Practice Free SY0-701 Exam Online Questions
Which of the following activities are associated with vulnerability management? (Select two).
- A . Reporting
- B . Prioritization
- C . Exploiting
- D . Correlation
- E . Containment
- F . Tabletop exercise
An organization has recently decided to implement SSO. The requirements are to leverage access tokens and focus on application authorization rather than user authentication.
Which of the following solutions would the engineering team most likely configure?
- A . LDAP
- B . Federation
- C . SAML
- D . OAuth
A security administrator is reissuing a former employee’s laptop.
Which of the following is the best combination of data handling activities for the administrator to perform? (Select two).
- A . Data retention
- B . Certification
- C . Tokenization
- D . Classification
- E . Sanitization
- F . Enumeration
A security administrator recently reset local passwords and the following values were recorded in the system:
Which of the following in the security administrator most likely protecting against?
- A . Account sharing
- B . Weak password complexity
- C . Pass-the-hash attacks
- D . Password compromise
A Chief Information Security Officer wants to monitor the company’s servers for SQLi attacks and
allow for comprehensive investigations if an attack occurs. The company uses SSL decryption to allow traffic monitoring.
Which of the following strategies would best accomplish this goal?
- A . Logging all NetFlow traffic into a SIEM
- B . Deploying network traffic sensors on the same subnet as the servers
- C . Logging endpoint and OS-specific security logs
- D . Enabling full packet capture for traffic entering and exiting the servers
D
Explanation:
Full packet capture is a technique that records all network traffic passing through a device, such as a router or firewall. It allows for detailed analysis and investigation of network events, such as SQLi attacks, by providing the complete content and context of the packets. Full packet capture can help identify the source, destination, payload, and timing of an SQLi attack, as well as the impact on the server and database. Logging NetFlow traffic, network traffic sensors, and endpoint and OS-specific security logs can provide some information about network activity, but they do not capture the full content of the packets, which may limit the scope and depth of the investigation.
Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 372-373
A company is redesigning its infrastructure and wants to reduce the number of physical servers in use.
Which of the following architectures is best suited for this goal?
- A . Isolation
- B . Segmentation
- C . Virtualization
- D . Redundancy
A company is aware of a given security risk related to a specific market segment. The business chooses not to accept responsibility and target their services to a different market segment.
Which of the following describes this risk management strategy?
- A . Exemption
- B . Exception
- C . Avoid
- D . Transfer
C
Explanation:
Detailed Avoidance involves choosing not to engage in activities or markets where certain risks are present. This is a proactive approach to risk management.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: "Risk Management Strategies".
Which of the following would be the greatest concern for a company that is aware of the consequences of non-compliance with government regulations?
- A . Right to be forgotten
- B . Sanctions
- C . External compliance reporting
- D . Attestation
B
Explanation:
Detailed
Sanctions imposed for non-compliance can include fines, legal actions, and loss of business licenses. These pose a significant financial and reputational risk to organizations.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: "Regulatory Compliance Risks".
Malware spread across a company’s network after an employee visited a compromised industry blog.
Which of the following best describes this type of attack?
- A . Impersonation
- B . Disinformation
- C . Watering-hole
- D . Smishing
C
Explanation:
A watering-hole attack is a type of cyberattack that targets groups of users by infecting websites that they commonly visit. The attackers exploit vulnerabilities to deliver a malicious payload to the organization’s network. The attack aims to infect users’ computers and gain access to a connected corporate network. The attackers target websites known to be popular among members of a particular organization or demographic. The attack differs from phishing and spear-phishing attacks, which typically attempt to steal data or install malware onto users’ devices1
In this scenario, the compromised industry blog is the watering hole that the attackers used to spread malware across the company’s network. The attackers likely chose this blog because they knew that the employees of the company were interested in its content and visited it frequently. The attackers may have injected malicious code into the blog or redirected the visitors to a spoofed website that hosted the malware. The malware then infected the employees’ computers and propagated to the network.
Reference1: Watering Hole Attacks: Stages, Examples, Risk Factors & Defense …
When trying to access an internal website, an employee reports that a prompt displays, stating that the site is insecure.
Which of the following certificate types is the site most likely using?
- A . Wildcard
- B . Root of trust
- C . Third-party
- D . Self-signed