Practice Free SY0-701 Exam Online Questions
One of a company’s vendors sent an analyst a security bulletin that recommends a BIOS update.
Which of the following vulnerability types is being addressed by the patch?
- A . Virtualization
- B . Firmware
- C . Application
- D . Operating system
B
Explanation:
Firmware is a type of software that is embedded in hardware devices, such as BIOS, routers, printers, or cameras. Firmware controls the basic functions and operations of the device, and can be updated or patched to fix bugs, improve performance, or enhance security. Firmware vulnerabilities are flaws or weaknesses in the firmware code that can be exploited by attackers to gain unauthorized access, modify settings, or cause damage to the device or the network. A BIOS update is a patch that addresses a firmware vulnerability in the basic input/output system of a computer, which is responsible for booting the operating system and managing the communication between the hardware and the software. The other options are not types of vulnerabilities, but rather categories of software or technology.
An incident response specialist must stop a malicious attack from expanding to other parts of an organization.
Which of the following should the incident response specialist perform first?
- A . Eradication
- B . Recovery
- C . Containment
- D . Simulation
C
Explanation:
Containment (C)is the first critical step during a security incident to stop the spread of the attack. This could include isolating affected systems, disabling accounts, or blocking malicious traffic. According to the Incident Response Lifecycle, the order is typically: Identification → Containment → Eradication → Recovery → Lessons Learned.
Reference: CompTIA Security+ SY0-701 Objectives, Domain 5.4 C “Incident response process:
Containment as the immediate action.”
22.48.102 — 26/April/2023 22:05:11.22 GET "http://www.databaseInfo.com/index.html/../storedSQLqueries" 404
Which of the following attacks is most likely being attempted?
- A . Denial of service
- B . Password spraying
- C . SQL injection
- D . Directory traversal
D
Explanation:
The log entries show repeated attempts to access directories using patterns such as ../, which is a common directory traversal attack technique. Directory traversal (or path traversal) aims to access files and directories outside the web server’s root directory by manipulating file paths. The ../ sequence is used to move up one directory level, which attackers exploit to try and retrieve sensitive files.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 2.2: "Directory traversal attacks attempt to access files and directories outside of the web root by manipulating the file path with ../ sequences."
Exam Objectives 2.2: “Given a scenario, analyze potential indicators associated with application attacks.”
An employee emailed a new systems administrator a malicious web link and convinced the administrator to change the email server’s password. The employee used this access to remove the mailboxes of key personnel.
Which of the following security awareness concepts would help prevent this threat in the future?
- A . Recognizing phishing
- B . Providing situational awareness training
- C . Using password management
- D . Reviewing email policies
Which of the following aspects of the data management life cycle is most directly impacted by local and international regulations?
- A . Destruction
- B . Certification
- C . Retention
- D . Sanitization
C
Explanation:
Detailed
Retention policies dictate how long data must be stored to comply with local and international regulations. Non-compliance can result in legal and financial penalties.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: "Data Retention and Legal Requirements".
Which of the following actors attacking an organization is the most likely to be motivated by personal beliefs?
- A . Nation-state
- B . Organized crime
- C . Hacktvist
- D . Insider threat
Company A jointly develops a product with Company B, which is located in a different country.
Company A finds out that their intellectual property is being shared with unauthorized companies.
Which of the following has been breached?
- A . SLA
- B . AUP
- C . SOW
- D . MOA
D
Explanation:
Detailed A Memorandum of Agreement (MOA) outlines terms of cooperation, including restrictions on sharing intellectual property. A breach indicates the terms of the agreement were violated, compromising confidentiality or usage terms.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: "Third-Party Risk Management".
Company A jointly develops a product with Company B, which is located in a different country.
Company A finds out that their intellectual property is being shared with unauthorized companies.
Which of the following has been breached?
- A . SLA
- B . AUP
- C . SOW
- D . MOA
D
Explanation:
Detailed A Memorandum of Agreement (MOA) outlines terms of cooperation, including restrictions on sharing intellectual property. A breach indicates the terms of the agreement were violated, compromising confidentiality or usage terms.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: "Third-Party Risk Management".
A penetration tester visits a client’s website and downloads the site’s content.
Which of the following actions is the penetration tester performing?
- A . Unknown environment testing
- B . Vulnerability scan
- C . Due diligence
- D . Passive reconnaissance
D
Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
The described activity―visiting a website and downloading publicly accessible content―is a classic example of passive reconnaissance. Passive reconnaissance involves gathering information about a target without interacting with its internal systems or generating traffic that could be detected by security monitoring tools.
According to SY0-701, passive recon uses open-source intelligence (OSINT), such as:
Public websites
DNS records
News articles
Metadata
Public document repositories
The key distinction is that passive reconnaissance does not probe the system for vulnerabilities, nor does it send active scanning traffic.
Vulnerability scanning (B) requires active probing. Unknown environment testing (A) applies to black-box testing but still may involve active scanning. Due diligence (C) refers to risk assessment or compliance reviews, not technical reconnaissance.
Therefore, downloading the website’s content is a non-intrusive information-gathering technique, perfectly matching passive reconnaissance as defined in the exam materials under Threats, Vulnerabilities, Attack Vectors, and Pen Testing Phases.
A security analyst is prioritizing vulnerability scan results using a risk-based approach.
Which of the following is the most efficient resource for the analyst to use?
- A . Business impact analysis
- B . Common Vulnerability Scoring System
- C . Risk register
- D . Exposure factor
B
Explanation:
The Common Vulnerability Scoring System (CVSS)is a standardized framework for assessing the severity of vulnerabilities. It provides a numerical score (0-10) based on factors such as exploitability, impact, and complexity, helping security analysts prioritize remediation efforts based on risk. Business impact analysis (A)helps identify critical business functions but does not specifically prioritize vulnerabilities.
Risk register (C)tracks identified risks but does not classify vulnerabilities.
Exposure factor (D)is used in quantitative risk assessment but is not an industry standard for vulnerability prioritization.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Risk Management domain.