Practice Free SY0-701 Exam Online Questions
Question #11
An analyst discovers a suspicious item in the SQL server logs.
Which of the following could be evidence of an attempted SQL injection?
- A . cat /etc/shadow
- B . dig 25.36.99.11
- C . cd .. / .. / .. /
- D . UserId = 10 OR 1=1;
Correct Answer: D
D
Explanation:
The string "UserId = 10 OR 1=1;" is a classic SQL injection payload that exploits improper input validation to manipulate the database query logic, often granting unauthorized access or exposing data.
The other options are command-line or DNS-related and unrelated to SQL injection.
SQL injection detection is critical in application security 【 6:Chapter 6†CompTIA Security+ Study Guide 】 .
D
Explanation:
The string "UserId = 10 OR 1=1;" is a classic SQL injection payload that exploits improper input validation to manipulate the database query logic, often granting unauthorized access or exposing data.
The other options are command-line or DNS-related and unrelated to SQL injection.
SQL injection detection is critical in application security 【 6:Chapter 6†CompTIA Security+ Study Guide 】 .
Question #12
A company is concerned about weather events causing damage to the server room and downtime.
Which of the following should the company consider?
- A . Clustering servers
- B . Geographic dispersion
- C . Load balancers
- D . Off-site backups
Correct Answer: B
B
Explanation:
Geographic dispersion is a strategy that involves distributing the servers or data centers across different geographic locations. Geographic dispersion can help the company to mitigate the risk of weather events causing damage to the server room and downtime, as well as improve the availability, performance, and resilience of the network. Geographic dispersion can also enhance the disaster recovery and business continuity capabilities of the company, as it can provide backup and failover options in case of a regional outage or disruption12.
The other options are not the best ways to address the company’s concern:
Clustering servers: This is a technique that involves grouping multiple servers together to act as a single system. Clustering servers can help to improve the performance, scalability, and fault tolerance of the network, but it does not protect the servers from physical damage or downtime caused by weather events, especially if the servers are located in the same room or building3. Load balancers: These are devices or software that distribute the network traffic or workload among multiple servers or resources. Load balancers can help to optimize the utilization, efficiency, and reliability of the network, but they do not prevent the servers from being damaged or disrupted by weather events, especially if the servers are located in the same room or building4.
Off-site backups: These are copies of data or files that are stored in a different location than the original source. Off-site backups can help to protect the data from being lost or corrupted by weather events, but they do not prevent the servers from being damaged or disrupted by weather events, nor do they ensure the availability or continuity of the network services.
Reference = 1: CompTIA Security+ SY0-701 Certification Study Guide, page 972: High Availability C CompTIA Security+ SY0-701 C 3.4, video by Professor Messer3: CompTIA Security+ SY0-701 Certification Study Guide, page 984: CompTIA Security+ SY0-701 Certification Study Guide, page 99. : CompTIA Security+ SY0-701 Certification Study Guide, page 100.
B
Explanation:
Geographic dispersion is a strategy that involves distributing the servers or data centers across different geographic locations. Geographic dispersion can help the company to mitigate the risk of weather events causing damage to the server room and downtime, as well as improve the availability, performance, and resilience of the network. Geographic dispersion can also enhance the disaster recovery and business continuity capabilities of the company, as it can provide backup and failover options in case of a regional outage or disruption12.
The other options are not the best ways to address the company’s concern:
Clustering servers: This is a technique that involves grouping multiple servers together to act as a single system. Clustering servers can help to improve the performance, scalability, and fault tolerance of the network, but it does not protect the servers from physical damage or downtime caused by weather events, especially if the servers are located in the same room or building3. Load balancers: These are devices or software that distribute the network traffic or workload among multiple servers or resources. Load balancers can help to optimize the utilization, efficiency, and reliability of the network, but they do not prevent the servers from being damaged or disrupted by weather events, especially if the servers are located in the same room or building4.
Off-site backups: These are copies of data or files that are stored in a different location than the original source. Off-site backups can help to protect the data from being lost or corrupted by weather events, but they do not prevent the servers from being damaged or disrupted by weather events, nor do they ensure the availability or continuity of the network services.
Reference = 1: CompTIA Security+ SY0-701 Certification Study Guide, page 972: High Availability C CompTIA Security+ SY0-701 C 3.4, video by Professor Messer3: CompTIA Security+ SY0-701 Certification Study Guide, page 984: CompTIA Security+ SY0-701 Certification Study Guide, page 99. : CompTIA Security+ SY0-701 Certification Study Guide, page 100.
Question #13
A security administrator is deploying a DLP solution to prevent the exfiltration of sensitive customer data.
Which of the following should the administrator do first?
- A . Block access to cloud storage websites.
- B . Create a rule to block outgoing email attachments.
- C . Apply classifications to the data.
- D . Remove all user permissions from shares on the file server.
Correct Answer: C
C
Explanation:
Data classification is the process of assigning labels or tags to data based on its sensitivity, value, and risk. Data classification is the first step in a data loss prevention (DLP) solution, as it helps to identify what data needs to be protected and how. By applying classifications to the data, the security administrator can define appropriate policies and rules for the DLP solution to prevent the exfiltration of sensitive customer data.
Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 8: Data Protection, page 323. CompTIA Security+ Practice Tests: Exam SY0-701, 3rd Edition, Chapter 8: Data Protection, page 327.
C
Explanation:
Data classification is the process of assigning labels or tags to data based on its sensitivity, value, and risk. Data classification is the first step in a data loss prevention (DLP) solution, as it helps to identify what data needs to be protected and how. By applying classifications to the data, the security administrator can define appropriate policies and rules for the DLP solution to prevent the exfiltration of sensitive customer data.
Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 8: Data Protection, page 323. CompTIA Security+ Practice Tests: Exam SY0-701, 3rd Edition, Chapter 8: Data Protection, page 327.
Question #14
Which of the following practices would be best to prevent an insider from introducing malicious code into a company’s development process?
- A . Code scanning for vulnerabilities
- B . Open-source component usage
- C . Quality assurance testing
- D . Peer review and approval
Correct Answer: D
D
Explanation:
Peer review and approval is a practice that involves having other developers or experts review the code before it is deployed or released. Peer review and approval can help detect and prevent malicious code, errors, bugs, vulnerabilities, and poor quality in the development process. Peer review and approval can also enforce coding standards, best practices, and compliance requirements. Peer review and approval can be done manually or with the help of tools, such as code analysis, code review, and code signing.
Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 11: Secure Application Development, page 543 2
D
Explanation:
Peer review and approval is a practice that involves having other developers or experts review the code before it is deployed or released. Peer review and approval can help detect and prevent malicious code, errors, bugs, vulnerabilities, and poor quality in the development process. Peer review and approval can also enforce coding standards, best practices, and compliance requirements. Peer review and approval can be done manually or with the help of tools, such as code analysis, code review, and code signing.
Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 11: Secure Application Development, page 543 2
Question #15
An enterprise security team is researching a new security architecture to better protect the company’s networks and applications against the latest cyberthreats. The company has a fully remote workforce. The solution should be highly redundant and enable users to connect to a VPN with an integrated, software-based firewall.
Which of the following solutions meets these requirements?
- A . IPS
- B . SIEM
- C . SASE
- D . CASB
Correct Answer: B
Question #16
An analyst is evaluating the implementation of Zero Trust principles within the data plane.
Which of the following would be most relevant for the analyst to evaluate?
- A . Secured zones
- B . Subject role
- C . Adaptive identity
- D . Threat scope reduction
Correct Answer: D
D
Explanation:
The data plane, also known as the forwarding plane, is the part of the network that carries user traffic and data. It is responsible for moving packets from one device to another based on the routing and switching decisions made by the control plane. The data plane is a critical component of the Zero Trust architecture, as it is where most of the attacks and breaches occur. Therefore, implementing Zero Trust principles within the data plane can help to improve the security and resilience of the network.
One of the key principles of Zero Trust is to assume breach and minimize the blast radius and segment access. This means that the network should be divided into smaller and isolated segments or zones, each with its own security policies and controls. This way, if one segment is compromised, the attacker cannot easily move laterally to other segments and access more resources or data. This principle is also known as threat scope reduction, as it reduces the scope and impact of a potential threat.
The other options are not as relevant for the data plane as threat scope reduction. Secured zones are a concept related to the control plane, which is the part of the network that makes routing and switching decisions. Subject role is a concept related to the identity plane, which is the part of the network that authenticates and authorizes users and devices. Adaptive identity is a concept related to the policy plane, which is the part of the network that defines and enforces the security policies and rules.
Reference =
https://bing.com/search?q=Zero+Trust+data+plane
https://learn.microsoft.com/en-us/security/zero-trust/deploy/data
D
Explanation:
The data plane, also known as the forwarding plane, is the part of the network that carries user traffic and data. It is responsible for moving packets from one device to another based on the routing and switching decisions made by the control plane. The data plane is a critical component of the Zero Trust architecture, as it is where most of the attacks and breaches occur. Therefore, implementing Zero Trust principles within the data plane can help to improve the security and resilience of the network.
One of the key principles of Zero Trust is to assume breach and minimize the blast radius and segment access. This means that the network should be divided into smaller and isolated segments or zones, each with its own security policies and controls. This way, if one segment is compromised, the attacker cannot easily move laterally to other segments and access more resources or data. This principle is also known as threat scope reduction, as it reduces the scope and impact of a potential threat.
The other options are not as relevant for the data plane as threat scope reduction. Secured zones are a concept related to the control plane, which is the part of the network that makes routing and switching decisions. Subject role is a concept related to the identity plane, which is the part of the network that authenticates and authorizes users and devices. Adaptive identity is a concept related to the policy plane, which is the part of the network that defines and enforces the security policies and rules.
Reference =
https://bing.com/search?q=Zero+Trust+data+plane
https://learn.microsoft.com/en-us/security/zero-trust/deploy/data
Question #17
Which of the following makes Infrastructure as Code (IaC) a preferred security architecture over traditional infrastructure models?
- A . Common attacks are less likely to be effective.
- B . Configuration can be better managed and replicated.
- C . Outsourcing to a third party with more expertise in network defense is possible.
- D . Optimization can occur across a number of computing instances.
Correct Answer: B
B
Explanation:
Infrastructure as Code (IaC)enables automated provisioning and configuration of infrastructure, making environments repeatable, consistent, and scalable. The ability to better manage and replicate configurations (B)ensures that security settings are not missed and reduces misconfigurations. According to the CompTIA Security+ SY0-701exam objectives under Domain 4.1 (Explain the security implications of different architecture models),IaCprovides the ability to “automatically enforce security controls “and manage consistent configuration states, reducing human error.
Reference: CompTIA Security+ SY0-701 Objectives, Domain 4.1 C "Infrastructure as Code (IaC):
Standardized deployment, version control, configuration consistency."
B
Explanation:
Infrastructure as Code (IaC)enables automated provisioning and configuration of infrastructure, making environments repeatable, consistent, and scalable. The ability to better manage and replicate configurations (B)ensures that security settings are not missed and reduces misconfigurations. According to the CompTIA Security+ SY0-701exam objectives under Domain 4.1 (Explain the security implications of different architecture models),IaCprovides the ability to “automatically enforce security controls “and manage consistent configuration states, reducing human error.
Reference: CompTIA Security+ SY0-701 Objectives, Domain 4.1 C "Infrastructure as Code (IaC):
Standardized deployment, version control, configuration consistency."
Question #18
A penetration testing report indicated that an organization should implement controls related to database input validation.
Which of the following best identifies the type of vulnerability that was likely discovered during the test?
- A . XSS
- B . Command injection
- C . Buffer overflow
- D . SQLi
Correct Answer: D
D
Explanation:
Poor input validation in databases typically leads to SQL Injection (SQLi) vulnerabilities, where attackers manipulate input fields to execute arbitrary SQL commands and gain unauthorized data access or control.
XSS (A) affects web applications’ output rendering, command injection (B) affects OS commands, and buffer overflow (C) affects memory management, so they don’t directly relate to database input validation.
SQLi is a critical vulnerability extensively covered in the Application Security domain 【 6:Chapter 6†CompTIA Security+ Study Guide 】 .
D
Explanation:
Poor input validation in databases typically leads to SQL Injection (SQLi) vulnerabilities, where attackers manipulate input fields to execute arbitrary SQL commands and gain unauthorized data access or control.
XSS (A) affects web applications’ output rendering, command injection (B) affects OS commands, and buffer overflow (C) affects memory management, so they don’t directly relate to database input validation.
SQLi is a critical vulnerability extensively covered in the Application Security domain 【 6:Chapter 6†CompTIA Security+ Study Guide 】 .
Question #19
Which of the following can be used to mitigate attacks from high-risk regions?
- A . Obfuscation
- B . Data sovereignty
- C . IP geolocation
- D . Encryption
Correct Answer: C
Question #20
A security analyst is investigating an application server and discovers that software on the server is behaving abnormally. The software normally runs batch jobs locally and does not generate traffic, but the process is now generating outbound traffic over random high ports.
Which of the following vulnerabilities has likely been exploited in this software?
- A . Memory injection
- B . Race condition
- C . Side loading
- D . SQL injection
Correct Answer: A
A
Explanation:
Memory injection vulnerabilities allow unauthorized code or commands to be executed within a software program, leading to abnormal behavior such as generating outbound traffic over random high ports. This issue often arises from software not properly validating or encoding input, which can be exploited by attackers to inject malicious code.
Reference: CompTIA Security+ SY0-701 course content and official CompTIA study resources.
A
Explanation:
Memory injection vulnerabilities allow unauthorized code or commands to be executed within a software program, leading to abnormal behavior such as generating outbound traffic over random high ports. This issue often arises from software not properly validating or encoding input, which can be exploited by attackers to inject malicious code.
Reference: CompTIA Security+ SY0-701 course content and official CompTIA study resources.