Practice Free SY0-701 Exam Online Questions
Question #211
A security analyst has determined that a security breach would have a financial impact of $15,000 and is expected to occur twice within a three-year period.
Which of the following is the ALE for this risk?
- A . $7,500
- B . $10,000
- C . $15,000
- D . $30,000
Correct Answer: B
Question #212
Which of the following is the best way to remove personal data from a social media account that is no longer being used?
- A . Exercise the right to be forgotten
- B . Uninstall the social media application
- C . Perform a factory reset
- D . Terminate the social media account
Correct Answer: A
A
Explanation:
Exercising the right to be forgotten involves formally requesting the social media provider to delete all personal data associated with the account, ensuring removal from their servers and backups in accordance with privacy regulations.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 5.4: "The right to be forgotten allows users to request deletion of personal data from a provider’s systems."
Exam Objectives 5.4: “Given a scenario, implement data security and privacy practices.”
A
Explanation:
Exercising the right to be forgotten involves formally requesting the social media provider to delete all personal data associated with the account, ensuring removal from their servers and backups in accordance with privacy regulations.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 5.4: "The right to be forgotten allows users to request deletion of personal data from a provider’s systems."
Exam Objectives 5.4: “Given a scenario, implement data security and privacy practices.”
Question #213
A company’s online shopping website became unusable shortly after midnight on January 30, 2023. When a security analyst reviewed the database server, the analyst noticed the following code used for backing up data:
Which of the following should the analyst do next?
- A . Check for recently terminated DBAs.
- B . Review WAF logs for evidence of command injection.
- C . Scan the database server for malware.
- D . Search the web server for ransomware notes.
Correct Answer: B
Question #214
Which of the following best describe why a process would require a two-person integrity security control?
- A . To Increase the chance that the activity will be completed in half of the time the process would take only one user to complete
- B . To permit two users from another department to observe the activity that is being performed by an authorized user
- C . To reduce the risk that the procedures are performed incorrectly or by an unauthorized user
- D . To allow one person to perform the activity while being recorded on the CCTV camera
Correct Answer: C
C
Explanation:
A two-person integrity security control is implemented to minimize the risk of errors or unauthorized actions. This control ensures that at least two individuals are involved in critical operations, which helps to verify the accuracy of the process and prevents unauthorized users from acting alone. It’s a security measure commonly used in sensitive operations, like financial transactions or access to critical systems, to ensure accountability and accuracy.
Reference =
CompTIA Security+ SY0-701 Course Content: Domain 05 Security Program Management and Oversight.
CompTIA Security+ SY0-601 Study Guide: Chapter on Security Operations and Management.
C
Explanation:
A two-person integrity security control is implemented to minimize the risk of errors or unauthorized actions. This control ensures that at least two individuals are involved in critical operations, which helps to verify the accuracy of the process and prevents unauthorized users from acting alone. It’s a security measure commonly used in sensitive operations, like financial transactions or access to critical systems, to ensure accountability and accuracy.
Reference =
CompTIA Security+ SY0-701 Course Content: Domain 05 Security Program Management and Oversight.
CompTIA Security+ SY0-601 Study Guide: Chapter on Security Operations and Management.