CompTIA SY0-701 Online Practice Questions and Exam Preparation

CompTIA SY0-701 Online Questions & Answers

• Question 291:

  A development team is launching a new public-facing web product. The Chief Information Security Officer has asked that the product be protected from attackers who use malformed or invalid inputs to destabilize the system.

  Which of the following practices should the development team implement?

  A. Fuzzing
  B. Continuous deployment
  C. Static code analysis
  D. Manual peer review
  A. Fuzzing

• Question 292:

  Which of the following most impacts an administrator's ability to address CVEs discovered on a server?

  A. Rescanning requirements
  B. Patch availability
  C. Organizational impact
  D. Risk tolerance
  B. Patch availability

• Question 293:

  A company has yearly engagements with a service provider. The general terms and conditions are the same for all engagements. The company wants to simplify the process and revisit the general terms every three years.

  Which of the following documents would provide the best way to set the general terms?

  A. MSA
  B. NDA
  C. MOU
  D. SLA
  A. MSA

  ---

  Explanation

  A Master Service Agreement (MSA) establishes the general terms and conditions for ongoing business engagements. This allows companies to reuse the same terms across multiple contracts, revisiting them periodically for updates.

  NDA (B) protects confidential information but does not define service terms.

  MOU (C) is a non-binding agreement, often used for partnerships, not formal service contracts.

  SLA (D) focuses on service performance expectations, not overall contract terms.

  References:

  CompTIA Security+ SY0-701 Official Study Guide, Security Program Management and Oversight domain.

• Question 294:

  A security analyst notices unusual behavior on the network. The IDS on the network was not able to detect the activities.

  Which of the following should the security analyst use to help the IDS detect such attacks in the future?

  A. Signatures
  B. Trends
  C. Honeypot
  D. Reputation
  A. Signatures

• Question 295:

  A Chief Information Security Officer would like to conduct frequent, detailed reviews of systems and procedures to track compliance objectives.

  Which of the following will be the best method to achieve this objective?

  A. Third-party attestation
  B. Penetration testing
  C. Internal auditing
  D. Vulnerability scans
  C. Internal auditing

• Question 296:

  Which of the following prevents unauthorized modifications to internal processes, assets, and security controls?

  A. Change management
  B. Playbooks
  C. Incident response
  D. Acceptable use policy
  A. Change management

• Question 297:

  Which of the following is a type of vulnerability that may result from outdated algorithms or keys?

  A. Hash collision
  B. Cryptographic
  C. Buffer overflow
  D. Input validation
  B. Cryptographic

  ---

  Explanation

  Cryptographic vulnerabilities occur when outdated algorithms or weak encryption keys are used, making systems susceptible to attacks such as brute force or cryptanalysis. These issues undermine the confidentiality and integrity of encrypted data.

• Question 298:

  While investigating a recent security breach an analyst finds that an attacker gained access by SOL infection through a company website.

  Which of the following should the analyst recommend to the website developers to prevent this from reoccurring?

  A. Secure cookies
  B. Input sanitization
  C. Code signing
  D. Blocklist
  B. Input sanitization

  ---

  Explanation

  Input sanitization is a critical security measure to prevent SQL injection attacks, which occur when an attacker exploits vulnerabilities in a website's input fields to execute malicious SQL code. By properly sanitizing and validating all user inputs, developers can prevent malicious code from being executed, thereby securing the website against such attacks.

  References:

  CompTIA Security+ SY0-701 study materials, particularly in the domain of web application security and common vulnerability mitigation strategies.

• Question 299:

  A company recently decided to allow employees to work remotely. The company wants to protect us data without using a VPN.

  Which of the following technologies should the company Implement?

  A. Secure web gateway
  B. Virtual private cloud end point
  C. Deep packet Inspection
  D. Next-gene ration firewall
  A. Secure web gateway

  ---

  Explanation

  A Secure Web Gateway (SWG) protects users by filtering unwanted software/malware from user-initiated web traffic and enforcing corporate and regulatory policy compliance. This technology allows the company to secure remote users' data and web traffic without relying on a VPN, making it ideal for organizations supporting remote work.

  References:

  CompTIA Security+ SY0-701 study materials, particularly in the domain of network security and remote access technologies.

• Question 300:

  Which of the following is classified as high availability in a cloud environment?

  A. Access broker
  B. Cloud HSM
  C. WAF
  D. Load balancer
  D. Load balancer

  ---

  Explanation

  In a cloud environment, high availability is typically ensured through the use of a load balancer. A load balancer distributes network or application traffic across multiple servers, ensuring that no single server becomes overwhelmed and that services remain available even if one or more servers fail. This setup enhances the reliability and availability of applications. Load balancer: Ensures high availability by distributing traffic across multiple servers or instances, preventing overload and ensuring continuous availability. Access broker: Typically refers to a service that facilitates secure access to resources, not directly related to high availability.

  Cloud HSM (Hardware Security Module): Provides secure key management in the cloud but does not specifically ensure high availability.

  WAF (Web Application Firewall): Protects web applications by filtering and monitoring HTTP traffic but is not primarily focused on ensuring high availability.

  References:

  CompTIA Security+ SY0-701 Exam Objectives, Domain 4.4 - Security operations (Load balancing for high availability).