Practice Free SY0-701 Exam Online Questions
Question #121
A company asks a vendor to help its internal red team with a penetration test without providing too much detail about the infrastructure.
Which of the following penetration testing methods does this scenario describe?
- A . Passive reconnaissance
- B . Partially-known environment
- C . Integrated testing
- D . Defensive testing
Correct Answer: B
B
Explanation:
This scenario describes a partially-known environment penetration test. In CompTIA Security+ SY0-701, penetration testing approaches are commonly categorized as black box (unknown), white box (fully known), and gray box (partially known). A partially-known environment means the tester is given limited information―enough to be realistic and efficient, but not complete details about the infrastructure.
Here, the vendor is assisting an internal red team and is intentionally not provided with extensive infrastructure details, which mirrors a gray-box testing approach. This method balances realism and efficiency by simulating an attacker who has some knowledge (such as credentials, architecture diagrams, or application details) but not full access or documentation.
Passive reconnaissance (A) is an activity within testing, not a testing methodology. Integrated testing
(C) refers to coordinated testing involving multiple teams (e.g., red and blue teams) with full cooperation. Defensive testing (D) focuses on validating defensive controls rather than simulating an attacker’s perspective.
Therefore, the correct answer is B: Partially-known environment.
B
Explanation:
This scenario describes a partially-known environment penetration test. In CompTIA Security+ SY0-701, penetration testing approaches are commonly categorized as black box (unknown), white box (fully known), and gray box (partially known). A partially-known environment means the tester is given limited information―enough to be realistic and efficient, but not complete details about the infrastructure.
Here, the vendor is assisting an internal red team and is intentionally not provided with extensive infrastructure details, which mirrors a gray-box testing approach. This method balances realism and efficiency by simulating an attacker who has some knowledge (such as credentials, architecture diagrams, or application details) but not full access or documentation.
Passive reconnaissance (A) is an activity within testing, not a testing methodology. Integrated testing
(C) refers to coordinated testing involving multiple teams (e.g., red and blue teams) with full cooperation. Defensive testing (D) focuses on validating defensive controls rather than simulating an attacker’s perspective.
Therefore, the correct answer is B: Partially-known environment.
Question #122
Which of the following architecture models ensures that critical systems are physically isolated from the network to prevent access from users with remote access privileges?
- A . Segmentation
- B . Virtualized
- C . Air-gapped
- D . Serverless
Correct Answer: C
C
Explanation:
Anair-gapped (C)system is completely isolated from unsecured networks (like the internet) and other systems, preventing any form of remote access. This is often used in highly sensitive environments such as military, nuclear, or critical infrastructure systems.
This is mentioned under Domain 3.4: Given a scenario, apply cybersecurity resilience concepts in the CompTIA Security+ SY0-701 Exam Objectives, specifically under “Isolation (e.g., air-gapped)”.
Reference: CompTIA Security+ SY0-701 Objectives, Domain 3.4 C “Cybersecurity resilience: Isolation (e.g., air-gapped).”
C
Explanation:
Anair-gapped (C)system is completely isolated from unsecured networks (like the internet) and other systems, preventing any form of remote access. This is often used in highly sensitive environments such as military, nuclear, or critical infrastructure systems.
This is mentioned under Domain 3.4: Given a scenario, apply cybersecurity resilience concepts in the CompTIA Security+ SY0-701 Exam Objectives, specifically under “Isolation (e.g., air-gapped)”.
Reference: CompTIA Security+ SY0-701 Objectives, Domain 3.4 C “Cybersecurity resilience: Isolation (e.g., air-gapped).”
Question #123
A security analyst is creating base for the server team to follow when hardening new devices for deployment.
Which of the following beet describes what the analyst is creating?
- A . Change management procedure
- B . Information security policy
- C . Cybersecurity framework
- D . Secure configuration guide
Correct Answer: D
D
Explanation:
The security analyst is creating a "secure configuration guide," which is a set of instructions or guidelines used to configure devices securely before deployment. This guide ensures that the devices are set up according to best practices to minimize vulnerabilities and protect against potential security threats.
CompTIA Security+ SY0-701 Course Content: Domain 03 Security Architecture.
CompTIA Security+ SY0-601 Study Guide: Chapter on System Hardening and Secure Configuration.
D
Explanation:
The security analyst is creating a "secure configuration guide," which is a set of instructions or guidelines used to configure devices securely before deployment. This guide ensures that the devices are set up according to best practices to minimize vulnerabilities and protect against potential security threats.
CompTIA Security+ SY0-701 Course Content: Domain 03 Security Architecture.
CompTIA Security+ SY0-601 Study Guide: Chapter on System Hardening and Secure Configuration.
Question #124
Which of the following data recovery strategies will result in a quick recovery at low cost?
- A . Hot
- B . Cold
- C . Manual
- D . Warm
Correct Answer: D
D
Explanation:
A warm site offers a compromise between cost and recovery speed. It includes hardware and network infrastructure partially configured, allowing quicker recovery than a cold site but at lower cost than a hot site.
Hot sites (A) enable rapid recovery but at high cost. Cold sites (B) are low cost but slow to recover.
Manual (C) refers to manual processes, typically slower.
Warm sites balance recovery time and cost in disaster recovery planning 【 6:Chapter 9†CompTIA Security+ Study Guide 】 .
D
Explanation:
A warm site offers a compromise between cost and recovery speed. It includes hardware and network infrastructure partially configured, allowing quicker recovery than a cold site but at lower cost than a hot site.
Hot sites (A) enable rapid recovery but at high cost. Cold sites (B) are low cost but slow to recover.
Manual (C) refers to manual processes, typically slower.
Warm sites balance recovery time and cost in disaster recovery planning 【 6:Chapter 9†CompTIA Security+ Study Guide 】 .
Question #125
The number of tickets the help desk has been receiving has increased recently due to numerous false-positive phishing reports.
Which of the following would be best to help to reduce the false positives?
- A . Performing more phishing simulation campaigns
- B . Improving security awareness training
- C . Hiring more help desk staff
- D . Implementing an incident reporting web page
Correct Answer: B
B
Explanation:
Improving security awareness training directly addresses user behavior by teaching employees how to better recognize legitimate emails versus actual phishing attempts. Enhanced training can reduce the number of false positives by helping users more accurately identify true phishing attempts, lowering unnecessary reports and thus help desk workload.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 5.5: "Improved security awareness training helps reduce false positives in user reporting by teaching users to accurately identify phishing attempts."
Exam Objectives 5.5: “Summarize security awareness and training techniques.”
B
Explanation:
Improving security awareness training directly addresses user behavior by teaching employees how to better recognize legitimate emails versus actual phishing attempts. Enhanced training can reduce the number of false positives by helping users more accurately identify true phishing attempts, lowering unnecessary reports and thus help desk workload.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 5.5: "Improved security awareness training helps reduce false positives in user reporting by teaching users to accurately identify phishing attempts."
Exam Objectives 5.5: “Summarize security awareness and training techniques.”
Question #126
A company’s marketing department collects, modifies, and stores sensitive customer data. The infrastructure team is responsible for securing the data while in transit and at rest.
Which of the following data roles describes the customer?
- A . Processor
- B . Custodian
- C . Subject
- D . Owner
Correct Answer: C
C
Explanation:
According to the CompTIA Security+ SY0-701 Certification Study Guide, data subjects are the individuals whose personal data is collected, processed, or stored by an organization. Data subjects have certain rights and expectations regarding how their data is handled, such as the right to access, correct, delete, or restrict their data. Data subjects are different from data owners, who are the individuals or entities that have the authority and responsibility to determine how data is classified, protected, and used. Data subjects are also different from data processors, who are the individuals or entities that perform operations on data on behalf of the data owner, such as collecting, modifying, storing, or transmitting data. Data subjects are also different from data custodians, who are the individuals or entities that implement the security controls and procedures specified by the data owner to protect data while in transit and at rest.
CompTIA Security+ SY0-701 Certification Study Guide, Chapter 2: Data Security, page 511
C
Explanation:
According to the CompTIA Security+ SY0-701 Certification Study Guide, data subjects are the individuals whose personal data is collected, processed, or stored by an organization. Data subjects have certain rights and expectations regarding how their data is handled, such as the right to access, correct, delete, or restrict their data. Data subjects are different from data owners, who are the individuals or entities that have the authority and responsibility to determine how data is classified, protected, and used. Data subjects are also different from data processors, who are the individuals or entities that perform operations on data on behalf of the data owner, such as collecting, modifying, storing, or transmitting data. Data subjects are also different from data custodians, who are the individuals or entities that implement the security controls and procedures specified by the data owner to protect data while in transit and at rest.
CompTIA Security+ SY0-701 Certification Study Guide, Chapter 2: Data Security, page 511
Question #127
Which of the following must be considered when designing a high-availability network? (Choose two).
- A . Ease of recovery
- B . Ability to patch
- C . Physical isolation
- D . Responsiveness
- E . Attack surface
- F . Extensible authentication
Correct Answer: A,E
A,E
Explanation:
A high-availability network is a network that is designed to minimize downtime and ensure continuous operation even in the event of a failure or disruption. A high-availability network must consider the following factors12:
Ease of recovery: This refers to the ability of the network to restore normal functionality quickly and efficiently after a failure or disruption. Ease of recovery can be achieved by implementing backup and restore procedures, redundancy and failover mechanisms, fault tolerance and resilience, and disaster recovery plans.
Attack surface: This refers to the amount of exposure and vulnerability of the network to potential threats and attacks. Attack surface can be reduced by implementing security controls such as firewalls, encryption, authentication, access control, segmentation, and hardening.
The other options are not directly related to high-availability network design:
Ability to patch: This refers to the process of updating and fixing software components to address security issues, bugs, or performance improvements. Ability to patch is important for maintaining the security and functionality of the network, but it is not a specific factor for high-availability network design.
Physical isolation: This refers to the separation of network components or devices from other networks or physical environments. Physical isolation can enhance the security and performance of the network, but it can also reduce the availability and accessibility of the network resources.
Responsiveness: This refers to the speed and quality of the network’s performance and service delivery. Responsiveness can be measured by metrics such as latency, throughput, jitter, and packet loss. Responsiveness is important for ensuring customer satisfaction and user experience, but it is not a specific factor for high-availability network design.
Extensible authentication: This refers to the ability of the network to support multiple and flexible authentication methods and protocols. Extensible authentication can improve the security and convenience of the network, but it is not a specific factor for high-availability network design.
= 1: CompTIA Security+ SY0-701 Certification Study Guide, page 972: High Availability C CompTIA Security+ SY0-701 C 3.4, video by Professor Messer.
A,E
Explanation:
A high-availability network is a network that is designed to minimize downtime and ensure continuous operation even in the event of a failure or disruption. A high-availability network must consider the following factors12:
Ease of recovery: This refers to the ability of the network to restore normal functionality quickly and efficiently after a failure or disruption. Ease of recovery can be achieved by implementing backup and restore procedures, redundancy and failover mechanisms, fault tolerance and resilience, and disaster recovery plans.
Attack surface: This refers to the amount of exposure and vulnerability of the network to potential threats and attacks. Attack surface can be reduced by implementing security controls such as firewalls, encryption, authentication, access control, segmentation, and hardening.
The other options are not directly related to high-availability network design:
Ability to patch: This refers to the process of updating and fixing software components to address security issues, bugs, or performance improvements. Ability to patch is important for maintaining the security and functionality of the network, but it is not a specific factor for high-availability network design.
Physical isolation: This refers to the separation of network components or devices from other networks or physical environments. Physical isolation can enhance the security and performance of the network, but it can also reduce the availability and accessibility of the network resources.
Responsiveness: This refers to the speed and quality of the network’s performance and service delivery. Responsiveness can be measured by metrics such as latency, throughput, jitter, and packet loss. Responsiveness is important for ensuring customer satisfaction and user experience, but it is not a specific factor for high-availability network design.
Extensible authentication: This refers to the ability of the network to support multiple and flexible authentication methods and protocols. Extensible authentication can improve the security and convenience of the network, but it is not a specific factor for high-availability network design.
= 1: CompTIA Security+ SY0-701 Certification Study Guide, page 972: High Availability C CompTIA Security+ SY0-701 C 3.4, video by Professor Messer.
Question #128
Which of the following will harden access to a new database system? (Select two)
- A . Jump server
- B . NIDS
- C . Monitoring
- D . Proxy server
- E . Host-based firewall
- F . WAF
Correct Answer: A,E
A,E
Explanation:
Hardening access to a new database system requires implementing controls that restrict and secure how administrators and applications connect to the database. A jump server (A) is a hardened intermediary system used to manage access to sensitive systems such as databases. By forcing administrators to authenticate through a controlled, monitored jump host instead of connecting directly, organizations reduce attack surfaces and prevent unauthorized lateral movement. Security+ SY0-701 identifies jump servers as critical in securing high-value systems.
A host-based firewall (E) provides system-level traffic filtering directly on the database server. It allows only trusted IPs, ports, and services to communicate with the database, significantly reducing exposure. This is an essential hardening measure because databases should only accept connections from specific application servers or administrative hosts.
NIDS (B) monitors traffic but does not harden access. Monitoring (C) provides visibility but does not restrict access. A proxy server (D) is not typically used for database access. A WAF (F) protects web applications, not internal database systems.
Thus, A (Jump server) and E (Host-based firewall) are the correct hardening controls.
A,E
Explanation:
Hardening access to a new database system requires implementing controls that restrict and secure how administrators and applications connect to the database. A jump server (A) is a hardened intermediary system used to manage access to sensitive systems such as databases. By forcing administrators to authenticate through a controlled, monitored jump host instead of connecting directly, organizations reduce attack surfaces and prevent unauthorized lateral movement. Security+ SY0-701 identifies jump servers as critical in securing high-value systems.
A host-based firewall (E) provides system-level traffic filtering directly on the database server. It allows only trusted IPs, ports, and services to communicate with the database, significantly reducing exposure. This is an essential hardening measure because databases should only accept connections from specific application servers or administrative hosts.
NIDS (B) monitors traffic but does not harden access. Monitoring (C) provides visibility but does not restrict access. A proxy server (D) is not typically used for database access. A WAF (F) protects web applications, not internal database systems.
Thus, A (Jump server) and E (Host-based firewall) are the correct hardening controls.
Question #128
Which of the following will harden access to a new database system? (Select two)
- A . Jump server
- B . NIDS
- C . Monitoring
- D . Proxy server
- E . Host-based firewall
- F . WAF
Correct Answer: A,E
A,E
Explanation:
Hardening access to a new database system requires implementing controls that restrict and secure how administrators and applications connect to the database. A jump server (A) is a hardened intermediary system used to manage access to sensitive systems such as databases. By forcing administrators to authenticate through a controlled, monitored jump host instead of connecting directly, organizations reduce attack surfaces and prevent unauthorized lateral movement. Security+ SY0-701 identifies jump servers as critical in securing high-value systems.
A host-based firewall (E) provides system-level traffic filtering directly on the database server. It allows only trusted IPs, ports, and services to communicate with the database, significantly reducing exposure. This is an essential hardening measure because databases should only accept connections from specific application servers or administrative hosts.
NIDS (B) monitors traffic but does not harden access. Monitoring (C) provides visibility but does not restrict access. A proxy server (D) is not typically used for database access. A WAF (F) protects web applications, not internal database systems.
Thus, A (Jump server) and E (Host-based firewall) are the correct hardening controls.
A,E
Explanation:
Hardening access to a new database system requires implementing controls that restrict and secure how administrators and applications connect to the database. A jump server (A) is a hardened intermediary system used to manage access to sensitive systems such as databases. By forcing administrators to authenticate through a controlled, monitored jump host instead of connecting directly, organizations reduce attack surfaces and prevent unauthorized lateral movement. Security+ SY0-701 identifies jump servers as critical in securing high-value systems.
A host-based firewall (E) provides system-level traffic filtering directly on the database server. It allows only trusted IPs, ports, and services to communicate with the database, significantly reducing exposure. This is an essential hardening measure because databases should only accept connections from specific application servers or administrative hosts.
NIDS (B) monitors traffic but does not harden access. Monitoring (C) provides visibility but does not restrict access. A proxy server (D) is not typically used for database access. A WAF (F) protects web applications, not internal database systems.
Thus, A (Jump server) and E (Host-based firewall) are the correct hardening controls.
Question #130
An MSSP manages firewalls for hundreds of clients.
Which of the following tools would be most helpful to create a standard configuration template in order to improve the efficiency of firewall changes?
- A . SNMP
- B . Benchmarks
- C . Netflow
- D . SCAP
Correct Answer: B
B
Explanation:
Benchmarks provide standardized security configuration baselines or templates (such as CIS Benchmarks) for systems including firewalls. Using benchmarks helps MSSPs apply consistent and secure configurations across many clients efficiently.
SNMP (A) is for network device management, Netflow (C) is for traffic analysis, and SCAP (D) is a framework for vulnerability and compliance management but not directly for template creation.
Benchmarks are fundamental for configuration management in Security Operations 【 6:Chapter 14†CompTIA Security+ Study Guide 】 .
B
Explanation:
Benchmarks provide standardized security configuration baselines or templates (such as CIS Benchmarks) for systems including firewalls. Using benchmarks helps MSSPs apply consistent and secure configurations across many clients efficiently.
SNMP (A) is for network device management, Netflow (C) is for traffic analysis, and SCAP (D) is a framework for vulnerability and compliance management but not directly for template creation.
Benchmarks are fundamental for configuration management in Security Operations 【 6:Chapter 14†CompTIA Security+ Study Guide 】 .