Practice Free SY0-701 Exam Online Questions
Question #71
Various company stakeholders meet to discuss roles and responsibilities in the event of a security breach affecting offshore offices.
Which of the following is this an example of?
- A . Tabletop exercise
- B . Penetration test
- C . Geographic dispersion
- D . Incident response
Correct Answer: A
A
Explanation:
Detailed
A tabletop exercise is a discussion-based activity where stakeholders simulate a security breach scenario to identify gaps in response plans and clarify roles and responsibilities.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: "Incident Response Planning and Exercises".
A
Explanation:
Detailed
A tabletop exercise is a discussion-based activity where stakeholders simulate a security breach scenario to identify gaps in response plans and clarify roles and responsibilities.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: "Incident Response Planning and Exercises".
Question #72
Attackers created a new domain name that looks similar to a popular file-sharing website.
Which of the following threat vectors is being used?
- A . Watering-hole attack
- B . Brand impersonation
- C . Phishing
- D . Typo squatting
Correct Answer: D
D
Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
The scenario describes attackers registering a similar-looking domain to trick users into visiting a malicious site. This matches the definition of typo squatting, also known as URL hijacking or domain spoofing. Typo squatting relies on users mistyping legitimate URLs or failing to notice slight visual differences (e.g., “dropbx.com” instead of “dropbox.com”). Attackers use these domains to distribute malware, steal credentials, or redirect users to phishing pages.
Watering-hole attacks (A) infect legitimate websites frequented by a specific target group, which does not match this scenario. Brand impersonation (B) involves mimicking a company’s identity― often combined with email phishing―but the question specifically mentions creating a similar-looking domain, which is characteristic of typo squatting. Phishing (C) may use these malicious domains, but phishing is a broader social-engineering attack, whereas typo squatting precisely describes the domain manipulation technique.
Security+ SY0-701 emphasizes typo squatting under Social Engineering & Web-based Threats, highlighting how attackers exploit user errors to redirect traffic to malicious destinations. Reducing this risk involves user training, DNS filtering, domain monitoring, and certificate validation.
D
Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
The scenario describes attackers registering a similar-looking domain to trick users into visiting a malicious site. This matches the definition of typo squatting, also known as URL hijacking or domain spoofing. Typo squatting relies on users mistyping legitimate URLs or failing to notice slight visual differences (e.g., “dropbx.com” instead of “dropbox.com”). Attackers use these domains to distribute malware, steal credentials, or redirect users to phishing pages.
Watering-hole attacks (A) infect legitimate websites frequented by a specific target group, which does not match this scenario. Brand impersonation (B) involves mimicking a company’s identity― often combined with email phishing―but the question specifically mentions creating a similar-looking domain, which is characteristic of typo squatting. Phishing (C) may use these malicious domains, but phishing is a broader social-engineering attack, whereas typo squatting precisely describes the domain manipulation technique.
Security+ SY0-701 emphasizes typo squatting under Social Engineering & Web-based Threats, highlighting how attackers exploit user errors to redirect traffic to malicious destinations. Reducing this risk involves user training, DNS filtering, domain monitoring, and certificate validation.
Question #73
A company is concerned about weather events causing damage to the server room and downtime.
Which of the following should the company consider?
- A . Clustering servers
- B . Geographic dispersion
- C . Load balancers
- D . Off-site backups
Correct Answer: B
B
Explanation:
Geographic dispersion is a strategy that involves distributing the servers or data centers across different geographic locations. Geographic dispersion can help the company to mitigate the risk of weather events causing damage to the server room and downtime, as well as improve the availability, performance, and resilience of the network. Geographic dispersion can also enhance the disaster recovery and business continuity capabilities of the company, as it can provide backup and failover options in case of a regional outage or disruption12.
The other options are not the best ways to address the company’s concern:
Clustering servers: This is a technique that involves grouping multiple servers together to act as a single system. Clustering servers can help to improve the performance, scalability, and fault tolerance of the network, but it does not protect the servers from physical damage or downtime caused by weather events, especially if the servers are located in the same room or building3.
Load balancers: These are devices or software that distribute the network traffic or workload among multiple servers or resources. Load balancers can help to optimize the utilization,efficiency, and reliability of the network, but they do not prevent the servers from being damaged or disrupted by weather events, especially if the servers are located in the same room or building4.
Off-site backups: These are copies of data or files that are stored in a different location than the
original source. Off-site backups can help to protect the data from being lost or corrupted by weather events, but they do not prevent the servers from being damaged or disrupted by weather events, nor do they ensure the availability or continuity of the network services.
= 1: CompTIA Security+ SY0-701 Certification Study Guide, page 972: High Availability C CompTIA Security+ SY0-701 C 3.4, video by Professor Messer3: CompTIA Security+ SY0-701 Certification Study Guide, page 984: CompTIA Security+ SY0-701 Certification Study Guide, page 99.: CompTIA Security+ SY0-701 Certification Study Guide, page 100.
B
Explanation:
Geographic dispersion is a strategy that involves distributing the servers or data centers across different geographic locations. Geographic dispersion can help the company to mitigate the risk of weather events causing damage to the server room and downtime, as well as improve the availability, performance, and resilience of the network. Geographic dispersion can also enhance the disaster recovery and business continuity capabilities of the company, as it can provide backup and failover options in case of a regional outage or disruption12.
The other options are not the best ways to address the company’s concern:
Clustering servers: This is a technique that involves grouping multiple servers together to act as a single system. Clustering servers can help to improve the performance, scalability, and fault tolerance of the network, but it does not protect the servers from physical damage or downtime caused by weather events, especially if the servers are located in the same room or building3.
Load balancers: These are devices or software that distribute the network traffic or workload among multiple servers or resources. Load balancers can help to optimize the utilization,efficiency, and reliability of the network, but they do not prevent the servers from being damaged or disrupted by weather events, especially if the servers are located in the same room or building4.
Off-site backups: These are copies of data or files that are stored in a different location than the
original source. Off-site backups can help to protect the data from being lost or corrupted by weather events, but they do not prevent the servers from being damaged or disrupted by weather events, nor do they ensure the availability or continuity of the network services.
= 1: CompTIA Security+ SY0-701 Certification Study Guide, page 972: High Availability C CompTIA Security+ SY0-701 C 3.4, video by Professor Messer3: CompTIA Security+ SY0-701 Certification Study Guide, page 984: CompTIA Security+ SY0-701 Certification Study Guide, page 99.: CompTIA Security+ SY0-701 Certification Study Guide, page 100.
Question #74
Which of the following agreements defines response time, escalation points, and performance metrics?
- A . BPA
- B . MOA
- C . NDA
- D . SLA
Correct Answer: D
D
Explanation:
A Service Level Agreement (SLA) defines the expectations between service providers and customers, including response times, escalation procedures, and performance metrics. It ensures accountability and measurable service quality.
BPA (Blanket Purchase Agreement) relates to purchasing terms, MOA (Memorandum of Agreement) outlines responsibilities but is less specific on performance, NDA (Non-Disclosure Agreement) covers confidentiality.
SLAs are key in Security Program Management for managing vendor and internal service expectations 【 6:Chapter 16†CompTIA Security+ Study Guide 】 .
D
Explanation:
A Service Level Agreement (SLA) defines the expectations between service providers and customers, including response times, escalation procedures, and performance metrics. It ensures accountability and measurable service quality.
BPA (Blanket Purchase Agreement) relates to purchasing terms, MOA (Memorandum of Agreement) outlines responsibilities but is less specific on performance, NDA (Non-Disclosure Agreement) covers confidentiality.
SLAs are key in Security Program Management for managing vendor and internal service expectations 【 6:Chapter 16†CompTIA Security+ Study Guide 】 .
Question #74
Which of the following agreements defines response time, escalation points, and performance metrics?
- A . BPA
- B . MOA
- C . NDA
- D . SLA
Correct Answer: D
D
Explanation:
A Service Level Agreement (SLA) defines the expectations between service providers and customers, including response times, escalation procedures, and performance metrics. It ensures accountability and measurable service quality.
BPA (Blanket Purchase Agreement) relates to purchasing terms, MOA (Memorandum of Agreement) outlines responsibilities but is less specific on performance, NDA (Non-Disclosure Agreement) covers confidentiality.
SLAs are key in Security Program Management for managing vendor and internal service expectations 【 6:Chapter 16†CompTIA Security+ Study Guide 】 .
D
Explanation:
A Service Level Agreement (SLA) defines the expectations between service providers and customers, including response times, escalation procedures, and performance metrics. It ensures accountability and measurable service quality.
BPA (Blanket Purchase Agreement) relates to purchasing terms, MOA (Memorandum of Agreement) outlines responsibilities but is less specific on performance, NDA (Non-Disclosure Agreement) covers confidentiality.
SLAs are key in Security Program Management for managing vendor and internal service expectations 【 6:Chapter 16†CompTIA Security+ Study Guide 】 .
Question #76
Which of the following is the primary purpose of a service that tracks log-ins and time spent using the service?
- A . Availability
- B . Accounting
- C . Authentication
- D . Authorization
Correct Answer: B
B
Explanation:
Accounting logs user activities such as log-ins and usage duration, which is part of the AAA framework (Authentication, Authorization, and Accounting).
B
Explanation:
Accounting logs user activities such as log-ins and usage duration, which is part of the AAA framework (Authentication, Authorization, and Accounting).
Question #77
Which of the following control types is AUP an example of?
- A . Physical
- B . Managerial
- C . Technical
- D . Operational
Correct Answer: B
B
Explanation:
An Acceptable Use Policy (AUP) is an example of a managerial control. Managerial controls are policies and procedures that govern an organization’s operations, ensuring security through directives and rules. The AUP defines acceptable behavior and usage of company resources, setting guidelines for employees.
Physical controls refer to security measures like locks, fences, or security guards.
Technical controls involve security mechanisms such as firewalls or encryption.
Operational controls are procedures for maintaining security, such as backup and recovery plans.
B
Explanation:
An Acceptable Use Policy (AUP) is an example of a managerial control. Managerial controls are policies and procedures that govern an organization’s operations, ensuring security through directives and rules. The AUP defines acceptable behavior and usage of company resources, setting guidelines for employees.
Physical controls refer to security measures like locks, fences, or security guards.
Technical controls involve security mechanisms such as firewalls or encryption.
Operational controls are procedures for maintaining security, such as backup and recovery plans.
Question #78
A systems administrator is changing the password policy within an enterprise environment and wants this update implemented on all systems as quickly as possible.
Which of the following operating system security measures will the administrator most likely use?
- A . Deploying PowerShell scripts
- B . Pushing GPO update
- C . Enabling PAP
- D . Updating EDR profiles
Correct Answer: B
B
Explanation:
A group policy object (GPO) is a mechanism for applying configuration settings to computers and users in an Active Directory domain. By pushing a GPO update, the systems administrator can quickly and uniformly enforce the new password policy across all systems in the domain. Deploying PowerShell scripts, enabling PAP, and updating EDR profiles are not the most efficient or effective ways to change the password policy within an enterprise environment.: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 115; Password Policy – Windows Security
B
Explanation:
A group policy object (GPO) is a mechanism for applying configuration settings to computers and users in an Active Directory domain. By pushing a GPO update, the systems administrator can quickly and uniformly enforce the new password policy across all systems in the domain. Deploying PowerShell scripts, enabling PAP, and updating EDR profiles are not the most efficient or effective ways to change the password policy within an enterprise environment.: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 115; Password Policy – Windows Security
Question #79
A company decides to purchase an insurance policy.
Which of the following risk management strategies is this company implementing?
- A . Mitigate
- B . Accept
- C . Avoid
- D . Transfer
Correct Answer: D
D
Explanation:
Purchasing insurance is a classic example of risk transfer, where financial risk associated with potential losses is shifted to a third party (the insurer). This strategy does not eliminate the risk but moves the financial burden.
Mitigation (A) reduces risk impact or likelihood through controls, acceptance (B) involves acknowledging the risk without action, and avoidance (C) eliminates the risk by not engaging in the activity.
Risk transfer is a fundamental concept taught in the Risk Management domain of SY0-701 【 6:Chapter 17†CompTIA Security+ Study Guide 】 .
D
Explanation:
Purchasing insurance is a classic example of risk transfer, where financial risk associated with potential losses is shifted to a third party (the insurer). This strategy does not eliminate the risk but moves the financial burden.
Mitigation (A) reduces risk impact or likelihood through controls, acceptance (B) involves acknowledging the risk without action, and avoidance (C) eliminates the risk by not engaging in the activity.
Risk transfer is a fundamental concept taught in the Risk Management domain of SY0-701 【 6:Chapter 17†CompTIA Security+ Study Guide 】 .
Question #80
While reviewing a recent compromise, a forensics team discovers that there are hard-coded credentials in the database connection strings.
Which of the following assessment types should be performed during software development to prevent this from reoccurring?
- A . Vulnerability scan
- B . Penetration test
- C . Static analysis
- D . Quality assurance
Correct Answer: C
C
Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
Static analysis, also known as Static Application Security Testing (SAST), analyzes source code without executing it to identify security weaknesses such as hard-coded passwords, insecure API calls, and improper credential handling. This aligns exactly with the issue described―credentials embedded directly in code.
CompTIA Security+ SY0-701 stresses that secure software development practices must include automated static code analysis tools that scan for credential exposure, insecure dependencies, injection risks, and coding standards violations. Static analysis detects these issues early in the SDLC, long before deployment.
A vulnerability scan (A) examines running systems, not source code. A penetration test (B) actively exploits vulnerabilities but cannot reliably detect embedded secrets. Quality assurance (D) checks functional requirements, not security flaws in code.
Therefore, static analysis is the correct and most effective assessment to prevent reoccurrence of hard-coded credentials in software systems.
C
Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
Static analysis, also known as Static Application Security Testing (SAST), analyzes source code without executing it to identify security weaknesses such as hard-coded passwords, insecure API calls, and improper credential handling. This aligns exactly with the issue described―credentials embedded directly in code.
CompTIA Security+ SY0-701 stresses that secure software development practices must include automated static code analysis tools that scan for credential exposure, insecure dependencies, injection risks, and coding standards violations. Static analysis detects these issues early in the SDLC, long before deployment.
A vulnerability scan (A) examines running systems, not source code. A penetration test (B) actively exploits vulnerabilities but cannot reliably detect embedded secrets. Quality assurance (D) checks functional requirements, not security flaws in code.
Therefore, static analysis is the correct and most effective assessment to prevent reoccurrence of hard-coded credentials in software systems.