Practice Free SY0-701 Exam Online Questions
Question #31
Which of the following mitigation techniques would a security analyst most likely use to avoid bloatware on devices?
- A . Disabled ports/protocols
- B . Application allow list
- C . Default password changes
- D . Access control permissions
Correct Answer: B
B
Explanation:
Application allow listing is the most effective technique to prevent bloatware, unauthorized software, or unnecessary applications from running on devices. Allow lists work by permitting only pre-approved, trusted applications to execute, blocking everything else by default. This is a recommended best practice in Security+ SY0-701 for reducing attack surface, preventing malware, and maintaining lean, hardened system images.
Bloatware often comes pre-installed on devices or is unintentionally installed by users. An allow list ensures only authorized applications required for business functions can run, thereby eliminating bloatware risks.
Disabling ports/protocols (A) hardens network access but does not prevent software installation. Default password changes (C) improve authentication security but are unrelated to software control. Access control permissions (D) restrict who can access what but do not prevent installation of unnecessary apps.
Thus, the correct answer is B: Application allow list.
B
Explanation:
Application allow listing is the most effective technique to prevent bloatware, unauthorized software, or unnecessary applications from running on devices. Allow lists work by permitting only pre-approved, trusted applications to execute, blocking everything else by default. This is a recommended best practice in Security+ SY0-701 for reducing attack surface, preventing malware, and maintaining lean, hardened system images.
Bloatware often comes pre-installed on devices or is unintentionally installed by users. An allow list ensures only authorized applications required for business functions can run, thereby eliminating bloatware risks.
Disabling ports/protocols (A) hardens network access but does not prevent software installation. Default password changes (C) improve authentication security but are unrelated to software control. Access control permissions (D) restrict who can access what but do not prevent installation of unnecessary apps.
Thus, the correct answer is B: Application allow list.
Question #32
In which of the following scenarios is tokenization the best privacy technique 10 use?
- A . Providing pseudo-anonymization tor social media user accounts
- B . Serving as a second factor for authentication requests
- C . Enabling established customers to safely store credit card Information
- D . Masking personal information inside databases by segmenting data
Correct Answer: C
C
Explanation:
Tokenization is a process that replaces sensitive data, such as credit card information, with a non-sensitive equivalent (token) that can be used in place of the actual data. This technique is particularly useful in securely storing payment information because the token can be safely stored and transmitted without exposing the original credit card number.
CompTIA Security+ SY0-701 Course Content: Domain 03 Security Architecture.
CompTIA Security+ SY0-601 Study Guide: Chapter on Cryptography and Data Protection.
C
Explanation:
Tokenization is a process that replaces sensitive data, such as credit card information, with a non-sensitive equivalent (token) that can be used in place of the actual data. This technique is particularly useful in securely storing payment information because the token can be safely stored and transmitted without exposing the original credit card number.
CompTIA Security+ SY0-701 Course Content: Domain 03 Security Architecture.
CompTIA Security+ SY0-601 Study Guide: Chapter on Cryptography and Data Protection.
Question #33
Which of the following objectives is best achieved by a tabletop exercise?
- A . Familiarizing participants with the incident response process
- B . Deciding red and blue team rules of engagement
- C . Quickly determining the impact of an actual security breach
- D . Conducting multiple security investigations in parallel
Correct Answer: A
A
Explanation:
A tabletop exercise is a discussion-based simulation where incident response (IR) team members walk through hypothetical security scenarios to understand roles, responsibilities, escalation paths, and communication processes. According to Security+ SY0-701, tabletop exercises are ideal for familiarizing participants with the incident response process and improving organizational readiness without the pressure or resource demands of full-scale simulations.
These exercises highlight:
IR workflow clarity
Decision-making processes
Coordination between technical and non-technical teams
Communication procedures
Identification of gaps in policies or documentation
Option B (rules of engagement) is part of penetration testing planning, not tabletop exercises.
Option C refers to real breach analysis, not simulations.
Option D refers to forensic operations, not tabletop objectives.
Thus, A is correct.
A
Explanation:
A tabletop exercise is a discussion-based simulation where incident response (IR) team members walk through hypothetical security scenarios to understand roles, responsibilities, escalation paths, and communication processes. According to Security+ SY0-701, tabletop exercises are ideal for familiarizing participants with the incident response process and improving organizational readiness without the pressure or resource demands of full-scale simulations.
These exercises highlight:
IR workflow clarity
Decision-making processes
Coordination between technical and non-technical teams
Communication procedures
Identification of gaps in policies or documentation
Option B (rules of engagement) is part of penetration testing planning, not tabletop exercises.
Option C refers to real breach analysis, not simulations.
Option D refers to forensic operations, not tabletop objectives.
Thus, A is correct.
Question #34
A systems administrator is concerned users are accessing emails through a duplicate site that is not run by the company.
Which of the following is used in this scenario?
- A . Impersonation
- B . Replication
- C . Phishing
- D . Smishing
Correct Answer: A
Question #35
The Cruel Information Security Officer (CISO) asks a security analyst to install an OS update to a production VM that has a 99% uptime SLA. The CISO tells me analyst the installation must be done as quickly as possible.
Which of the following courses of action should the security analyst take first?
- A . Log in to the server and perform a health check on the VM.
- B . Install the patch Immediately.
- C . Confirm that the backup service is running.
- D . Take a snapshot of the VM.
Correct Answer: D
D
Explanation:
Before applying any updates or patches to a production VM, especially one with a 99% uptime SLA, it is crucial to first take a snapshot of the VM. This snapshot serves as a backup that can be quickly restored in case the update causes any issues, ensuring that the system can be returned to its previous state without violating the SLA. This step mitigates risk and is a standard best practice in change management for critical systems.
= CompTIA Security+ SY0-701 study materials, focusing on change management and backup strategies.
D
Explanation:
Before applying any updates or patches to a production VM, especially one with a 99% uptime SLA, it is crucial to first take a snapshot of the VM. This snapshot serves as a backup that can be quickly restored in case the update causes any issues, ensuring that the system can be returned to its previous state without violating the SLA. This step mitigates risk and is a standard best practice in change management for critical systems.
= CompTIA Security+ SY0-701 study materials, focusing on change management and backup strategies.
Question #36
An organization would like to store customer data on a separate part of the network that is not accessible to users on the main corporate network.
Which of the following should the administrator use to accomplish this goal?
- A . Segmentation
- B . Isolation
- C . Patching
- D . Encryption
Correct Answer: A
A
Explanation:
Segmentation is a network design technique that divides the network into smaller and isolated segments based on logical or physical boundaries. Segmentation can help improve network security by limiting the scope of an attack, reducing the attack surface, and enforcing access control policies. Segmentation can also enhance network performance, scalability, and manageability. To accomplish the goal of storing customer data on a separate part of the network, the administrator can use segmentation technologies such as subnetting, VLANs, firewalls, routers, or switches.: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 308-309 1
A
Explanation:
Segmentation is a network design technique that divides the network into smaller and isolated segments based on logical or physical boundaries. Segmentation can help improve network security by limiting the scope of an attack, reducing the attack surface, and enforcing access control policies. Segmentation can also enhance network performance, scalability, and manageability. To accomplish the goal of storing customer data on a separate part of the network, the administrator can use segmentation technologies such as subnetting, VLANs, firewalls, routers, or switches.: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 308-309 1
Question #37
A company receives an alert that a widely used network device vendor has been banned by the government.
What will general counsel most likely be concerned with during hardware refresh?
- A . Sanctions
- B . Data sovereignty
- C . Cost of replacement
- D . Loss of license
Correct Answer: A
A
Explanation:
When the government bans a vendor, the legal concern is sanctions―laws that restrict purchasing, using, or importing products from certain companies or countries. The general counsel’s job is to ensure the organization is not violating federal restrictions, export controls, trade compliance laws, or sanctions lists such as OFAC or government procurement bans.
Security+ SY0-701 notes that legal and regulatory compliance is a critical part of risk management, especially when handling prohibited vendors or technologies. Continued use of banned devices could expose the organization to legal penalties, fines, or federal investigation.
Data sovereignty (B) refers to data storage location laws, not hardware bans. Cost of replacement (C) is an operational concern, not a legal one. Loss of license (D) typically applies to software, not network hardware.
Therefore, the general counsel’s primary concern is A: Sanctions.
A
Explanation:
When the government bans a vendor, the legal concern is sanctions―laws that restrict purchasing, using, or importing products from certain companies or countries. The general counsel’s job is to ensure the organization is not violating federal restrictions, export controls, trade compliance laws, or sanctions lists such as OFAC or government procurement bans.
Security+ SY0-701 notes that legal and regulatory compliance is a critical part of risk management, especially when handling prohibited vendors or technologies. Continued use of banned devices could expose the organization to legal penalties, fines, or federal investigation.
Data sovereignty (B) refers to data storage location laws, not hardware bans. Cost of replacement (C) is an operational concern, not a legal one. Loss of license (D) typically applies to software, not network hardware.
Therefore, the general counsel’s primary concern is A: Sanctions.
Question #38
Which of the following would enable a data center to remain operational through a multiday power outage?
- A . Generator
- B . Uninterruptible power supply
- C . Replication
- D . Parallel processing
Correct Answer: A
Question #39
A penetration tester was able to gain unauthorized access to a hypervisor platform.
Which of the following vulnerabilities was most likely exploited?
- A . Cross-site scripting
- B . SQL injection
- C . Race condition
- D . VM escape
Correct Answer: D
D
Explanation:
VM escape is a vulnerability where an attacker breaks out of a virtual machine guest environment to access the host hypervisor, gaining control over other guests or the host system itself.
Cross-site scripting (A) and SQL injection (B) are application-layer attacks. Race condition (C) is a timing-related vulnerability.
VM escape is a critical threat in virtualized environments discussed under Threats and Vulnerabilities in SY0-701 【 6:Chapter 2†CompTIA Security+ Study Guide 】 .
D
Explanation:
VM escape is a vulnerability where an attacker breaks out of a virtual machine guest environment to access the host hypervisor, gaining control over other guests or the host system itself.
Cross-site scripting (A) and SQL injection (B) are application-layer attacks. Race condition (C) is a timing-related vulnerability.
VM escape is a critical threat in virtualized environments discussed under Threats and Vulnerabilities in SY0-701 【 6:Chapter 2†CompTIA Security+ Study Guide 】 .
Question #40
While considering the organization’s cloud-adoption strategy, the Chief Information Security Officer sets a goal to outsource patching of firmware, operating systems, and applications to the chosen cloud vendor.
Which of the following best meets this goal?
- A . Community cloud
- B . PaaS
- C . Containerization
- D . Private cloud
- E . SaaS
- F . laaS
Correct Answer: E
E
Explanation:
Software as a Service (SaaS) is the cloud model that best meets the goal of outsourcing the management, including patching, of firmware, operating systems, and applications to the cloud vendor. In a SaaS environment, the cloud provider is responsible for maintaining and updating the entire software stack, allowing the organization to focus on using the software rather than managing its infrastructure.
= CompTIA Security+ SY0-701 study materials, particularly the domains related to cloud security models.
E
Explanation:
Software as a Service (SaaS) is the cloud model that best meets the goal of outsourcing the management, including patching, of firmware, operating systems, and applications to the cloud vendor. In a SaaS environment, the cloud provider is responsible for maintaining and updating the entire software stack, allowing the organization to focus on using the software rather than managing its infrastructure.
= CompTIA Security+ SY0-701 study materials, particularly the domains related to cloud security models.