Practice Free SY0-701 Exam Online Questions
Which of the following tools is best for logging and monitoring in a cloud environment?
- A . IPS
- B . FIM
- C . NAC
- D . SIEM
A new employee can select a particular make and model of an employee workstation from a preapproved list.
Which of the following is this an example of?
- A . MDM
- B . CYOD
- C . PED
- D . COPE
B
Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
The described scenario is CYOD (Choose Your Own Device). In a CYOD model, employees may choose from a list of company-approved devices. These devices are vetted for compatibility, security, and organizational standards while still providing some flexibility to employees.
The SY0-701 exam differentiates CYOD from other mobile deployment models:
COPE (D) C Company-Owned, Personally Enabled: devices are company-owned and fully managed, but employees can use them personally.
MDM (A) C Mobile Device Management: a tool, not a deployment model, used for managing configurations and security on devices.
PED (C) C Portable Electronic Device: a generic category, not a deployment strategy.
CYOD strikes a balance between employee preference and maintaining a secure, standardized environment. It reduces risk associated with BYOD while avoiding the rigidity of COPE. CYOD also supports consistent patching, support, and security enforcement because all devices meet the organization’s baseline criteria.
This aligns with the Security Architecture section of SY0-701, where the exam stresses secure device deployment strategies and maintaining uniform controls over endpoint assets.
A human resources (HR) employee working from home leaves their company laptop open on the kitchen table. A family member walking through the kitchen reads an email from the Chief Financial Officer addressed to the HR department. The email contains information referencing company layoffs. The family member posts the content of the email to social media.
Which of the following policies will the HR employee most likely need to review after this incident?
- A . Hybrid work environment
- B . Operations security
- C . Data loss prevention
- D . Social engineering
B
Explanation:
Comprehensive and Detailed In-Depth
Operations security (OPSEC) focuses on identifying and protecting sensitive information to prevent unauthorized disclosure. In this scenario, the HR employee failed to safeguard confidential company information, leading to its exposure on social media.
Training in OPSEC would reinforce the need to maintain security best practices, such as locking screens when away from a device and ensuring that sensitive data is not exposed in unsecured locations.
Hybrid work environment policies relate to managing remote and in-office work but do not specifically cover security risks like unauthorized data exposure.
Data loss prevention (DLP)deals with technology-based solutions to prevent unauthorized data transfers but does not address physical security practices.
Social engineering refers to deceptive tactics used by attackers to manipulate individuals, which is not
applicable to this situation.
The HR employee should review operations security policies to prevent similar incidents in the future.
Which of the following is prevented by proper data sanitization?
- A . Hackers’ ability to obtain data from used hard drives
- B . Devices reaching end-of-life and losing support
- C . Disclosure of sensitive data through incorrect classification
- D . Incorrect inventory data leading to a laptop shortage
A
Explanation:
Detailed Proper data sanitization ensures that sensitive data is securely erased from storage devices, preventing unauthorized access or recovery when the devices are disposed of or reused.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: "Data Sanitization and Disposal Methods".
A company’s accounting department receives an urgent payment message from the company’s bank domain with instructions to wire transfer funds. The sender requests that the transfer be completed as soon as possible.
Which of the following attacks is described?
- A . Business email compromise
- B . Vishing
- C . Spear phishing
- D . Impersonation
A
Explanation:
This is a classic example of Business Email Compromise (BEC), where attackers spoof or compromise trusted email accounts to trick employees into performing unauthorized financial transactions.
Vishing (B) is voice phishing, spear phishing (C) targets individuals with customized messages, and impersonation (D) is a general term for identity deception but BEC specifically describes financial fraud via email.
BEC is a major threat covered in the Threats domain of SY0-701 【 6:Chapter 2†CompTIA Security+ Study Guide 】
A legal department must maintain a backup from all devices that have been shredded and recycled by a third party.
Which of the following best describes this requirement?
- A . Data retention
- B . Certification
- C . Sanitation
- D . Destruction
While reviewing logs, a security administrator identifies the following code:
<script>function(send_info)</script>
Which of the following best describes the vulnerability being exploited?
- A . XSS
- B . SQLi
- C . DDoS
- D . CSRF
A company is concerned with supply chain compromise of new servers and wants to limit this risk.
Which of the following should the company review first?
- A . Sanitization procedure
- B . Acquisition process
- C . Change management
- D . Asset tracking
B
Explanation:
When addressing the risk of supply chain compromise (such as the introduction of malicious hardware or firmware during procurement), the acquisition process should be reviewed first. Ensuring that the process for purchasing, inspecting, and validating new equipment includes appropriate vendor vetting and secure handling practices is the first step in mitigating supply chain risks.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 5.1: "Supply chain risk management begins with evaluating and controlling the acquisition process, including procurement and vendor assessment."
Exam Objectives 5.1: “Explain the importance of organizational security policies, standards, and frameworks.”
Which of the following is a benefit of an RTO when conducting a business impact analysis?
- A . It determines the likelihood of an incident and its cost.
- B . It determines the roles and responsibilities for incident responders.
- C . It determines the state that systems should be restored to following an incident.
- D . It determines how long an organization can tolerate downtime after an incident.
D
Explanation:
Recovery Time Objective (RTO)defines the maximum acceptable downtime before business operations must be restored. It helps organizations set expectations for recovery speed and prioritize system restoration accordingly.
A (likelihood of an incident and cost) relates to risk assessment, not RTO.
B (roles and responsibilities) falls under incident response planning, not RTO.
C (state of restored systems) is covered by Recovery Point Objective (RPO), not RTO.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Security Program Management and Oversight domain.
Which of the following exercises should an organization use to improve its incident response process?
- A . Tabletop
- B . Replication
- C . Failover
- D . Recovery
A
Explanation:
A tabletop exercise is a simulated scenario that tests the organization’s incident response plan and procedures. It involves key stakeholders and decision-makers who discuss their roles and actions in response to a hypothetical incident. It can help identify gaps, weaknesses, and improvement areas in the incident response process. It can also enhance communication, coordination, and collaboration among the participants.: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 525 1