Practice Free SY0-701 Exam Online Questions
An analyst identifies that multiple users have the same passwords, but the hashes appear to be completely different.
Which of the following most likely explains this issue?
- A . Data masking
- B . Salting
- C . Key escrow
- D . Tokenization
B
Explanation:
Salting involves adding a unique value (salt) to each password before hashing it. This means that even if two users have the same password, the added salts ensure their hash values are different. This protects against attacks that exploit identical hash values, such as rainbow table attacks.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 1.3, “Salting passwords ensures that identical passwords do not have identical hashes, even if the same hash algorithm is used.”
Exam Objectives 1.3: “Explain the importance of cryptographic concepts.”
Which of the following would a systems administrator follow when upgrading the firmware of an organization’s router?
- A . Software development life cycle
- B . Risk tolerance
- C . Certificate signing request
- D . Maintenance window
Which of the following activities uses OSINT?
- A . Social engineering testing
- B . Data analysis of logs
- C . Collecting evidence of malicious activity
- D . Producing IOC for malicious artifacts
An engineer has ensured that the switches are using the latest OS, the servers have the latest patches, and the endpoints’ definitions are up to date.
Which of the following will these actions most effectively prevent?
- A . Zero-day attacks
- B . Insider threats
- C . End-of-life support
- D . Known exploits
D
Explanation:
Applying the latest OS updates, patches, and endpoint definitions is the most effective way to prevent known exploits, which are attacks leveraging previously discovered vulnerabilities for which fixes are available.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 2.3: "Applying patches and updates prevents exploitation of known vulnerabilities."
Exam Objectives 2.3: “Analyze potential indicators associated with network attacks.”
A company has begun labeling all laptops with asset inventory stickers and associating them with employee IDs.
Which of the following security benefits do these actions provide? (Choose two.)
- A . If a security incident occurs on the device, the correct employee can be notified.
- B . The security team will be able to send user awareness training to the appropriate device.
- C . Users can be mapped to their devices when configuring software MFA tokens.
- D . User-based firewall policies can be correctly targeted to the appropriate laptops.
- E . When conducting penetration testing, the security team will be able to target the desired laptops.
- F . Company data can be accounted for when the employee leaves the organization.
A,F
Explanation:
Labeling all laptops with asset inventory stickers and associating them with employee IDs can provide several security benefits for a company. Two of these benefits are:
A company is redesigning its infrastructure and wants to reduce the number of physical servers in use.
Which of the following architectures is best suited for this goal?
- A . Isolation
- B . Segmentation
- C . Virtualization
- D . Redundancy
Which of the following security principles most likely requires validation before allowing traffic between systems?
- A . Policy enforcement
- B . Authentication
- C . Zero Trust architecture
- D . Confidentiality
C
Explanation:
Zero Trust architecture is based on the principle of "never trust, always verify," meaning all traffic between systems must be authenticated and authorized before communication is allowed, regardless of network location.
Policy enforcement (A) is important but broader. Authentication (B) is a component of Zero Trust, and confidentiality (D) refers to data protection, not access validation.
Zero Trust is a modern security framework emphasized in Security Architecture for securing enterprise environments 【 6:Chapter 3†CompTIA Security+ Study Guide 】 .
Which of the following is the best way to prevent an unauthorized user from plugging a laptop into an employee’s phone network port and then using tools to scan for database servers?
- A . MAC filtering
- B . Segmentation
- C . Certification
- D . Isolation
A
Explanation:
Detailed MAC filtering allows network administrators to control device access by specifying allowed MAC addresses. This prevents unauthorized devices, such as a laptop plugged into a network port, from gaining access.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 2: Threats and Vulnerabilities, Section: "Network Access Control Methods".
Prior to implementing a design change, the change must go through multiple steps to ensure that it does not cause any security issues.
Which of the following is most likely to be one of those steps?
- A . Management review
- B . Load testing
- C . Maintenance notifications
- D . Procedure updates
A
Explanation:
Management review is a critical step in the change management process. Before implementing any design change, management reviews help evaluate the potential impact, security implications, and alignment with organizational goals and policies. This review ensures that the change is justified, risks are understood, and proper approvals are obtained.
Load testing is a performance test, maintenance notifications are communication steps, and procedure updates are documentation activities ― all important but generally occur after management has approved the change.
The significance of management involvement in change governance is a foundational concept in the Security Program Management and Oversight domain of the SY0-701 exam 【 6:Chapter 16†CompTIA Security+ Study Guide 】 .
An administrator learns that users are receiving large quantities of unsolicited messages. The administrator checks the content filter and sees hundreds of messages sent to multiple users.
Which of the following best describes this kind of attack?
- A . Watering hole
- B . Typosquatting
- C . Business email compromise
- D . Phishing
D
Explanation:
The scenario describes a large number of unsolicited emails sent to multiple users. This is characteristic of phishing, which SY0-701 defines as mass-distributed fraudulent messages designed to trick recipients into clicking malicious links, downloading malware, or divulging sensitive information.
Phishing campaigns typically involve:
High volume
Non-targeted messaging
Use of spoofed addresses or fake content
Delivery through email systems
A watering-hole attack (A) compromises a legitimate website frequented by targets―not email. Typo squatting (B) relies on malicious websites with deceptive URLs. Business Email Compromise (C) involves highly targeted spear-phishing or impersonation attacks, not bulk email blasts.
Because this incident involves “hundreds of messages” delivered to “multiple users,” it clearly matches the characteristics of a phishing attack, not a sophisticated targeted attack type.
Phishing is the most common form of social engineering and is emphasized heavily in the Security+ exam due to its frequency and effectiveness.