CompTIA SY0-701 Online Practice Questions and Exam Preparation

CompTIA SY0-701 Online Questions & Answers

• Question 191:

  Which of the following should a systems administrator use to ensure an easy deployment of resources within the cloud provider?

  A. Software as a service
  B. Infrastructure as code
  C. Internet of Things
  D. Software-defined networking
  B. Infrastructure as code

  ---

  Explanation

  Infrastructure as code (IaC) is a method of using code and automation to manage and provision cloud resources, such as servers, networks, storage, and applications. IaC allows for easy deployment, scalability, consistency, and repeatability of cloud environments. IaC is also a key component of DevSecOps, which integrates security into the development and operations processes.

  References:

  CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 6: Cloud and Virtualization Concepts, page 294.

• Question 192:

  While a user reviews their email, a host gets infected by malware from an external hard drive plugged into the host. The malware steals all the user's credentials stored in the browser.

  Which of the following training topics should the user review to prevent this situation from reoccurring?

  A. Operational security
  B. Removable media and cables
  C. Password management
  D. Social engineering
  B. Removable media and cables

  ---

  Explanation

  This scenario highlights the need for training on the secure use of removable media. Users should learn to avoid using untrusted external storage devices to prevent malware infections.

  References:

  CompTIA Security+ SY0-701 Study Guide, Domain 4: Security Operations, Section: "Removable Media Controls and User Awareness Training".

• Question 193:

  A security engineer needs to quickly identify a signature from a known malicious file.

  Which of the following analysis methods would the security engineer most likely use?

  A. Static
  B. Sandbox
  C. Network traffic
  D. Package monitoring
  A. Static

• Question 194:

  Which of the following enables the use of an input field to run commands that can view or manipulate data?

  A. Cross-site scripting
  B. Side loading
  C. Buffer overflow
  D. SQL injection
  D. SQL injection

  ---

  Explanation

  SQL injection is a type of attack that enables the use of an input field to run commands that can view or manipulate data in a database. SQL stands for Structured Query Language, which is a language used to communicate with databases.

  By injecting malicious SQL statements into an input field, an attacker can bypass authentication, access sensitive information, modify or delete data, or execute commands on the server. SQL injection is one of the most common and dangerous web application vulnerabilities.

  References:

  CompTIA Security+ Study Guide with over 500 Practice Test Questions: Exam SY0-701, 9th Edition, Chapter 5, page 195. CompTIA Security+ SY0-701 Exam Objectives, Domain 1.1, page 8.

• Question 195:

  Which of the following tools is effective in preventing a user from accessing unauthorized removable media?

  A. USB data blocker
  B. Faraday cage
  C. Proximity reader
  D. Cable lock
  A. USB data blocker

  ---

  Explanation

  A USB data blocker, also known as a "USB condom" (really, no kidding!), is a device that allows you to plug into USB charging ports including charging kiosks, and USB ports on gadgets owned by other people.

  The main purpose of using one is to eliminate the risk of infecting your phone or tablet with malware, and even prevent hackers to install/execute any malicious code to access your data.

• Question 196:

  An employee used a company's billing system to issue fraudulent checks. The administrator is looking for evidence of other occurrences of this activity.

  Which of the following should the administrator examine?

  A. Application logs
  B. Vulnerability scanner logs
  C. IDS/IPS logs
  D. Firewall logs
  A. Application logs

  ---

  Explanation

  Application logs will contain records of activities within the billing system, including transactions, actions taken by users, and any anomalies. This is the most direct source of evidence for tracing fraudulent activity within the specific application, such as issuing unauthorized checks.

• Question 197:

  A security analyst sees an increase of vulnerabilities on workstations after a deployment of a company group policy.

  Which of the following vulnerability types will the analyst most likely find on the workstations?

  A. Misconfiguration
  B. Zero-day
  C. Malicious update
  D. Supply chain
  A. Misconfiguration

• Question 198:

  A company is experiencing a web services outage on the public network. The services are up and available but inaccessible. The network logs show a sudden increase in network traffic that is causing the outage.

  Which of the following attacks is the organization experiencing?

  A. ARP poisoning
  B. Brute force
  C. Buffer overflow
  D. DDoS
  D. DDoS

• Question 199:

  Which of the following security concepts is being followed when implementing a product that offers protection against DDoS attacks?

  A. Availability
  B. Non-repudiation
  C. Integrity
  D. Confidentiality
  A. Availability

  ---

  Explanation

  When implementing a product that offers protection against Distributed Denial of Service (DDoS) attacks, the security concept being followed is availability. DDoS protection ensures that systems and services remain accessible to legitimate users even under attack, maintaining the availability of network resources.

  Availability: Ensures that systems and services are accessible when needed, which is directly addressed by DDoS protection.

  Non-repudiation: Ensures that actions or transactions cannot be denied by the involved parties, typically achieved through logging and digital signatures.

  Integrity: Ensures that data is accurate and has not been tampered with.

  Confidentiality: Ensures that information is accessible only to authorized individuals.

  References:

  CompTIA Security+ SY0-701 Exam Objectives, Domain 1.2 - Summarize fundamental security concepts (Availability).

• Question 200:

  Company A jointly develops a product with Company B, which is located in a different country. Company A finds out that their intellectual property is being shared with unauthorized companies.

  Which of the following has been breached?

  A. SLA
  B. AUP
  C. SOW
  D. MOA
  D. MOA

  ---

  Explanation

  A Memorandum of Agreement (MOA) outlines terms of cooperation, including restrictions on sharing intellectual property. A breach indicates the terms of the agreement were violated, compromising confidentiality or usage terms.

  References:

  CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: "Third-Party Risk Management".