CompTIA SY0-701 Online Practice Questions and Exam Preparation

CompTIA SY0-701 Online Questions & Answers

• Question 181:

  Which of the following is the primary purpose of a service that tracks log-ins and time spent using the service?

  A. Availability
  B. Accounting
  C. Authentication
  D. Authorization
  B. Accounting

  ---

  Explanation

  Accounting logs user activities such as log-ins and usage duration, which is part of the AAA framework (Authentication, Authorization, and Accounting).

• Question 182:

  A CVE in a key back-end component of an application has been disclosed. The systems administrator is identifying all of the systems in the environment that are susceptible to this risk.

  Which of the following should the systems administrator perform?

  A. Packet capture
  B. Vulnerability scan
  C. Metadata analysis
  D. Automated reporting
  B. Vulnerability scan

• Question 183:

  Which of the following is the best way to prevent data from being leaked from a secure network that does not need to communicate externally?

  A. Air gap
  B. Containerization
  C. Virtualization
  D. Decentralization
  A. Air gap

• Question 184:

  A business needs a recovery site but does not require immediate failover. The business also wants to reduce the workload required to recover from an outage.

  Which of the following recovery sites is the best option?

  A. Hot
  B. Cold
  C. Warm
  D. Geographically dispersed
  C. Warm

  ---

  Explanation

  A warm site is the best option for a business that does not require immediate failover but wants to reduce the workload required for recovery. A warm site has some pre-installed equipment and data, allowing for quicker recovery than a cold site, but it still requires some setup before becoming fully operational. Hot sites provide immediate failover but are more expensive and require constant maintenance. Cold sites require significant time and effort to get up and running after an outage. Geographically dispersed sites refer to a specific location strategy rather than the readiness of the recovery site.

• Question 185:

  An administrator assists the legal and compliance team with ensuring information about customer transactions is archived for the proper time period.

  Which of the following data policies is the administrator carrying out?

  A. Compromise
  B. Retention
  C. Analysis
  D. Transfer
  E. Inventory
  B. Retention

  ---

  Explanation

  A data retention policy is a set of rules that defines how long data should be stored and when it should be deleted or archived. An administrator assists the legal and compliance team with ensuring information about customer transactions is archived for the proper time period by following the data retention policy of the organization. This policy helps the organization to comply with legal and regulatory requirements, optimize storage space, and protect data privacy and security.

  References CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 3, Section 3.4, page 1211

  CompTIA Security+ Practice Tests: Exam SY0-701, 3rd Edition, Chapter 3, Question15, page 832

• Question 186:

  A security engineer is working to address the growing risks that shadow IT services are introducing to the organization. The organization has taken a cloud-first approach end does not have an on-premises IT infrastructure.

  Which of the following would best secure the organization?

  A. Upgrading to a next-generation firewall
  B. Deploying an appropriate in-line CASB solution
  C. Conducting user training on software policies
  D. Configuring double key encryption in SaaS platforms
  B. Deploying an appropriate in-line CASB solution

  ---

  Explanation

  A Cloud Access Security Broker (CASB) solution is the most suitable option for securing an organization that has adopted a cloud-first strategy and does not have an on-premises IT infrastructure. CASBs provide visibility and control over shadow IT services, enforce security policies, and protect data across cloud services.

  References:

  CompTIA Security+ SY0-701 study materials, particularly in the domain of cloud security and managing risks associated with shadow IT.

• Question 187:

  A company is decommissioning its physical servers and replacing them with an architecture that will reduce the number of individual operating systems.

  Which of the following strategies should the company use to achieve this security requirement?

  A. Microservices
  B. Containerization
  C. Virtualization
  D. Infrastructure as code
  B. Containerization

  ---

  Explanation

  Containerization allows multiple applications or services to run in isolated environments on the same underlying OS. Unlike, virtualization where each VM runs its own OS, containers share the host OS kernel but keep the applications isolated from one another. This significantly reduces the number of operating systems required while maintaining security and isolation between applications.

• Question 188:

  A company is experiencing issues with employees leaving the company for a competitor and taking customer contact information with them.

  Which of the following tools will help prevent this from reoccurring?

  A. FIM
  B. NAC
  C. IDS
  D. UBA
  D. UBA

• Question 189:

  A company is planning a disaster recovery site and needs to ensure that a single natural disaster would not result in the complete loss of regulated backup data.

  Which of the following should the company consider?

  A. Geographic dispersion
  B. Platform diversity
  C. Hot site
  D. Load balancing
  A. Geographic dispersion

  ---

  Explanation

  Geographic dispersion is the practice of having backup data stored in different locations that are far enough apart to minimize the risk of a single natural disaster affecting both sites. This ensures that the company can recover its regulated data in case of a disaster at the primary site. Platform diversity, hot site, and load balancing are not directly related to the protection of backup data from natural disasters.

  References:

  CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 449

  Disaster Recovery Planning: Geographic Diversity

• Question 190:

  Which of the following describes when a user installs an unauthorized application by bypassing the authorized application store and installing a binary file?

  A. Jailbreaking
  B. Sideloading
  C. Memory injection
  D. VM escaping
  B. Sideloading

  ---

  Explanation

  The best answer is B. Sideloading. Sideloading is the installation of an application from outside the official or authorized application store, often by directly installing a binary package or application file. This bypasses standard review and distribution controls. Why the other options are incorrect:

  A. JailbreakingJailbreaking removes or bypasses manufacturer or operating system restrictions, often on mobile devices. It may enable sideloading, but it is not the same thing as the act described.

  C. Memory injectionMemory injection is a technique used to place code into another process's memory. It is unrelated to installing an app from an unauthorized source.

  D. VM escapingVM escape is an attack in which code breaks out of a virtual machine into the host environment. It does not describe unauthorized app installation. From a Security+ standpoint, bypassing the approved app store and directly installing a binary is the definition of sideloading.