Practice Free SY0-701 Exam Online Questions
Question #141
Which of the following would most likely be deployed to obtain and analyze attacker activity and techniques?
- A . Firewall
- B . IDS
- C . Honeypot
- D . Layer 3 switch
Correct Answer: C
Question #142
A security engineer configured a remote access VPN. The remote access VPN allows end users to connect to the network by using an agent that is installed on the endpoint, which establishes an encrypted tunnel.
Which of the following protocols did the engineer most likely implement?
- A . GRE
- B . IPSec
- C . SD-WAN
- D . EAP
Correct Answer: B
Question #143
Which of the following describes the procedures a penetration tester must follow while conducting a test?
- A . Rules of engagement
- B . Rules of acceptance
- C . Rules of understanding
- D . Rules of execution
Correct Answer: A
A
Explanation:
Detailed Rules of engagement specify the agreed-upon boundaries, scope, and procedures for a penetration test to ensure compliance and avoid disruption to the environment.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 4: Security Operations, Section: "Penetration Testing Procedures".
A
Explanation:
Detailed Rules of engagement specify the agreed-upon boundaries, scope, and procedures for a penetration test to ensure compliance and avoid disruption to the environment.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 4: Security Operations, Section: "Penetration Testing Procedures".
Question #144
Which of the following are the best security controls for controlling on-premises access? (Select two.)
- A . Swipe card
- B . Picture ID
- C . Phone authentication application
- D . Biometric scanner
- E . Camera
- F . Memorable
Correct Answer: A,D
A,D
Explanation:
Detailed Swipe cards and biometric scanners are commonly used to control on-premises access due to their reliability and ability to restrict unauthorized entry. Swipe cards provide physical access control, while biometric scanners ensure identity verification.
Reference: CompTIA Security+ SY0-701
Study Guide, Domain 1: General Security Concepts, Section: "Physical Security Controls".
A,D
Explanation:
Detailed Swipe cards and biometric scanners are commonly used to control on-premises access due to their reliability and ability to restrict unauthorized entry. Swipe cards provide physical access control, while biometric scanners ensure identity verification.
Reference: CompTIA Security+ SY0-701
Study Guide, Domain 1: General Security Concepts, Section: "Physical Security Controls".
Question #145
A security practitioner completes a vulnerability assessment on a company’s network and finds several vulnerabilities, which the operations team remediates.
Which of the following should be done next?
- A . Conduct an audit.
- B . Initiate a penetration test.
- C . Rescan the network.
- D . Submit a report.
Correct Answer: C
C
Explanation:
After completing a vulnerability assessment and remediating the identified vulnerabilities, the next step is to rescan the network to verify that the vulnerabilities have been successfully fixed and no new vulnerabilities have been introduced. A vulnerability assessment is a process of identifying and evaluating the weaknesses and exposures in a network, system, or application that could be exploited by attackers. A vulnerability assessment typically involves using automated tools, such as scanners, to scan the network and generate a report of the findings. The report may include information such as the severity, impact, and remediation of the vulnerabilities. The operations team is responsible for applying the appropriate patches, updates, or configurations to address the vulnerabilities and reduce the risk to the network. A rescan is necessary to confirm that the remediation actions have been effective and that the network is secure.
Conducting an audit, initiating a penetration test, or submitting a report are not the next steps after completing a vulnerability assessment and remediating the vulnerabilities. An audit is a process of reviewing and verifying the compliance of the network with the established policies, standards, and regulations. An audit may be performed by internal or external auditors, and it may use the results of the vulnerability assessment as part of the evidence. However, an audit is not a mandatory step after a vulnerability assessment, and it does not validate the effectiveness of the remediation actions.
A penetration test is a process of simulating a real-world attack on the network to test the security defenses and identify any gaps or weaknesses. A penetration test may use the results of the vulnerability assessment as a starting point, but it goes beyond scanning and involves exploiting the vulnerabilities to gain access or cause damage. A penetration test may be performed after a vulnerability assessment, but only with the proper authorization, scope, and rules of engagement. A penetration test is not a substitute for a rescan, as it does not verify that the vulnerabilities have been fixed.
Submitting a report is a step that is done after the vulnerability assessment, but before the remediation. The report is a document that summarizes the findings and recommendations of the vulnerability assessment, and it is used to communicate the results to the stakeholders and the operations team. The report may also include a follow-up plan and a timeline for the remediation actions. However, submitting a report is not the final step after the remediation, as it does not confirm that the network is secure.
Reference = CompTIA Security+ SY0-701 Certification Study Guide, page 372-375; Professor Messer’s CompTIA SY0-701 Security+ Training Course, video 4.1 – Vulnerability Scanning, 0:00 – 8:00.
C
Explanation:
After completing a vulnerability assessment and remediating the identified vulnerabilities, the next step is to rescan the network to verify that the vulnerabilities have been successfully fixed and no new vulnerabilities have been introduced. A vulnerability assessment is a process of identifying and evaluating the weaknesses and exposures in a network, system, or application that could be exploited by attackers. A vulnerability assessment typically involves using automated tools, such as scanners, to scan the network and generate a report of the findings. The report may include information such as the severity, impact, and remediation of the vulnerabilities. The operations team is responsible for applying the appropriate patches, updates, or configurations to address the vulnerabilities and reduce the risk to the network. A rescan is necessary to confirm that the remediation actions have been effective and that the network is secure.
Conducting an audit, initiating a penetration test, or submitting a report are not the next steps after completing a vulnerability assessment and remediating the vulnerabilities. An audit is a process of reviewing and verifying the compliance of the network with the established policies, standards, and regulations. An audit may be performed by internal or external auditors, and it may use the results of the vulnerability assessment as part of the evidence. However, an audit is not a mandatory step after a vulnerability assessment, and it does not validate the effectiveness of the remediation actions.
A penetration test is a process of simulating a real-world attack on the network to test the security defenses and identify any gaps or weaknesses. A penetration test may use the results of the vulnerability assessment as a starting point, but it goes beyond scanning and involves exploiting the vulnerabilities to gain access or cause damage. A penetration test may be performed after a vulnerability assessment, but only with the proper authorization, scope, and rules of engagement. A penetration test is not a substitute for a rescan, as it does not verify that the vulnerabilities have been fixed.
Submitting a report is a step that is done after the vulnerability assessment, but before the remediation. The report is a document that summarizes the findings and recommendations of the vulnerability assessment, and it is used to communicate the results to the stakeholders and the operations team. The report may also include a follow-up plan and a timeline for the remediation actions. However, submitting a report is not the final step after the remediation, as it does not confirm that the network is secure.
Reference = CompTIA Security+ SY0-701 Certification Study Guide, page 372-375; Professor Messer’s CompTIA SY0-701 Security+ Training Course, video 4.1 – Vulnerability Scanning, 0:00 – 8:00.
Question #146
Which of the following is a benefit of vendor diversity?
- A . Patch availability
- B . Zero-day resiliency
- C . Secure configuration guide applicability
- D . Load balancing
Correct Answer: B
Question #147
An analyst identifies that multiple users have the same passwords, but the hashes appear to be completely different.
Which of the following most likely explains this issue?
- A . Data masking
- B . Salting
- C . Key escrow
- D . Tokenization
Correct Answer: B
B
Explanation:
Salting involves adding a unique value (salt) to each password before hashing it. This means that even if two users have the same password, the added salts ensure their hash values are different. This protects against attacks that exploit identical hash values, such as rainbow table attacks.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 1.3, “Salting passwords ensures that identical passwords do not have identical hashes, even if the same hash algorithm is used.” Exam Objectives 1.3: “Explain the importance of cryptographic concepts.”
B
Explanation:
Salting involves adding a unique value (salt) to each password before hashing it. This means that even if two users have the same password, the added salts ensure their hash values are different. This protects against attacks that exploit identical hash values, such as rainbow table attacks.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 1.3, “Salting passwords ensures that identical passwords do not have identical hashes, even if the same hash algorithm is used.” Exam Objectives 1.3: “Explain the importance of cryptographic concepts.”
Question #148
Which of the following hardening techniques must be applied on a container image before deploying it to a production environment? (Select two).
- A . Remove default applications.
- B . Install a NIPS.
- C . Disable Telnet.
- D . Reconfigure the DNS
- E . Add an SFTP server.
- F . Delete the public certificate.
Correct Answer: A, C
A, C
Explanation:
Container image hardening best practices include removing default or unnecessary applications (A) to reduce the attack surface and disabling insecure protocols like Telnet (C) to prevent exploitation. Minimizing software components reduces vulnerabilities and limits potential exploits.
Installing a Network Intrusion Prevention System (NIPS) (B) is a network security measure, not typically embedded in a container image. Reconfiguring DNS (D), adding an SFTP server (E), or deleting public certificates (F) are unrelated or could disrupt container functionality.
These practices are part of securing containerized environments covered under Security Architecture topics in SY0-701 【 6:Chapter 10†CompTIA Security+ Study Guide 】 .
A, C
Explanation:
Container image hardening best practices include removing default or unnecessary applications (A) to reduce the attack surface and disabling insecure protocols like Telnet (C) to prevent exploitation. Minimizing software components reduces vulnerabilities and limits potential exploits.
Installing a Network Intrusion Prevention System (NIPS) (B) is a network security measure, not typically embedded in a container image. Reconfiguring DNS (D), adding an SFTP server (E), or deleting public certificates (F) are unrelated or could disrupt container functionality.
These practices are part of securing containerized environments covered under Security Architecture topics in SY0-701 【 6:Chapter 10†CompTIA Security+ Study Guide 】 .
Question #149
Which of the following can be used to compromise a system that is running an RTOS?
- A . Cross-site scripting
- B . Memory injection
- C . Replay attack
- D . Ransomware
Correct Answer: B
Question #150
A security administrator is reissuing a former employee’s laptop.
Which of the following is the best combination of data handling activities for the administrator to perform? (Select two).
- A . Data retention
- B . Certification
- C . Tokenization
- D . Classification
- E . Sanitization
- F . Enumeration
Correct Answer: C,E