Practice Free SY0-701 Exam Online Questions
A security analyst is examining a penetration test report and notices that the tester pivoted to critical internal systems with the same local user ID and password.
Which of the following would help prevent this in the future?
- A . Implement centralized authentication with proper password policies
- B . Add password complexity rules and increase password history limits
- C . Connect the systems to an external authentication server
- D . Limit the ability of user accounts to change passwords
A
Explanation:
Centralized authentication (such as Active Directory or LDAP) combined with proper password policies helps prevent the reuse of the same local credentials across multiple systems, reducing the risk of lateral movement during attacks like credential reuse or pass-the-hash.
Reference: CompTIA Security+ SY0-701 Official Study Guide, Domain 3.1: "Centralized authentication and strong password policies reduce risks associated with local account reuse."
Exam Objectives 3.1: “Implement secure network architecture concepts.”
An enterprise security team is researching a new security architecture to better protect the company’s networks and applications against the latest cyberthreats. The company has a fully remote workforce. The solution should be highly redundant and enable users to connect to a VPN with an integrated, software-based firewall.
Which of the following solutions meets these requirements?
- A . IPS
- B . SIEM
- C . SASE
- D . CASB
An organization wants a third-party vendor to do a penetration test that targets a specific device. The organization has provided basic information about the device.
Which of the following best describes this kind of penetration test?
- A . Partially known environment
- B . Unknown environment
- C . Integrated
- D . Known environment
A
Explanation:
A partially known environment is a type of penetration test where the tester has some information about the target, such as the IP address, the operating system, or the device type. This can help the tester focus on specific vulnerabilities and reduce the scope of the test. A partially known environment is also called a gray box test1.
: CompTIA Security+ Certification Kit: Exam SY0-701, 7th Edition, Chapter 10, page 543.
Which of the following best describe why a process would require a two-person integrity security control?
- A . To Increase the chance that the activity will be completed in half of the time the process would take only one user to complete
- B . To permit two users from another department to observe the activity that is being performed by an authorized user
- C . To reduce the risk that the procedures are performed incorrectly or by an unauthorized user
- D . To allow one person to perform the activity while being recorded on the CCTV camera
C
Explanation:
A two-person integrity security control is implemented to minimize the risk of errors or unauthorized actions. This control ensures that at least two individuals are involved in critical operations, which helps to verify the accuracy of the process and prevents unauthorized users from acting alone. It’s a security measure commonly used in sensitive operations, like financial transactions or access to critical systems, to ensure accountability and accuracy.
CompTIA Security+ SY0-701 Course Content: Domain 05 Security Program Management and Oversight.
CompTIA Security+ SY0-601 Study Guide: Chapter on Security Operations and Management.
A malicious update was distributed to a common software platform and disabled services at many organizations.
Which of the following best describes this type of vulnerability?
- A . DDoS attack
- B . Rogue employee
- C . Insider threat
- D . Supply chain
A company discovers suspicious transactions that were entered into the company’s database and attached to a user account that was created as a trap for malicious activity.
Which of the following is the user account an example of?
- A . Honeytoken
- B . Honeynet
- C . Honeypot
- D . Honeyfile
C
Explanation:
A honeypot is a decoy system or account designed to attract attackers and detect malicious activity.
Creating a user account as a trap fits this definition.
Honeytoken (A) is a decoy data element, honeynet (B) is a network of honeypots, and honey file (D) is a decoy file.
Honeypots are important tools in Security Operations and incident detection 【 6:Chapter 14†CompTIA Security+ Study Guide 】
Which of the following is most likely associated with introducing vulnerabilities on a corporate network by the deployment of unapproved software?
- A . Hacktivists
- B . Script kiddies
- C . Competitors
- D . Shadow IT
D
Explanation:
Shadow IT refers to the use of information technology systems, devices, software, applications, and services without explicit IT department approval. This is the most likely cause of introducing vulnerabilities on a corporate network by deploying unapproved software, as such software may not have been vetted for security compliance, increasing the risk of vulnerabilities.
CompTIA Security+ SY0-701 Course Content: The concept of Shadow IT is discussed as a significant risk due to the introduction of unapproved and potentially vulnerable software into the corporate network.
A vendor salesperson is a personal friend of a company’s Chief Financial Officer (CFO). The company recently made a large purchase from the vendor, which was directly approved by the CFO.
Which of the following best describes this situation?
- A . Rules of engagement
- B . Conflict of interest
- C . Due diligence
- D . Contractual impact
- E . Reputational damage
B
Explanation:
A conflict of interest (B)arises when personal relationships or interests could potentially influence professional decisions. In this case, the CFO’s friendship with the vendor could improperly affect the procurement decision-making process.
This scenario falls under Domain 5.3: Explain the importance of frameworks, policies, procedures, and controls―specifically under “Personnel policies (e.g., conflict of interest, mandatory vacations, job rotation).”
Reference: CompTIA Security+ SY0-701 Objectives, Domain 5.3 C “Personnel policies: Conflict of interest.”
When trying to access an internal website, an employee reports that a prompt displays, stating that the site is insecure.
Which of the following certificate types is the site most likely using?
- A . Wildcard
- B . Root of trust
- C . Third-party
- D . Self-signed
An attacker posing as the Chief Executive Officer calls an employee and instructs the employee to buy gift cards.
Which of the following techniques is the attacker using?
- A . Smishing
- B . Disinformation
- C . Impersonating
- D . Whaling
D
Explanation:
Whaling is a type of phishing attack that targets high-profile individuals, such as executives, celebrities, or politicians. The attacker impersonates someone with authority or influence and tries to trick the victim into performing an action, such as transferring money, revealing sensitive information, or clicking on a malicious link. Whaling is also called CEO fraud or business email compromise2.
: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 3, page 97.