CompTIA SY0-701 Online Practice Questions and Exam Preparation

CompTIA SY0-701 Online Questions & Answers

• Question 401:

  An administrator implements web-filtering products but still sees that users are visiting malicious links.

  Which of the following configuration items does the security administrator need to review?

  A. Intrusion prevention system
  B. Content categorization
  C. Encryption
  D. DNS service
  B. Content categorization

  ---

  Explanation

  Content categorization defines how websites are classified (e.g., gambling, malicious, social media) within the web-filtering product. If users are still accessing malicious links, it likely means the categorization settings need to be reviewed or updated to block those sites effectively.

• Question 402:

  In order to strengthen a password and prevent a hacker from cracking it, a random string of 36 characters was added to the password.

  Which of the following best describes this technique?

  A. Key stretching
  B. Tokenization
  C. Data masking
  D. Salting
  D. Salting

• Question 403:

  Which of the following is the first step to secure a newly deployed server?

  A. Close unnecessary service ports.
  B. Update the current version of the software.
  C. Add the device to the ACL.
  D. Upgrade the OS version.
  A. Close unnecessary service ports.

  ---

  Explanation

  The first step in securing a newly deployed server is to close unnecessary service ports. Open ports can expose the server to unauthorized access and potential cyber threats. By closing unused ports, the attack surface is reduced, limiting the number of entry points available to attackers.

  Updating the software version (B) and upgrading the OS version (D) are important security measures but should follow the step of securing open ports to prevent immediate exposure to threats. Adding the device to the Access Control List (ACL) (C) is a step in network security but does not directly secure the server itself against potential attacks. Closing unnecessary ports helps in minimizing the risk of network-based attacks, such as port scanning and exploitation of default services.

• Question 404:

  A security administrator is implementing encryption on all hard drives in an organization.

  Which of the following security concepts is the administrator applying?

  A. Integrity
  B. Authentication
  C. Zero Trust
  D. Con dentiality
  D. Con dentiality

• Question 405:

  A company is implementing a policy to allow employees to use their personal equipment for work. However, the company wants to ensure that only company-approved applications can be installed.

  Which of the following addresses this concern?

  A. MDM
  B. Containerization
  C. DLP
  D. FIM
  A. MDM

• Question 406:

  An administrator is reviewing a single server's security logs and discovers the following;

  

  Which of the following best describes the action captured in this log file?

  A. Brute-force attack
  B. Privilege escalation
  C. Failed password audit
  D. Forgotten password by the user
  A. Brute-force attack

  ---

  Explanation

  A brute-force attack is a type of attack that involves systematically trying all possible combinations of passwords or keys until the correct one is found. The log file shows multiple failed login attempts in a short amount of time, which is a characteristic of a brute-force attack. The attacker is trying to guess the password of the Administrator account on the server. The log file also shows the event ID 4625, which indicates a failed logon attempt, and the status code 0xC000006A, which means the user name is correct but the password is wrong. These are indicators of compromise (IoC) that suggest a brute-force attack is taking place.

  References:

  CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 215-216 and 223

• Question 407:

  A company needs to keep the fewest records possible, meet compliance needs, and ensure destruction of records that are no longer needed.

  Which of the following best describes the policy that meets these requirements?

  A. Security policy
  B. Classification policy
  C. Retention policy
  D. Access control policy
  C. Retention policy

• Question 408:

  Several universities are participating in a collaborative research project and need to share compute and storage resources.

  Which of the following cloud deployment strategies would BEST meet this need?

  A. Community
  B. Private
  C. Public
  D. Hybrid
  A. Community

  ---

  Explanation

  Community cloud storage is a variation of the private cloud storage model, which offers cloud solutions for specific businesses or communities. In this model, cloud storage providers offer their cloud architecture, software and other development tools to meet the requirements of the community. A community cloud in computing is a collaborative effort in which infrastructure is shared between several organizations from a specific community with common concerns (security, compliance, jurisdiction, etc.), whether managed internally or by a third-party and hosted internally or externally.

• Question 409:

  Which of the following solutions would most likely be used in the financial industry to mask sensitive data?

  A. Tokenization
  B. Hashing
  C. Salting
  D. Steganography
  A. Tokenization

  ---

  Explanation

  Tokenization replaces sensitive data, such as credit card numbers, with non-sensitive equivalents (tokens) that have no exploitable value outside the system. It is widely used in the financial industry to protect data while maintaining functionality for processing and analysis.

• Question 410:

  Which of the following is the final step of the modern response process?

  A. Lessons learned
  B. Eradication
  C. Containment
  D. Recovery
  A. Lessons learned

  ---

  Explanation

  The final step in the incident response process is "Lessons learned." This step involves reviewing and analyzing the incident to understand what happened, how it was handled, and what could be improved. The goal is to improve future response efforts and prevent similar incidents from occurring. It's essential for refining the incident response plan and enhancing overall security posture.

  References:

  CompTIA Security+ SY0-701 study materials, particularly in the domain of incident response and recovery.