answers
C.
MDM
C.
MDM
Answers
D.
DLP
D.
DLP
Answers
Suggested answer: A

Explanation:

Security Orchestration, Automation, and Response (SOAR) systems help organizations automate repetitive security tasks, reduce manual intervention, and improve the efficiency of security operations. By integrating with various security tools, SOAR can automatically respond to incidents, helping to enhance threat detection while reducing the manual workload on security analysts.

Reference = CompTIA Security+ SY0-701 study materials, particularly in the domain of security operations and automation technologies.

Question 290

Report
Export
Collapse

A systems administrator is redesigning now devices will perform network authentication. The following requirements need to be met:

* An existing Internal certificate must be used.

* Wired and wireless networks must be supported

* Any unapproved device should be Isolated in a quarantine subnet

* Approved devices should be updated before accessing resources

Which of the following would best meet the requirements?

A.
802.IX
A.
802.IX
Answers
B.
EAP
B.
EAP
Answers
C.
RADIUS
C.
RADIUS
Answers
D.
WPA2
D.
WPA2
Answers
Suggested answer: A

Explanation:

802.1X is a network access control protocol that provides an authentication mechanism to devices trying to connect to a LAN or WLAN. It supports the use of certificates for authentication, can quarantine unapproved devices, and ensures that only approved and updated devices can access network resources. This protocol best meets the requirements of securing both wired and wireless networks with internal certificates.

Reference = CompTIA Security+ SY0-701 study materials, particularly in the domain of network security and authentication protocols.

Total 350 questions
Go to page: of 35
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms