Practice Free SY0-701 Exam Online Questions
One of a company’s vendors sent an analyst a security bulletin that recommends a BIOS update.
Which of the following vulnerability types is being addressed by the patch?
- A . Virtualization
- B . Firmware
- C . Application
- D . Operating system
B
Explanation:
Firmware is a type of software that is embedded in hardware devices, such as BIOS, routers, printers, or cameras. Firmware controls the basic functions and operations of the device, and can be updated or patched to fix bugs, improve performance, or enhance security. Firmware vulnerabilities are flaws or weaknesses in the firmware code that can be exploited by attackers to gain unauthorized access, modify settings, or cause damage to the device or the network. A BIOS update is a patch that addresses a firmware vulnerability in the basic input/output system of a computer, which is responsible for booting the operating system and managing the communication between the hardware and the software. The other options are not types of vulnerabilities, but rather categories of software or technology.
Which of the following should an organization use to protect its environment from external attacks conducted by an unauthorized hacker?
- A . ACL
- B . IDS
- C . HIDS
- D . NIPS
An administrator finds that all user workstations and servers are displaying a message that is associated with files containing an extension of .ryk.
Which of the following types of infections is present on the systems?
- A . Virus
- B . Trojan
- C . Spyware
- D . Ransomware
D
Explanation:
Ransomware is a type of malware that encrypts the victim’s files and demands a ransom for the decryption key. The ransomware usually displays a message on the infected system with instructions on how to pay the ransom and recover the files. The .ryk extension is associated with a ransomware variant called Ryuk, which targets large organizations and demands high ransoms1.
Reference: CompTIA Security+ Certification Kit: Exam SY0-701, 7th Edition, Chapter 1, page 17.
A security team is reviewing the findings in a report that was delivered after a third party performed a penetration test. One of the findings indicated that a web application form field is vulnerable to cross-site scripting.
Which of the following application security techniques should the security analyst recommend the developer implement to prevent this vulnerability?
- A . Secure cookies
- B . Version control
- C . Input validation
- D . Code signing
C
Explanation:
Input validation is a technique that checks the user input for any malicious or unexpected data before processing it by the web application. Input validation can prevent cross-site scripting (XSS) attacks, which exploit the vulnerability of a web application to execute malicious scripts in the browser of a victim. XSS attacks can compromise the confidentiality, integrity, and availability of the web application and its users. Input validation can be implemented on both the client-side and the server-side, but server-side validation is more reliable and secure. Input validation can use various methods, such as whitelisting, blacklisting, filtering, escaping, encoding, and sanitizing the input data.
Reference = CompTIA Security+ Study Guide with over 500 Practice Test Questions: Exam SY0-701, 9th Edition, Chapter 2, page 70. CompTIA Security+ (SY0-701) Certification Exam Objectives, Domain 3.2, page 11. Application Security C SY0-601 CompTIA Security+: 3.2
A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system.
Which of the following would detect this behavior?
- A . Implementing encryption
- B . Monitoring outbound traffic
- C . Using default settings
- D . Closing all open ports
B
Explanation:
Monitoring outbound traffic is essential for detecting unauthorized data exfiltration from a system. A new vulnerability that allows malware to move data unauthorizedly would typically attempt to send this data out of the network. By monitoring outbound traffic, security tools can detect unusual data transfers, trigger alerts, and help prevent the exfiltration of sensitive information.
Reference =
CompTIA Security+ SY0-701 Course Content: Domain 04 Security Operations.
CompTIA Security+ SY0-601 Study Guide: Chapter on Threat Detection and Response.
Various stakeholders are meeting to discuss their hypothetical roles and responsibilities in a specific situation, such as a security incident or major disaster.
Which of the following best describes this meeting?
- A . Penetration test
- B . Continuity of operations planning
- C . Tabletop exercise
- D . Simulation
C
Explanation:
A tabletop exercise is a discussion-based exercise where stakeholders gather to walk through the roles and responsibilities they would have during a specific situation, such as a security incident or disaster. This type of exercise is designed to identify gaps in planning and improve coordination among team members without the need for physical execution.
Reference = CompTIA Security+ SY0-701 study materials, particularly in the domain of security operations and disaster recovery planning.
Which of the following is used to quantitatively measure the criticality of a vulnerability?
- A . CVE
- B . CVSS
- C . CIA
- D . CERT
B
Explanation:
CVSS stands for Common Vulnerability Scoring System, which is a framework that provides a standardized way to assess and communicate the severity and risk of vulnerabilities. CVSS uses a set of metrics and formulas to calculate a numerical score ranging from 0 to 10, where higher scores indicate higher criticality. CVSS can help organizations prioritize remediation efforts and compare vulnerabilities across different systems and vendors. The other options are not used to measure the criticality of a vulnerability, but rather to identify, classify, or report them.
Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 39
Which of the following is used to quantitatively measure the criticality of a vulnerability?
- A . CVE
- B . CVSS
- C . CIA
- D . CERT
B
Explanation:
CVSS stands for Common Vulnerability Scoring System, which is a framework that provides a standardized way to assess and communicate the severity and risk of vulnerabilities. CVSS uses a set of metrics and formulas to calculate a numerical score ranging from 0 to 10, where higher scores indicate higher criticality. CVSS can help organizations prioritize remediation efforts and compare vulnerabilities across different systems and vendors. The other options are not used to measure the criticality of a vulnerability, but rather to identify, classify, or report them.
Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 39
A company implemented an MDM policy 10 mitigate risks after repealed instances of employees losing company-provided mobile phones. In several cases. The lost phones were used maliciously to perform social engineering attacks against other employees.
Which of the following MDM features should be configured to best address this issue? (Select two).
- A . Screen locks
- B . Remote wipe
- C . Full device encryption
- D . Push notifications
- E . Application management
- F . Geolocation
A,B
Explanation:
Integrating each SaaS solution with an Identity Provider (IdP) is the most effective way to address the
security issue. This approach allows for Single Sign-On (SSO) capabilities, where users can access
multiple SaaS applications with a single set of credentials while maintaining strong password policies
across all services. It simplifies the user experience and ensures consistent security enforcement
across different SaaS platforms.
Reference =
CompTIA Security+ SY0-701 Course Content: Domain 05 Security Program Management and Oversight.
CompTIA Security+ SY0-601 Study Guide: Chapter on Identity and Access Management.
After failing an audit twice, an organization has been ordered by a government regulatory agency to pay fines.
Which of the following caused this action?
- A . Non-compliance
- B . Contract violations
- C . Government sanctions
- D . Rules of engagement