Practice Free SY0-701 Exam Online Questions
Which of the following could potentially be introduced at the time of side loading?
- A . User impersonation
- B . Rootkit
- C . On-path attack
- D . Buffer overflow
B
Explanation:
Side loading is the process of installing applications from unofficial sources, often bypassing standard app stores. This increases the risk of installing malicious software, such as a rootkit, which is a type of malware designed to provide persistent privileged access while hiding its presence.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 2.1: "Side loading applications from unofficial sources can introduce malware, such as rootkits, to the system."
Exam Objectives 2.1: “Compare and contrast different types of threats.”
Which of the following methods would most likely be used to identify legacy systems?
- A . Bug bounty program
- B . Vulnerability scan
- C . Package monitoring
- D . Dynamic analysis
B
Explanation:
A vulnerability scan is the most likely method to identify legacy systems. These scans assess an organization’s network and systems for known vulnerabilities, including outdated or unsupported software (i.e., legacy systems) that may pose a security risk. The scan results can highlight systems that are no longer receiving updates, helping IT teams address these risks.
Bug bounty programs are used to incentivize external researchers to find security flaws, but they are less effective at identifying legacy systems.
Package monitoring tracks installed software packages for updates or issues but is not as comprehensive for identifying legacy systems.
Dynamic analysis is typically used for testing applications during runtime to find vulnerabilities, but not for identifying legacy systems.
A growing organization, which hosts an externally accessible application, adds multiple virtual servers to improve application performance and decrease the resource usage on individual servers.
Which of the following solutions is the organization most likely to employ to further increase performance and availability?
- A . Load balancer
- B . Jump server
- C . Proxy server
- D . SD-WAN
Which of the following would best explain why a security analyst is running daily vulnerability scans on all corporate endpoints?
- A . To track the status of patch installations
- B . To find shadow IT cloud deployments
- C . To continuously monitor hardware inventory
- D . To hunt for active attackers in the network
A
Explanation:
Detailed
Daily vulnerability scans help identify missing patches or updates across endpoints, allowing security teams to ensure compliance with patch management policies.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 4: Security Operations, Section: "Vulnerability Management".
Which of the following activities should a systems administrator perform to quarantine a potentially infected system?
- A . Move the device into an air-gapped environment.
- B . Disable remote log-in through Group Policy.
- C . Convert the device into a sandbox.
- D . Remote wipe the device using the MDM platform.
A
Explanation:
Detailed Quarantining a potentially infected system by placing it into an air-gapped environment physically disconnects it from the network. This prevents the spread of malware while maintaining the integrity of forensic evidence.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 4: Security Operations, Section: "Incident Response and Containment".
Which of the following activities should a systems administrator perform to quarantine a potentially infected system?
- A . Move the device into an air-gapped environment.
- B . Disable remote log-in through Group Policy.
- C . Convert the device into a sandbox.
- D . Remote wipe the device using the MDM platform.
A
Explanation:
Detailed Quarantining a potentially infected system by placing it into an air-gapped environment physically disconnects it from the network. This prevents the spread of malware while maintaining the integrity of forensic evidence.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 4: Security Operations, Section: "Incident Response and Containment".
Which of the following consequences would a retail chain most likely face from customers in the event the retailer is non-compliant with PCI DSS?
- A . Contractual impacts
- B . Sanctions
- C . Fines
- D . Reputational damage
A security company informs its customers of a new vulnerability that affects web applications. The vulnerability does not have an available patch at the moment.
Which of the following best describes this vulnerability?
- A . Zero-day
- B . XSS
- C . SQLi
- D . Buffer overflow
A
Explanation:
The best answer is A. Zero-day.
A zero-day vulnerability is a newly discovered vulnerability for which no patch or official fix is yet available. Because defenders have had zero days to fully remediate it, attackers may be able to exploit it before a vendor releases a patch.
The question specifically states that the vulnerability is new and does not have an available patch, which is the defining clue.
Why the other options are incorrect:
B. XSS Cross-site scripting is a specific web application attack type, not a description of whether a patch exists.
C. SQLiSQL injection is also a specific attack type, not the broader vulnerability status being asked about.
D. Buffer overflow Buffer overflow is a type of coding flaw, but again it does not specifically describe the condition of having no patch available.
From a Security+ perspective, when a vulnerability is newly identified and lacks a vendor fix, it is best described as a zero-day.
A penetration tester begins an engagement by performing port and service scans against the client environment according to the rules of engagement.
Which of the following reconnaissance types is the tester performing?
- A . Active
- B . Passive
- C . Defensive
- D . Offensive
A
Explanation:
Active reconnaissance is a type of reconnaissance that involves sending packets or requests to a
target and analyzing the responses. Active reconnaissance can reveal information such as open ports, services, operating systems, and vulnerabilities. However, active reconnaissance is also more likely to be detected by the target or its security devices, such as firewalls or intrusion detection systems. Port and service scans are examples of active reconnaissance techniques, as they involve probing the target for specific information.
Reference = CompTIA Security+ Certification Exam Objectives, Domain 1.1: Given a scenario, conduct reconnaissance using appropriate techniques and tools. CompTIA Security+ Study Guide (SY0-701), Chapter 2: Reconnaissance and Intelligence Gathering, page 47. CompTIA Security+ Certification Exam SY0-701 Practice Test 1, Question 1.
An analyst identifies that multiple users have the same passwords, but the hashes appear to be completely different.
Which of the following most likely explains this issue?
- A . Data masking
- B . Salting
- C . Key escrow
- D . Tokenization
B
Explanation:
Salting involves adding a unique value (salt) to each password before hashing it. This means that even if two users have the same password, the added salts ensure their hash values are different. This protects against attacks that exploit identical hash values, such as rainbow table attacks.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 1.3, “Salting passwords ensures that identical passwords do not have identical hashes, even if the same hash algorithm is used.”
Exam Objectives 1.3: “Explain the importance of cryptographic concepts.”