Winter Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

SY0-701 CompTIA Security+ Exam 2024 Questions and Answers

Questions 4

A company is concerned about weather events causing damage to the server room and downtime. Which of the following should the company consider?

Options:

A.

Clustering servers

B.

Geographic dispersion

C.

Load balancers

D.

Off-site backups

Buy Now
Questions 5

A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system. Which of the following would detect this behavior?

Options:

A.

Implementing encryption

B.

Monitoring outbound traffic

C.

Using default settings

D.

Closing all open ports

Buy Now
Questions 6

A company wants to get alerts when others are researching and doing reconnaissance on the company One approach would be to host a part of the Infrastructure online with known vulnerabilities that would appear to be company assets. Which of the following describes this approach?

Options:

A.

Watering hole

B.

Bug bounty

C.

DNS sinkhole

D.

Honeypot

Buy Now
Questions 7

Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation.

INSTRUCTIONS

Not all attacks and remediation actions will be used.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

SY0-701 Question 7

Options:

Buy Now
Questions 8

In which of the following scenarios is tokenization the best privacy technique 10 use?

Options:

A.

Providing pseudo-anonymization tor social media user accounts

B.

Serving as a second factor for authentication requests

C.

Enabling established customers to safely store credit card Information

D.

Masking personal information inside databases by segmenting data

Buy Now
Questions 9

A systems administrator is auditing all company servers to ensure. They meet the minimum security baseline While auditing a Linux server, the systems administrator observes the /etc/shadow file has permissions beyond the baseline recommendation. Which of the following commands should the systems administrator use to resolve this issue?

Options:

A.

chmod

B.

grep

C.

dd

D.

passwd

Buy Now
Questions 10

A growing company would like to enhance the ability of its security operations center to detect threats but reduce the amount of manual work required tor the security analysts. Which of the following would best enable the reduction in manual work?

Options:

A.

SOAR

B.

SIEM

C.

MDM

D.

DLP

Buy Now
Questions 11

You are security administrator investigating a potential infection on a network.

Click on each host and firewall. Review all logs to determine which host originated the Infecton and then deny each remaining hosts clean or infected.

SY0-701 Question 11

SY0-701 Question 11

SY0-701 Question 11

SY0-701 Question 11

SY0-701 Question 11

SY0-701 Question 11

SY0-701 Question 11

Options:

Buy Now
Questions 12

While considering the organization's cloud-adoption strategy, the Chief Information Security Officer sets a goal to outsource patching of firmware, operating systems, and applications to the chosen cloud vendor. Which of the following best meets this goal?

Options:

A.

Community cloud

B.

PaaS

C.

Containerization

D.

Private cloud

E.

SaaS

F.

laaS

Buy Now
Questions 13

Two companies are in the process of merging. The companies need to decide how to standardize their information security programs. Which of the following would best align the security programs?

Options:

A.

Shared deployment of CIS baselines

B.

Joint cybersecurity best practices

C.

Both companies following the same CSF

D.

Assessment of controls in a vulnerability report

Buy Now
Questions 14

An employee receives a text message that appears to have been sent by the payroll department and is asking for credential verification. Which of the following social engineering techniques are being attempted? (Choose two.)

Options:

A.

Typosquatting

B.

Phishing

C.

Impersonation

D.

Vishing

E.

Smishing

F.

Misinformation

Buy Now
Questions 15

Which of the following security control types does an acceptable use policy best represent?

Options:

A.

Detective

B.

Compensating

C.

Corrective

D.

Preventive

Buy Now
Questions 16

An enterprise is trying to limit outbound DNS traffic originating from its internal network. Outbound DNS requests will only be allowed from one device with the IP address 10.50.10.25. Which of the following firewall ACLs will accomplish this goal?

Options:

A.

Access list outbound permit 0.0.0.0 0 0.0.0.0/0 port 53 Access list outbound deny 10.50.10.25 32 0.0.0.0/0 port 53

B.

Access list outbound permit 0.0.0.0/0 10.50.10.25 32 port 53 Access list outbound deny 0.0.0.0 0 0.0.0.0/0 port 53

C.

Access list outbound permit 0.0.0.0 0 0.0.0.0/0 port 53 Access list outbound deny 0.0.0.0/0 10.50.10.25 32 port 53

D.

Access list outbound permit 10.50.10.25 32 0.0.0.0/0 port 53 Access list outbound deny 0.0.0.0.0.0.0.0.0/0 port 53

Buy Now
Questions 17

A security administrator would like to protect data on employees’ laptops. Which of the following encryption techniques should the security administrator use?

Options:

A.

Partition

B.

Asymmetric

C.

Full disk

D.

Database

Buy Now
Questions 18

Visitors to a secured facility are required to check in with a photo ID and enter the facility through an access control vestibule Which of the following but describes this form of security control?

Options:

A.

Physical

B.

Managerial

C.

Technical

D.

Operational

Buy Now
Questions 19

A company is required to use certified hardware when building networks. Which of the following best addresses the risks associated with procuring counterfeit hardware?

Options:

A.

A thorough analysis of the supply chain

B.

A legally enforceable corporate acquisition policy

C.

A right to audit clause in vendor contracts and SOWs

D.

An in-depth penetration test of all suppliers and vendors

Buy Now
Questions 20

Several employees received a fraudulent text message from someone claiming to be the Chief Executive Officer (CEO). The message stated:

“I’m in an airport right now with no access to email. I need you to buy gift cards for employee recognition awards. Please send the gift cards to following email address.”

Which of the following are the best responses to this situation? (Choose two).

Options:

A.

Cancel current employee recognition gift cards.

B.

Add a smishing exercise to the annual company training.

C.

Issue a general email warning to the company.

D.

Have the CEO change phone numbers.

E.

Conduct a forensic investigation on the CEO's phone.

F.

Implement mobile device management.

Buy Now
Questions 21

A systems administrator set up a perimeter firewall but continues to notice suspicious connections between internal endpoints. Which of the following should be set up in order to mitigate the threat posed by the suspicious activity?

Options:

A.

Host-based firewall

B.

Web application firewall

C.

Access control list

D.

Application allow list

Buy Now
Questions 22

An IT security team is concerned about the confidentiality of documents left unattended in MFPs. Which of the following should the security team do to mitigate the situation?

Options:

A.

Educate users about the importance of paper shredder devices.

B.

Deploy an authentication factor that requires ln-person action before printing.

C.

Install a software client m every computer authorized to use the MFPs.

D.

Update the management software to utilize encryption.

Buy Now
Questions 23

A financial institution would like to store its customer data m the cloud but still allow the data to be accessed and manipulated while encrypted. Doing so would prevent the cloud service provider from being able to decipher the data due to its sensitivity. The financial institution Is not concerned about computational overheads and slow speeds. Which of the following cryptographic techniques would best meet the requirement?

Options:

A.

Asymmetric

B.

Symmetric

C.

Homomorphic

D.

Ephemeral

Buy Now
Questions 24

An organization would like to store customer data on a separate part of the network that is not accessible to users on the main corporate network. Which of the following should the administrator use to accomplish this goal?

Options:

A.

Segmentation

B.

Isolation

C.

Patching

D.

Encryption

Buy Now
Questions 25

Which of the following is prevented by proper data sanitization?

Options:

A.

Hackers' ability to obtain data from used hard drives

B.

Devices reaching end-of-life and losing support

C.

Disclosure of sensitive data through incorrect classification

D.

Incorrect inventory data leading to a laptop shortage

Buy Now
Questions 26

A company is changing its mobile device policy. The company has the following requirements:

    Company-owned devices

    Ability to harden the devices

    Reduced security risk

    Compatibility with company resources

Which of the following would best meet these requirements?

Options:

A.

BYOD

B.

CYOD

C.

COPE

D.

COBO

Buy Now
Questions 27

Which of the following environments utilizes a subset of customer data and is most likely to be used to assess the impacts of major system upgrades and demonstrate system features?

Options:

A.

Development

B.

Test

C.

Production

D.

Staging

Buy Now
Questions 28

An external vendor recently visited a company's headquarters tor a presentation. Following the visit a member of the hosting team found a file that the external vendor left behind on a server. The file contained detailed architecture information and code snippets. Which of the following data types best describes this file?

Options:

A.

Government

B.

Public

C.

Proprietary

D.

Critical

Buy Now
Questions 29

A security analyst finds a rogue device during a monthly audit of current endpoint assets that are connected to the network. The corporate network utilizes 002.1X for access control. To be allowed on the network, a device must have a Known hardware address, and a valid user name and password must be entered in a captive portal. The following is the audit report:

SY0-701 Question 29

Which of the following is the most likely way a rogue device was allowed to connect?

Options:

A.

A user performed a MAC cloning attack with a personal device.

B.

A DMCP failure caused an incorrect IP address to be distributed

C.

An administrator bypassed the security controls for testing.

D.

DNS hijacking let an attacker intercept the captive portal traffic.

Buy Now
Questions 30

A company is implementing a vendor's security tool in the cloud. The security director does not want to manage users and passwords specific to this tool but would rather utilize the company's standard user directory. Which of the following should the company implement?

Options:

A.

802.1X

B.

SAML

C.

RADIUS

D.

CHAP

Buy Now
Questions 31

Which of the following roles, according to the shared responsibility model, is responsible for securing the company’s database in an IaaS model for a cloud environment?

Options:

A.

Client

B.

Third-party vendor

C.

Cloud provider

D.

DBA

Buy Now
Questions 32

After reviewing the following vulnerability scanning report:

Server:192.168.14.6

Service: Telnet

Port: 23 Protocol: TCP

Status: Open Severity: High

Vulnerability: Use of an insecure network protocol

A security analyst performs the following test:

nmap -p 23 192.168.14.6 —script telnet-encryption

PORT STATE SERVICE REASON

23/tcp open telnet syn-ack

I telnet encryption:

| _ Telnet server supports encryption

Which of the following would the security analyst conclude for this reported vulnerability?

Options:

A.

It is a false positive.

B.

A rescan is required.

C.

It is considered noise.

D.

Compensating controls exist.

Buy Now
Questions 33

An organization is struggling with scaling issues on its VPN concentrator and internet circuit due to remote work. The organization is looking for a software solution that will allow it to reduce traffic on the VPN and internet circuit, while still providing encrypted tunnel access to the data center and monitoring of remote employee internet traffic. Which of the following will help achieve these objectives?

Options:

A.

Deploying a SASE solution to remote employees

B.

Building a load-balanced VPN solution with redundant internet

C.

Purchasing a low-cost SD-WAN solution for VPN traffic

D.

Using a cloud provider to create additional VPN concentrators

Buy Now
Questions 34

After a security incident, a systems administrator asks the company to buy a NAC platform. Which of the following attack surfaces is the systems administrator trying to protect?

Options:

A.

Bluetooth

B.

Wired

C.

NFC

D.

SCADA

Buy Now
Questions 35

Which of the following should a security operations center use to improve its incident response procedure?

Options:

A.

Playbooks

B.

Frameworks

C.

Baselines

D.

Benchmarks

Buy Now
Questions 36

Which of the following should a company use to provide proof of external network security testing?

Options:

A.

Business impact analysis

B.

Supply chain analysis

C.

Vulnerability assessment

D.

Third-party attestation

Buy Now
Questions 37

In order to strengthen a password and prevent a hacker from cracking it, a random string of 36 characters was added to the password. Which of the following best describes this technique?

Options:

A.

Key stretching

B.

Tokenization

C.

Data masking

D.

Salting

Buy Now
Questions 38

While investigating a possible incident, a security analyst discovers the following log entries:

67.118.34.157 ----- [28/Jul/2022:10:26:59 -0300] "GET /query.php?q-wireless%20headphones / HTTP/1.0" 200 12737

132.18.222.103 ----[28/Jul/2022:10:27:10 -0300] "GET /query.php?q=123 INSERT INTO users VALUES('temp', 'pass123')# / HTTP/1.0" 200 935

12.45.101.121 ----- [28/Jul/2022:10:27:22 -0300] "GET /query.php?q=mp3%20players I HTTP/1.0" 200 14650

Which of the following should the analyst do first?

Options:

A.

Implement a WAF

B.

Disable the query .php script

C.

Block brute-force attempts on temporary users

D.

Check the users table for new accounts

Buy Now
Questions 39

A penetration tester begins an engagement by performing port and service scans against the client environment according to the rules of engagement. Which of the following reconnaissance types is the tester performing?

Options:

A.

Active

B.

Passive

C.

Defensive

D.

Offensive

Buy Now
Questions 40

A software developer would like to ensure. The source code cannot be reverse engineered or debugged. Which of the following should the developer consider?

Options:

A.

Version control

B.

Obfuscation toolkit

C.

Code reuse

D.

Continuous integration

E.

Stored procedures

Buy Now
Questions 41

While investigating a recent security breach an analyst finds that an attacker gained access by SOL infection through a company website. Which of the following should the analyst recommend to the website developers to prevent this from reoccurring?

Options:

A.

Secure cookies

B.

Input sanitization

C.

Code signing

D.

Blocklist

Buy Now
Questions 42

An organization has too many variations of a single operating system and needs to standardize the arrangement prior to pushing the system image to users. Which of the following should the organization implement first?

Options:

A.

Standard naming convention

B.

Mashing

C.

Network diagrams

D.

Baseline configuration

Buy Now
Questions 43

An administrator is Investigating an incident and discovers several users’ computers were Infected with malware after viewing files mat were shared with them. The administrator discovers no degraded performance in the infected machines and an examination of the log files does not show excessive failed logins. Which of the following attacks Is most likely the cause of the malware?

Options:

A.

Malicious flash drive

B.

Remote access Trojan

C.

Brute-forced password

D.

Cryptojacking

Buy Now
Questions 44

A security analyst needs to propose a remediation plan 'or each item in a risk register. The item with the highest priority requires employees to have separate logins for SaaS solutions and different password complexity requirements for each solution. Which of the following implementation plans will most likely resolve this security issue?

Options:

A.

Creating a unified password complexity standard

B.

Integrating each SaaS solution with the Identity provider

C.

Securing access to each SaaS by using a single wildcard certificate

D.

Configuring geofencing on each SaaS solution

Buy Now
Questions 45

A security manager is implementing MFA and patch management. Which of the following would best describe the control type and category? (Select two).

Options:

A.

Physical

B.

Managerial

C.

Detective

D.

Administrator

E.

Preventative

F.

Technical

Buy Now
Questions 46

An employee recently resigned from a company. The employee was responsible for managing and supporting weekly batch jobs over the past five years. A few weeks after the employee resigned. one of the batch jobs talked and caused a major disruption. Which of the following would work best to prevent this type of incident from reoccurring?

Options:

A.

Job rotation

B.

Retention

C.

Outsourcing

D.

Separation of duties

Buy Now
Questions 47

The local administrator account for a company's VPN appliance was unexpectedly used to log in to the remote management interface. Which of the following would have most likely prevented this from happening'?

Options:

A.

Using least privilege

B.

Changing the default password

C.

Assigning individual user IDs

D.

Reviewing logs more frequently

Buy Now
Questions 48

A security team is reviewing the findings in a report that was delivered after a third party performed a penetration test. One of the findings indicated that a web application form field is vulnerable to cross-site scripting. Which of the following application security techniques should the security analyst recommend the developer implement to prevent this vulnerability?

Options:

A.

Secure cookies

B.

Version control

C.

Input validation

D.

Code signing

Buy Now
Questions 49

Which of the following best describes the concept of information being stored outside of its country of origin while still being subject to the laws and requirements of the country of origin?

Options:

A.

Data sovereignty

B.

Geolocation

C.

Intellectual property

D.

Geographic restrictions

Buy Now
Questions 50

Which of the following should an organization focus on the most when making decisions about vulnerability prioritization?

Options:

A.

Exposure factor

B.

CVSS

C.

CVE

D.

Industry impact

Buy Now
Questions 51

Which of the following exercises should an organization use to improve its incident response process?

Options:

A.

Tabletop

B.

Replication

C.

Failover

D.

Recovery

Buy Now
Questions 52

A software developer would like to ensure. The source code cannot be reverse engineered or debugged. Which of the following should the developer consider?

Options:

A.

Version control

B.

Obfuscation toolkit

C.

Code reuse

D.

Continuous integration

E.

Stored procedures

Buy Now
Questions 53

Which of the following security concepts is accomplished when granting access after an individual has logged into a computer network?

Options:

A.

Authorization

B.

Identification

C.

Non-repudiation

D.

Authentication

Buy Now
Questions 54

Security controls in a data center are being reviewed to ensure data is properly protected and that human life considerations are included. Which of the following best describes how the controls should be set up?

Options:

A.

Remote access points should fail closed.

B.

Logging controls should fail open.

C.

Safety controls should fail open.

D.

Logical security controls should fail closed.

Buy Now
Questions 55

Which of the following is a common source of unintentional corporate credential leakage in cloud environments?

Options:

A.

Code repositories

B.

Dark web

C.

Threat feeds

D.

State actors

E.

Vulnerability databases

Buy Now
Questions 56

An administrator must replace an expired SSL certificate. Which of the following does the administrator need to create the new SSL certificate?

Options:

A.

CSR

B.

OCSP

C.

Key

D.

CRL

Buy Now
Questions 57

A company's marketing department collects, modifies, and stores sensitive customer data. The infrastructure team is responsible for securing the data while in transit and at rest. Which of the following data roles describes the customer?

Options:

A.

Processor

B.

Custodian

C.

Subject

D.

Owner

Buy Now
Questions 58

Which of the following is a type of vulnerability that involves inserting scripts into web-based applications in order to take control of the client's web browser?

Options:

A.

SQL injection

B.

Cross-site scripting

C.

Zero-day exploit

D.

On-path attack

Buy Now
Questions 59

A security analyst receives alerts about an internal system sending a large amount of unusual DNS queries to systems on the internet over short periods of time during non-business hours. Which of the following is most likely occurring?

Options:

A.

A worm is propagating across the network.

B.

Data is being exfiltrated.

C.

A logic bomb is deleting data.

D.

Ransomware is encrypting files.

Buy Now
Questions 60

A user would like to install software and features that are not available with a smartphone's default software. Which of the following would allow the user to install unauthorized software and enable new features?

Options:

A.

SOU

B.

Cross-site scripting

C.

Jailbreaking

D.

Side loading

Buy Now
Questions 61

A security analyst discovers that a large number of employee credentials had been stolen and were being sold on the dark web. The analyst investigates and discovers that some hourly employee credentials were compromised, but salaried employee credentials were not affected.

Most employees clocked in and out while they were Inside the building using one of the kiosks connected to the network. However, some clocked out and recorded their time after leaving to go home. Only those who clocked in and out while Inside the building had credentials stolen. Each of the kiosks are on different floors, and there are multiple routers, since the business segments environments for certain business functions.

Hourly employees are required to use a website called acmetimekeeping.com to clock in and out. This website is accessible from the internet. Which of the following Is the most likely reason for this compromise?

Options:

A.

A brute-force attack was used against the time-keeping website to scan for common passwords.

B.

A malicious actor compromised the time-keeping website with malicious code using an unpatched vulnerability on the site, stealing the credentials.

C.

The internal DNS servers were poisoned and were redirecting acmetimkeeping.com to malicious domain that intercepted the credentials and then passed them through to the real site

D.

ARP poisoning affected the machines in the building and caused the kiosks lo send a copy of all the submitted credentials to a machine.

machine.

Buy Now
Questions 62

A group of developers has a shared backup account to access the source code repository. Which of the following is the best way to secure the backup account if there is an SSO failure?

Options:

A.

RAS

B.

EAP

C.

SAML

D.

PAM

Buy Now
Questions 63

Which of the following teams combines both offensive and defensive testing techniques to protect an organization's critical systems?

Options:

A.

Red

B.

Blue

C.

Purple

D.

Yellow

Buy Now
Questions 64

A client demands at least 99.99% uptime from a service provider's hosted security services. Which of the following documents includes the information the service provider should return to the client?

Options:

A.

MOA

B.

SOW

C.

MOU

D.

SLA

Buy Now
Questions 65

Which of the following is a reason why a forensic specialist would create a plan to preserve data after an modem and prioritize the sequence for performing forensic analysis?

Options:

A.

Order of volatility

B.

Preservation of event logs

C.

Chain of custody

D.

Compliance with legal hold

Buy Now
Questions 66

Which of the following alert types is the most likely to be ignored over time?

Options:

A.

True positive

B.

True negative

C.

False positive

D.

False negative

Buy Now
Questions 67

An administrator discovers that some files on a database server were recently encrypted. The administrator sees from the security logs that the data was last accessed by a domain user. Which of the following best describes the type of attack that occurred?

Options:

A.

Insider threat

B.

Social engineering

C.

Watering-hole

D.

Unauthorized attacker

Buy Now
Questions 68

A systems administrator works for a local hospital and needs to ensure patient data is protected and secure. Which of the following data classifications should be used to secure patient data?

Options:

A.

Private

B.

Critical

C.

Sensitive

D.

Public

Buy Now
Questions 69

The marketing department set up its own project management software without telling the appropriate departments. Which of the following describes this scenario?

Options:

A.

Shadow IT

B.

Insider threat

C.

Data exfiltration

D.

Service disruption

Buy Now
Questions 70

Which of the following would be most useful in determining whether the long-term cost to transfer a risk is less than the impact of the risk?

Options:

A.

ARO

B.

RTO

C.

RPO

D.

ALE

E.

SLE

Buy Now
Questions 71

A U.S.-based cloud-hosting provider wants to expand its data centers to new international locations. Which of the following should the hosting provider consider first?

Options:

A.

Local data protection regulations

B.

Risks from hackers residing in other countries

C.

Impacts to existing contractual obligations

D.

Time zone differences in log correlation

Buy Now
Questions 72

Which of the following best describes why me SMS DIP authentication method is more risky to implement than the TOTP method?

Options:

A.

The SMS OTP method requires an end user to have an active mobile telephone service and SIM card.

B.

Generally. SMS OTP codes are valid for up to 15 minutes while the TOTP time frame is 30 to 60 seconds

C.

The SMS OTP is more likely to be intercepted and lead to unauthorized disclosure of the code than the TOTP method.

D.

The algorithm used to generate on SMS OTP code is weaker than the one used to generate a TOTP code

Buy Now
Questions 73

Which of the following aspects of the data management life cycle is most directly impacted by local and international regulations?

Options:

A.

Destruction

B.

Certification

C.

Retention

D.

Sanitization

Buy Now
Questions 74

Which of the following agreement types defines the time frame in which a vendor needs to respond?

Options:

A.

SOW

B.

SLA

C.

MOA

D.

MOU

Buy Now
Questions 75

A security analyst needs to propose a remediation plan 'or each item in a risk register. The item with the highest priority requires employees to have separate logins for SaaS solutions and different password complexity requirements for each solution. Which of the following implementation plans will most likely resolve this security issue?

Options:

A.

Creating a unified password complexity standard

B.

Integrating each SaaS solution with the Identity provider

C.

Securing access to each SaaS by using a single wildcard certificate

D.

Configuring geofencing on each SaaS solution

Buy Now
Questions 76

After a security awareness training session, a user called the IT help desk and reported a suspicious call. The suspicious caller stated that the Chief Financial Officer wanted credit card information in order to close an invoice. Which of the following topics did the user recognize from the training?

Options:

A.

Insider threat

B.

Email phishing

C.

Social engineering

D.

Executive whaling

Buy Now
Questions 77

An organization’s internet-facing website was compromised when an attacker exploited a buffer overflow. Which of the following should the organization deploy to best protect against similar attacks in the future?

Options:

A.

NGFW

B.

WAF

C.

TLS

D.

SD-WAN

Buy Now
Questions 78

A security engineer is working to address the growing risks that shadow IT services are introducing to the organization. The organization has taken a cloud-first approach end does not have an on-premises IT infrastructure. Which of the following would best secure the organization?

Options:

A.

Upgrading to a next-generation firewall

B.

Deploying an appropriate in-line CASB solution

C.

Conducting user training on software policies

D.

Configuring double key encryption in SaaS platforms

Buy Now
Questions 79

Which of the following incident response activities ensures evidence is properly handied?

Options:

A.

E-discovery

B.

Chain of custody

C.

Legal hold

D.

Preservation

Buy Now
Questions 80

Which of the following is most likely associated with introducing vulnerabilities on a corporate network by the deployment of unapproved software?

Options:

A.

Hacktivists

B.

Script kiddies

C.

Competitors

D.

Shadow IT

Buy Now
Questions 81

During a recent company safety stand-down, the cyber-awareness team gave a presentation on the importance of cyber hygiene. One topic the team covered was best practices for printing centers. Which of the following describes an attack method that relates to printing centers?

Options:

A.

Whaling

B.

Credential harvesting

C.

Prepending

D.

Dumpster diving

Buy Now
Questions 82

Which of the following is the first step to take when creating an anomaly detection process?

Options:

A.

Selecting events

B.

Building a baseline

C.

Selecting logging options

D.

Creating an event log

Buy Now
Questions 83

An administrator finds that all user workstations and servers are displaying a message that is associated with files containing an extension of .ryk. Which of the following types of infections is present on the systems?

Options:

A.

Virus

B.

Trojan

C.

Spyware

D.

Ransomware

Buy Now
Questions 84

Which of the following can best protect against an employee inadvertently installing malware on a company system?

Options:

A.

Host-based firewall

B.

System isolation

C.

Least privilege

D.

Application allow list

Buy Now
Questions 85

An organization wants a third-party vendor to do a penetration test that targets a specific device. The organization has provided basic information about the device. Which of the following best describes this kind of penetration test?

Options:

A.

Partially known environment

B.

Unknown environment

C.

Integrated

D.

Known environment

Buy Now
Questions 86

Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?

Options:

A.

Compensating control

B.

Network segmentation

C.

Transfer of risk

D.

SNMP traps

Buy Now
Questions 87

A systems administrate wants to implement a backup solution. the solution needs to allow recovery of the entire system, including the operating system, in case of a disaster. Which of the following backup types should the administrator consider?

Options:

A.

Incremental

B.

Storage area network

C.

Differential

D.

Image

Buy Now
Questions 88

An administrator notices that several users are logging in from suspicious IP addresses. After speaking with the users, the administrator determines that the employees were not logging in from those IP addresses and resets the affected users’ passwords. Which of the following should the administrator implement to prevent this type of attack from succeeding in the future?

Options:

A.

Multifactor authentication

B.

Permissions assignment

C.

Access management

D.

Password complexity

Buy Now
Questions 89

Which of the following would be the best ways to ensure only authorized personnel can access a secure facility? (Select two).

Options:

A.

Fencing

B.

Video surveillance

C.

Badge access

D.

Access control vestibule

E.

Sign-in sheet

F.

Sensor

Buy Now
Questions 90

An organization implemented cloud-managed IP cameras to monitor building entry points and sensitive areas. The service provider enables direct TCP/IP connection to stream live video footage from each camera. The organization wants to ensure this stream is encrypted and authenticated. Which of the following protocols should be implemented to best meet this objective?

Options:

A.

SSH

B.

SRTP

C.

S/MIME

D.

PPTP

Buy Now
Questions 91

Which of the following should be used to ensure a device is inaccessible to a network-connected resource?

Options:

A.

Disablement of unused services

B.

Web application firewall

C.

Host isolation

D.

Network-based IDS

Buy Now
Questions 92

A systems administrator is redesigning now devices will perform network authentication. The following requirements need to be met:

• An existing Internal certificate must be used.

• Wired and wireless networks must be supported

• Any unapproved device should be Isolated in a quarantine subnet

• Approved devices should be updated before accessing resources

Which of the following would best meet the requirements?

Options:

A.

802.IX

B.

EAP

C.

RADIUS

D.

WPA2

Buy Now
Questions 93

A security analyst learns that an attack vector, used as part of a recent incident, was a well-known IoT device exploit. The analyst needs to review logs to identify the time of the initial exploit. Which of the following logs should the analyst review first?

Options:

A.

Endpoint

B.

Application

C.

Firewall

D.

NAC

Buy Now
Questions 94

A security analyst is reviewing the following logs:

SY0-701 Question 94

Which of the following attacks is most likely occurring?

Options:

A.

Password spraying

B.

Account forgery

C.

Pass-t he-hash

D.

Brute-force

Buy Now
Questions 95

A company is discarding a classified storage array and hires an outside vendor to complete the disposal. Which of the following should the company request from the vendor?

Options:

A.

Certification

B.

Inventory list

C.

Classification

D.

Proof of ownership

Buy Now
Questions 96

Which of the following can a security director use to prioritize vulnerability patching within a company's IT environment?

Options:

A.

SOAR

B.

CVSS

C.

SIEM

D.

CVE

Buy Now
Questions 97

Users at a company are reporting they are unable to access the URL for a new retail website because it is flagged as gambling and is being blocked.

Which of the following changes would allow users to access the site?

Options:

A.

Creating a firewall rule to allow HTTPS traffic

B.

Configuring the IPS to allow shopping

C.

Tuning the DLP rule that detects credit card data

D.

Updating the categorization in the content filter

Buy Now
Questions 98

Which of the following is a possible consequence of a VM escape?

Options:

A.

Malicious instructions can be inserted into memory and give the attacker elevated permissions.

B.

An attacker can access the hypervisor and compromise other VMs.

C.

Unencrypted data can be read by a user in a separate environment.

D.

Users can install software that is not on the manufacturer's approved list.

Buy Now
Questions 99

A security engineer is installing an IPS to block signature-based attacks in the environment. Which of the following modes will best accomplish this task?

Options:

A.

Monitor

B.

Sensor

C.

Audit

D.

Active

Buy Now
Questions 100

Which of the following is the stage in an investigation when forensic images are obtained?

Options:

A.

Acquisition

B.

Preservation

C.

Reporting

D.

E-discovery

Buy Now
Questions 101

A company wants to improve the availability of its application with a solution that requires minimal effort in the event a server needs to be replaced or added. Which of the following would be the best solution to meet these objectives?

Options:

A.

Load balancing

B.

Fault tolerance

C.

Proxy servers

D.

Replication

Buy Now
Questions 102

A company is working with a vendor to perform a penetration test Which of the following includes an estimate about the number of hours required to complete the engagement?

Options:

A.

SOW

B.

BPA

C.

SLA

D.

NDA

Buy Now
Questions 103

A spoofed identity was detected for a digital certificate. Which of the following are the type of unidentified key and the certificate mat could be in use on the company domain?

Options:

A.

Private key and root certificate

B.

Public key and expired certificate

C.

Private key and self-signed certificate

D.

Public key and wildcard certificate

Buy Now
Questions 104

Client files can only be accessed by employees who need to know the information and have specified roles in the company. Which of the following best describes this security concept?

Options:

A.

Availability

B.

Confidentiality

C.

Integrity

D.

Non-repudiation

Buy Now
Questions 105

An IT manager is putting together a documented plan describing how the organization will keep operating in the event of a global incident. Which of the following plans is the IT manager creating?

Options:

A.

Business continuity

B.

Physical security

C.

Change management

D.

Disaster recovery

Buy Now
Questions 106

Which of the following explains why an attacker cannot easily decrypt passwords using a rainbow table attack?

Options:

A.

Digital signatures

B.

Salting

C.

Hashing

D.

Perfect forward secrecy

Buy Now
Questions 107

Which of the following is used to quantitatively measure the criticality of a vulnerability?

Options:

A.

CVE

B.

CVSS

C.

CIA

D.

CERT

Buy Now
Questions 108

Two companies are in the process of merging. The companies need to decide how to standardize their information security programs. Which of the following would best align the security programs?

Options:

A.

Shared deployment of CIS baselines

B.

Joint cybersecurity best practices

C.

Both companies following the same CSF

D.

Assessment of controls in a vulnerability report

Buy Now
Questions 109

Which of the following is required for an organization to properly manage its restore process in the event of system failure?

Options:

A.

IRP

B.

DRP

C.

RPO

D.

SDLC

Buy Now
Questions 110

A company implemented an MDM policy 10 mitigate risks after repealed instances of employees losing company-provided mobile phones. In several cases. The lost phones were used maliciously to perform social engineering attacks against other employees. Which of the following MDM features should be configured to best address this issue? (Select two).

Options:

A.

Screen locks

B.

Remote wipe

C.

Full device encryption

D.

Push notifications

E.

Application management

F.

Geolocation

Buy Now
Questions 111

An organization is adopting cloud services at a rapid pace and now has multiple SaaS applications in use. Each application has a separate log-in. so the security team wants to reduce the number of credentials each employee must maintain. Which of the following is the first step the security team should take?

Options:

A.

Enable SAML

B.

Create OAuth tokens.

C.

Use password vaulting.

D.

Select an IdP

Buy Now
Questions 112

Which of the following best represents an application that does not have an on-premises requirement and is accessible from anywhere?

Options:

A.

Pass

B.

Hybrid cloud

C.

Private cloud

D.

IaaS

E.

SaaS

Buy Now
Questions 113

A company recently decided to allow employees to work remotely. The company wants to protect us data without using a VPN. Which of the following technologies should the company Implement?

Options:

A.

Secure web gateway

B.

Virtual private cloud end point

C.

Deep packet Inspection

D.

Next-gene ration firewall

Buy Now
Questions 114

An analyst is evaluating the implementation of Zero Trust principles within the data plane. Which of the following would be most relevant for the analyst to evaluate?

Options:

A.

Secured zones

B.

Subject role

C.

Adaptive identity

D.

Threat scope reduction

Buy Now
Questions 115

Which of the following risk management strategies should an enterprise adopt first if a legacy application is critical to business operations and there are preventative controls that are not yet implemented?

Options:

A.

Mitigate

B.

Accept

C.

Transfer

D.

Avoid

Buy Now
Questions 116

Which of the following is an algorithm performed to verify that data has not been modified?

Options:

A.

Hash

B.

Code check

C.

Encryption

D.

Checksum

Buy Now
Questions 117

Which of the following is the primary purpose of a service that tracks log-ins and time spent using the service?

Options:

A.

Availability

B.

Accounting

C.

Authentication

D.

Authorization

Buy Now
Questions 118

A security analyst and the management team are reviewing the organizational performance of a recent phishing campaign. The user click-through rate exceeded the acceptable risk threshold, and the management team wants to reduce the impact when a user clicks on a link in a phishing message. Which of the following should the analyst do?

Options:

A.

Place posters around the office to raise awareness of common phishing activities.

B.

Implement email security filters to prevent phishing emails from being delivered

C.

Update the EDR policies to block automatic execution of downloaded programs.

D.

Create additional training for users to recognize the signs of phishing attempts.

Buy Now
Questions 119

Which of the following is the most effective way to protect an application server running software that is no longer supported from network threats?

Options:

A.

Air gap

B.

Barricade

C.

Port security

D.

Screen subnet

Buy Now
Questions 120

A security administrator is addressing an issue with a legacy system that communicates data using an unencrypted protocol to transfer sensitive data to a third party. No software updates that use an encrypted protocol are available, so a compensating control is needed. Which of the following are the most appropriate for the administrator to suggest? (Select two.)

Options:

A.

Tokenization

B.

Cryptographic downgrade

C.

SSH tunneling

D.

Segmentation

E.

Patch installation

F.

Data masking

Buy Now
Exam Code: SY0-701
Exam Name: CompTIA Security+ Exam 2024
Last Update: Dec 8, 2024
Questions: 414

PDF + Testing Engine

$57.75  $164.99

Testing Engine

$43.75  $124.99
buy now SY0-701 testing engine

PDF (Q&A)

$36.75  $104.99
buy now SY0-701 pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 12 Dec 2024