Practice Free SY0-701 Exam Online Questions
Question #191
Which of the following data types relates to data sovereignty?
- A . Data classified as public in other countries
- B . Personally Identifiable data while traveling
- C . Health data shared between doctors in other nations
- D . Data at rest outside of a country’s borders
Correct Answer: D
D
Explanation:
Data sovereignty concerns the laws and governance that apply to data at rest outside of a country’s borders. It refers to the legal implications and regulatory controls over where data is stored geographically.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 5.4: "Data sovereignty refers to data being subject to the laws of the country in which it resides."
Exam Objectives 5.4: “Given a scenario, implement data security and privacy practices.”
D
Explanation:
Data sovereignty concerns the laws and governance that apply to data at rest outside of a country’s borders. It refers to the legal implications and regulatory controls over where data is stored geographically.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 5.4: "Data sovereignty refers to data being subject to the laws of the country in which it resides."
Exam Objectives 5.4: “Given a scenario, implement data security and privacy practices.”
Question #192
A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider.
Which of the following is a risk in the new system?
- A . Default credentials
- B . Non-segmented network
- C . Supply chain vendor
- D . Vulnerable software
Correct Answer: C
C
Explanation:
A supply chain vendor is a third-party entity that provides goods or services to an organization, such as a SaaS provider. A supply chain vendor can pose a risk to the new system if the vendor has poor security practices, breaches, or compromises that could affect the confidentiality, integrity, or availability of the system or its data. The organization should perform due diligence and establish a service level agreement with the vendor to mitigate this risk. The other options are not specific to the scenario of using a SaaS provider, but rather general risks that could apply to any system.
C
Explanation:
A supply chain vendor is a third-party entity that provides goods or services to an organization, such as a SaaS provider. A supply chain vendor can pose a risk to the new system if the vendor has poor security practices, breaches, or compromises that could affect the confidentiality, integrity, or availability of the system or its data. The organization should perform due diligence and establish a service level agreement with the vendor to mitigate this risk. The other options are not specific to the scenario of using a SaaS provider, but rather general risks that could apply to any system.
Question #193
A security administrator needs to reduce the attack surface in the company’s data centers.
Which of the following should the security administrator do to complete this task?
- A . Implement a honeynet.
- B . Define Group Policy on the servers.
- C . Configure the servers for high availability.
- D . Upgrade end-of-support operating systems.
Correct Answer: D
D
Explanation:
Upgrading end-of-support operating systems Sone of the most effective ways to reduce the attack surface. Unsupported OS versions no longer receive security patches, making them prime targets for attackers. Removing outdated software ensures that known vulnerabilities cannot be exploited.
A (honeynet) is used for threat analysis, not reducing the attack surface.
B (Group Policy) helps enforce security policies but does not address outdated vulnerabilities.
C (High availability) focuses on uptime, not security risk reduction.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Security Architecture domain.
D
Explanation:
Upgrading end-of-support operating systems Sone of the most effective ways to reduce the attack surface. Unsupported OS versions no longer receive security patches, making them prime targets for attackers. Removing outdated software ensures that known vulnerabilities cannot be exploited.
A (honeynet) is used for threat analysis, not reducing the attack surface.
B (Group Policy) helps enforce security policies but does not address outdated vulnerabilities.
C (High availability) focuses on uptime, not security risk reduction.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Security Architecture domain.
Question #194
The physical security team at a company receives reports that employees are not displaying their badges. The team also observes employees tailgating at controlled entrances.
Which of the following topics will the security team most likely emphasize in upcoming security training?
- A . Social engineering
- B . Situational awareness
- C . Phishing
- D . Acceptable use policy
Correct Answer: B
B
Explanation:
Situational awareness refers to being mindful of security risks in one’s environment and taking proactive measures to mitigate them. In this scenario, employees are failing to display their identification badges and allowing unauthorized personnel to follow them into restricted areas (tailgating). These behaviors pose significant security risks, such as unauthorized access to sensitive locations.
Security training focused on situational awareness will educate employees on the importance of remaining vigilant about security practices, recognizing potential threats, and enforcing access control measures.
Social engineering involves manipulating individuals to gain unauthorized access, but this scenario highlights poor adherence to security protocols rather than deception.
Phishing is an email-based attack aimed at stealing sensitive information, which is unrelated to physical security lapses.
Acceptable use policy governs the proper use of company resources but does not specifically address tailgating or badge display issues.
Thus, situational awareness is the most relevant security training topic for addressing these concerns.
B
Explanation:
Situational awareness refers to being mindful of security risks in one’s environment and taking proactive measures to mitigate them. In this scenario, employees are failing to display their identification badges and allowing unauthorized personnel to follow them into restricted areas (tailgating). These behaviors pose significant security risks, such as unauthorized access to sensitive locations.
Security training focused on situational awareness will educate employees on the importance of remaining vigilant about security practices, recognizing potential threats, and enforcing access control measures.
Social engineering involves manipulating individuals to gain unauthorized access, but this scenario highlights poor adherence to security protocols rather than deception.
Phishing is an email-based attack aimed at stealing sensitive information, which is unrelated to physical security lapses.
Acceptable use policy governs the proper use of company resources but does not specifically address tailgating or badge display issues.
Thus, situational awareness is the most relevant security training topic for addressing these concerns.
Question #195
Which of the following control types describes an alert from a SIEM tool?
- A . Preventive
- B . Corrective
- C . Compensating
- D . Detective
Correct Answer: D
D
Explanation:
Alerts generated by SIEM (Security Information and Event Management) tools are detective controls, as they identify and notify about suspicious activities but do not prevent or correct the events themselves.
Preventive controls stop incidents before they occur, corrective controls remediate issues, and compensating controls are alternatives used when primary controls aren’t feasible.
Detective controls are foundational in Security Operations for incident detection and response 【 6:Chapter 14†CompTIA Security+ Study Guide 】 .
D
Explanation:
Alerts generated by SIEM (Security Information and Event Management) tools are detective controls, as they identify and notify about suspicious activities but do not prevent or correct the events themselves.
Preventive controls stop incidents before they occur, corrective controls remediate issues, and compensating controls are alternatives used when primary controls aren’t feasible.
Detective controls are foundational in Security Operations for incident detection and response 【 6:Chapter 14†CompTIA Security+ Study Guide 】 .
Question #196
Which of the following consequences would a retail chain most likely face from customers in the event the retailer is non-compliant with PCI DSS?
- A . Contractual impacts
- B . Sanctions
- C . Fines
- D . Reputational damage
Correct Answer: A
Question #197
Which of the following activities are associated with vulnerability management? (Select two).
- A . Reporting
- B . Prioritization
- C . Exploiting
- D . Correlation
- E . Containment
- F . Tabletop exercise
Correct Answer: A,B
Question #198
The management team notices that new accounts that are set up manually do not always have correct access or permissions.
Which of the following automation techniques should a systems administrator use to streamline account creation?
- A . Guard rail script
- B . Ticketing workflow
- C . Escalation script
- D . User provisioning script
Correct Answer: D
D
Explanation:
A user provisioning script is an automation technique that uses a predefined set of instructions or commands to create, modify, or delete user accounts and assign appropriate access or permissions. A user provisioning script can help to streamline account creation by reducing manual errors, ensuring consistency and compliance, and saving time and resources12.
The other options are not automation techniques that can streamline account creation:
Guard rail script: This is a script that monitors and enforces the security policies and rules on a system or a network. A guard rail script can help to prevent unauthorized or malicious actions, such as changing security settings, accessing restricted resources, or installing unwanted software3.
Ticketing workflow: This is a process that tracks and manages the requests, issues, or incidents that are reported by users or customers. A ticketing workflow can help to improve the communication, collaboration, and resolution of problems, but it does not automate the account creation process4.
Escalation script: This is a script that triggers an alert or a notification when a certain condition or threshold is met or exceeded. An escalation script can help to inform the relevant parties or authorities of a critical situation, such as a security breach, a performance degradation, or a service
outage.
= 1: CompTIA Security+ SY0-701 Certification Study Guide, page 1022: User Provisioning C CompTIA Security+ SY0-701 C 5.1, video by Professor Messer3: CompTIA Security+ SY0-701 Certification Study Guide, page 1034: CompTIA Security+ SY0-701 Certification Study Guide, page 104.: CompTIA Security+ SY0-701 Certification Study Guide, page 105.
D
Explanation:
A user provisioning script is an automation technique that uses a predefined set of instructions or commands to create, modify, or delete user accounts and assign appropriate access or permissions. A user provisioning script can help to streamline account creation by reducing manual errors, ensuring consistency and compliance, and saving time and resources12.
The other options are not automation techniques that can streamline account creation:
Guard rail script: This is a script that monitors and enforces the security policies and rules on a system or a network. A guard rail script can help to prevent unauthorized or malicious actions, such as changing security settings, accessing restricted resources, or installing unwanted software3.
Ticketing workflow: This is a process that tracks and manages the requests, issues, or incidents that are reported by users or customers. A ticketing workflow can help to improve the communication, collaboration, and resolution of problems, but it does not automate the account creation process4.
Escalation script: This is a script that triggers an alert or a notification when a certain condition or threshold is met or exceeded. An escalation script can help to inform the relevant parties or authorities of a critical situation, such as a security breach, a performance degradation, or a service
outage.
= 1: CompTIA Security+ SY0-701 Certification Study Guide, page 1022: User Provisioning C CompTIA Security+ SY0-701 C 5.1, video by Professor Messer3: CompTIA Security+ SY0-701 Certification Study Guide, page 1034: CompTIA Security+ SY0-701 Certification Study Guide, page 104.: CompTIA Security+ SY0-701 Certification Study Guide, page 105.
Question #199
While reviewing a recent compromise, a forensics team discovers that there are hard-coded credentials in the database connection strings.
Which of the following assessment types should be performed during software development to prevent this from reoccurring?
- A . Vulnerability scan
- B . Penetration test
- C . Static analysis
- D . Quality assurance
Correct Answer: C
C
Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
Static analysis, also known as Static Application Security Testing (SAST), analyzes source code without executing it to identify security weaknesses such as hard-coded passwords, insecure API calls, and improper credential handling. This aligns exactly with the issue described―credentials embedded directly in code.
CompTIA Security+ SY0-701 stresses that secure software development practices must include automated static code analysis tools that scan for credential exposure, insecure dependencies, injection risks, and coding standards violations. Static analysis detects these issues early in the SDLC, long before deployment.
A vulnerability scan (A) examines running systems, not source code. A penetration test (B) actively exploits vulnerabilities but cannot reliably detect embedded secrets. Quality assurance (D) checks functional requirements, not security flaws in code.
Therefore, static analysis is the correct and most effective assessment to prevent reoccurrence of hard-coded credentials in software systems.
C
Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
Static analysis, also known as Static Application Security Testing (SAST), analyzes source code without executing it to identify security weaknesses such as hard-coded passwords, insecure API calls, and improper credential handling. This aligns exactly with the issue described―credentials embedded directly in code.
CompTIA Security+ SY0-701 stresses that secure software development practices must include automated static code analysis tools that scan for credential exposure, insecure dependencies, injection risks, and coding standards violations. Static analysis detects these issues early in the SDLC, long before deployment.
A vulnerability scan (A) examines running systems, not source code. A penetration test (B) actively exploits vulnerabilities but cannot reliably detect embedded secrets. Quality assurance (D) checks functional requirements, not security flaws in code.
Therefore, static analysis is the correct and most effective assessment to prevent reoccurrence of hard-coded credentials in software systems.
Question #200
Which of the following is a benefit of launching a bug bounty program? (Select two)
- A . Transference of risk to a third party
- B . Reduction in the number of zero-day vulnerabilities
- C . Increased security awareness for the workforce
- D . Reduced cost of managing the program
- E . Quicker discovery of vulnerabilities
- F . Improved patch management process
Correct Answer: B,E
B,E
Explanation:
Bug bounty programs invite vetted external researchers to report software vulnerabilities in exchange for rewards.
According to Security+ SY0-701, two major benefits are:
(1) Reduction in the number of zero-day vulnerabilities (B) C Ethical hackers can discover unknown vulnerabilities before malicious attackers do. These vulnerabilities are often zero-days because they
are unknown to vendors at the time of discovery. Bug bounty programs surface these issues early, helping organizations mitigate severe risks proactively.
(2) Quicker discovery of vulnerabilities (E) C A distributed network of global security researchers can identify vulnerabilities far faster than an internal team alone. This accelerates detection, increases coverage, and lowers attacker dwell time.
Option A (Transference of risk) is incorrect because bug bounties do not transfer risk―they help identify vulnerabilities. C (Security awareness) relates to internal training, not bug bounties. D (Reduced cost) is misleading; bug bounties can be expensive depending on payout structure. F (Patch management) does not directly improve through bug bounty programs.
Therefore, the correct benefits are B and E.
B,E
Explanation:
Bug bounty programs invite vetted external researchers to report software vulnerabilities in exchange for rewards.
According to Security+ SY0-701, two major benefits are:
(1) Reduction in the number of zero-day vulnerabilities (B) C Ethical hackers can discover unknown vulnerabilities before malicious attackers do. These vulnerabilities are often zero-days because they
are unknown to vendors at the time of discovery. Bug bounty programs surface these issues early, helping organizations mitigate severe risks proactively.
(2) Quicker discovery of vulnerabilities (E) C A distributed network of global security researchers can identify vulnerabilities far faster than an internal team alone. This accelerates detection, increases coverage, and lowers attacker dwell time.
Option A (Transference of risk) is incorrect because bug bounties do not transfer risk―they help identify vulnerabilities. C (Security awareness) relates to internal training, not bug bounties. D (Reduced cost) is misleading; bug bounties can be expensive depending on payout structure. F (Patch management) does not directly improve through bug bounty programs.
Therefore, the correct benefits are B and E.