Practice Free SY0-701 Exam Online Questions
Which of the following is the best safeguard to protect against an extended power failure?
- A . Off-site backups
- B . Batteries
- C . Uninterruptible power supplies
- D . Generators
D
Explanation:
For extended power failures, the best safeguard is a generator. CompTIA Security+ SY0-701 emphasizes that generators are designed to provide long-term, sustained power, unlike UPS systems, which only supply temporary emergency power.
Generators ensure that critical operations―including data centers, communication systems, and security infrastructure―stay online for hours or days, depending on fuel capacity. This matches the requirement for mitigating “extended” outages.
UPS units (C) protect against short-term outages and provide time for graceful shutdown or generator startup, but cannot support prolonged power consumption. Batteries (B) provide the least protection and run out quickly. Off-site backups (A) do not maintain operational continuity; they simply preserve data.
Disaster recovery and business continuity planning in SY0-701 highlights generators as essential components for maintaining availability, a core principle of the CIA triad. Generators prevent downtime, maintain productivity, and keep essential systems functioning throughout prolonged outages, making D the best answer.
A remote employee navigates to a shopping website on their company-owned computer. The employee clicks a link that contains a malicious file.
Which of the following would prevent this file from downloading?
- A . DLP
- B . FIM
- C . NAC
- D . EDR
D
Explanation:
EDR (Endpoint Detection and Response) solutions monitor endpoint activities in real-time and can prevent malicious files from being downloaded or executed by detecting suspicious behaviors. In this case, EDR would block the download or alert the security team.
DLP (Data Loss Prevention) prevents unauthorized data exfiltration rather than blocking malware downloads. FIM (File Integrity Monitoring) tracks changes to files but doesn’t prevent downloads. NAC (Network Access Control) controls device access to the network but does not directly block file downloads.
EDR’s proactive blocking capabilities are covered under the Security Operations domain in SY0-701 【 6:Chapter 11†CompTIA Security+ Study Guide 】 .
A security administrator is addressing an issue with a legacy system that communicates data using an unencrypted protocol to transfer sensitive data to a third party. No software updates that use an encrypted protocol are available, so a compensating control is needed.
Which of the following are the most appropriate for the administrator to suggest? (Select two.)
- A . Tokenization
- B . Cryptographic downgrade
- C . SSH tunneling
- D . Segmentation
- E . Patch installation
- F . Data masking
C,D
Explanation:
Detailed SSH tunneling can secure the unencrypted protocol by encapsulating traffic in an encrypted tunnel. Segmentation isolates the legacy system, reducing the risk of unauthorized access.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 2: Threats, Section: "Compensating Controls for Legacy Systems".
A security analyst is prioritizing vulnerability scan results using a risk-based approach.
Which of the following is the most efficient resource for the analyst to use?
- A . Business impact analysis
- B . Common Vulnerability Scoring System
- C . Risk register
- D . Exposure factor
B
Explanation:
The Common Vulnerability Scoring System (CVSS)is a standardized framework for assessing the severity of vulnerabilities. It provides a numerical score (0-10) based on factors such as exploitability, impact, and complexity, helping security analysts prioritize remediation efforts based on risk. Business impact analysis (A)helps identify critical business functions but does not specifically prioritize vulnerabilities.
Risk register (C)tracks identified risks but does not classify vulnerabilities.
Exposure factor (D)is used in quantitative risk assessment but is not an industry standard for vulnerability prioritization.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Risk Management domain.
Which of the following data states applies to data that is being actively processed by a database server?
- A . In use
- B . At rest
- C . In transit
- D . Being hashed
Which of the following phases of the incident response process attempts to minimize disruption?
- A . Recovery
- B . Containment
- C . Preparation
- D . Analysis
B
Explanation:
Containment is the phase where an organization attempts to minimize the damage caused by a security incident. This may involve isolating affected systems, blocking malicious traffic, or temporarily shutting down compromised services to prevent further impact.
Recovery (A)focuses on restoring normal operations after an incident.
Preparation (C) involves planning and readiness before an incident occurs.
Analysis (D) involves investigating the root cause and assessing the damage.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Security Operations domain.
A government worker secretly copies classified files that contain defense tactics information to an external drive. The government worker then gives the external drive to a corrupt organization.
Which of the following best describes the motivation of the worker?
- A . Espionage
- B . Data exfiltration
- C . Financial gain
- D . Blackmail
A
Explanation:
The act described is espionage, where classified information is stolen and provided to adversaries or unauthorized parties, usually for political, military, or strategic advantage.
Data exfiltration (B) is the technical act of stealing data but doesn’t specify motivation. Financial gain (C) or blackmail (D) could be motivations but are not clearly indicated here.
Espionage is a classic threat actor motivation outlined in the Threats domain 【 6:Chapter 2†CompTIA Security+ Study Guide 】 .
Which of the following security concepts is being followed when implementing a product that offers protection against DDoS attacks?
- A . Availability
- B . Non-repudiation
- C . Integrity
- D . Confidentiality
A security consultant is working with a client that wants to physically isolate its secure systems.
Which of the following best describes this architecture?
- A . SDN
- B . Air gapped
- C . Containerized
- D . Highly available
An analyst is evaluating the implementation of Zero Trust principles within the data plane.
Which of the following would be most relevant for the analyst to evaluate?
- A . Secured zones
- B . Subject role
- C . Adaptive identity
- D . Threat scope reduction
D
Explanation:
The data plane, also known as the forwarding plane, is the part of the network that carries user traffic and data. It is responsible for moving packets from one device to another based on the routing and switching decisions made by the control plane. The data plane is a critical component of the Zero Trust architecture, as it is where most of the attacks and breaches occur. Therefore, implementing Zero Trust principles within the data plane can help to improve the security and resilience of the network.
One of the key principles of Zero Trust is to assume breach and minimize the blast radius and segment access. This means that the network should be divided into smaller and isolated segments or zones, each with its own security policies and controls. This way, if one segment is compromised, the attacker cannot easily move laterally to other segments and access more resources or data. This principle is also known as threat scope reduction, as it reduces the scope and impact of a potential threat.
The other options are not as relevant for the data plane as threat scope reduction. Secured zones are a concept related to the control plane, which is the part of the network that makes routing and switching decisions. Subject role is a concept related to the identity plane, which is the part of the network that authenticates and authorizes users and devices. Adaptive identity is a concept related to the policy plane, which is the part of the network that defines and enforces the security policies and rules.
= https://bing.com/search?q=Zero+Trust+data+plane https://learn.microsoft.com/en-us/security/zero-trust/deploy/data