CompTIA SY0-701 Online Practice Questions and Exam Preparation

CompTIA SY0-701 Online Questions & Answers

• Question 561:

  An attorney prints confidential documents to a copier in an office space near multiple workstations and a reception desk. When the attorney goes to the copier to retrieve the documents, the documents are missing.

  Which of the following would best prevent this from reoccurring?

  A. Place the copier in the legal department.
  B. Configure DLP on the attorney's workstation.
  C. Set up LDAP authentication on the printer.
  D. Conduct a physical penetration test.
  C. Set up LDAP authentication on the printer.

• Question 562:

  A security engineer receives reports of unauthorized devices on the organization ' s network.

  Which of the following best describes a secure and effective way to mitigate the risks?

  A. Deploy a NAC solution to block wireless connections until devices can be verified against the baseline configuration.
  B. Set the NAC solution to only accept handshakes initiated from a static set of IP addresses.
  C. Configure a NAC solution to enforce 802.1X authentication with device certificates and implement endpoint security checks.
  D. Implement a NAC solution that redirects all devices to the guest Wi-Fi for holding until a security analyst can validate the security compliance.
  C. Configure a NAC solution to enforce 802.1X authentication with device certificates and implement endpoint security checks.

  ---

  Explanation

  The best answer is C. Configure a NAC solution to enforce 802.1X authentication with device certificates and implement endpoint security checks. NAC (Network Access Control) is used to verify devices before granting them access to the network. A strong NAC deployment should validate both identity and security posture. Enforcing 802.1X authentication ensures that devices must authenticate before connecting, and using device certificates strengthens trust in the device itself. Endpoint security checks add posture assessment, such as confirming antivirus, patch level, or compliance state. This is the most secure and effective approach because it prevents unauthorized or noncompliant devices from joining the network in the first place. Why the other options are incorrect:

  A. Deploy a NAC solution to block wireless connections until devices can be verified against the baseline configuration.This only addresses wireless access and is too limited. Unauthorized devices could still attempt access in other ways.

  B.

  Set the NAC solution to only accept handshakes initiated from a static set of IP addresses.IP addresses are not a reliable basis for device trust and can be spoofed or reassigned. D. Implement a NAC solution that redirects all devices to the guest Wi-Fi for holding until a security analyst can validate the security compliance.Redirecting all devices is not practical or efficient, and guest Wi-Fi is not the best control for secure admission.

  From a Security+ perspective, the strongest NAC implementation uses 802.1X, certificates, and posture assessment, making C correct.

• Question 563:

  A growing organization, which hosts an externally accessible application, adds multiple virtual servers to improve application performance and decrease the resource usage on individual servers.

  Which of the following solutions is the organization most likely to employ to further increase performance and availability?

  A. Load balancer
  B. Jump server
  C. Proxy server
  D. SD-WAN
  A. Load balancer

• Question 564:

  Which of the following is a common, passive reconnaissance technique employed by penetration testers in the early phases of an engagement?

  A. Open-source intelligence
  B. Port scanning
  C. Pivoting
  D. Exploit validation
  A. Open-source intelligence

• Question 565:

  At the start of a penetration test, the tester checks OSINT resources for information about the client environment.

  Which of the following types of reconnaissance is the tester performing?

  A. Active
  B. Passive
  C. Offensive
  D. Defensive
  B. Passive

• Question 566:

  Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?

  A. Hacktivist
  B. Whistleblower
  C. Organized crime
  D. Unskilled attacker
  C. Organized crime

  ---

  Explanation

  Organized crime is a type of threat actor that is motivated by financial gain and often operates across national borders. Organized crime groups may be hired by foreign governments to conduct cyberattacks on critical systems located in other countries, such as power grids, military networks, or financial institutions. Organized crime groups have the resources, skills, and connections to carry out sophisticated and persistent attacks that can cause significant damage and disruption.

  References:

  1: Threat Actors - CompTIA Security+ SY0-701 - 2.1

  2: CompTIA Security+ SY0-701 Certification Study Guide

• Question 567:

  A business uses Wi-Fi with content filleting enabled. An employee noticed a coworker accessed a blocked sue from a work computer and reported the issue. While investigating the issue, a security administrator found another device providing internet access to certain employees.

  Which of the following best describes the security risk?

  A. The host-based security agent Is not running on all computers.
  B. A rogue access point Is allowing users to bypass controls.
  C. Employees who have certain credentials are using a hidden SSID.
  D. A valid access point is being jammed to limit availability.
  B. A rogue access point Is allowing users to bypass controls.

  ---

  Explanation

  The presence of another device providing internet access that bypasses the content filtering system indicates the existence of a rogue access point. Rogue access points are unauthorized devices that can create a backdoor into the network, allowing users to bypass security controls like content filtering. This presents a significant security risk as it can expose the network to unauthorized access and potential data breaches.

  References:

  CompTIA Security+ SY0-701 Course Content: Rogue access points are highlighted as a major security risk, allowing unauthorized access to the network and bypassing security measures.

• Question 568:

  The marketing department set up its own project management software without telling the appropriate departments.

  Which of the following describes this scenario?

  A. Shadow IT
  B. Insider threat
  C. Data exfiltration
  D. Service disruption
  A. Shadow IT

  ---

  Explanation

  Shadow IT is the term used to describe the use of unauthorized or unapproved IT resources within an organization. The marketing department set up its own project management software without telling the appropriate departments, such as IT, security, or compliance. This could pose a risk to the organization's security posture, data integrity, and regulatory compliance.

  References:

  CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 2, page 35.

• Question 569:

  Which of the following strategies most effectively protects sensitive data at rest in a database?

  A. Hashing
  B. Masking
  C. Tokenization
  D. Obfuscation
  C. Tokenization

  ---

  Explanation

  Tokenization is the most effective method for protecting sensitive data at rest within a database. Tokenization replaces sensitive information-such as credit card numbers, SSNs, or personal identifiers-with meaningless surrogate values (tokens). The actual data is stored securely in a separate token vault, reducing exposure if the primary database is compromised.

  Hashing (A) is one-way and protects integrity, not usability, making it inappropriate for data that must later be retrieved. Masking (B) hides data from users but does not secure stored data in the database. Obfuscation (D) makes data harder to understand but is reversible and not intended for strong security.

  Security+ SY0-701 identifies tokenization as a key control for data-at-rest protection, especially in regulated industries like finance and healthcare. It prevents attackers from accessing real data even if the database is breached, significantly reducing risk and compliance impact. This aligns with the exam's emphasis on confidentiality and data protection strategies in stored environments.

• Question 570:

  A third-party vendor is moving a particular application to the end-of-life stage at the end of the current year.

  Which of the following is the most critical risk if the company chooses to continue running the application?

  A. Lack of security updates
  B. Lack of new features
  C. Lack of support
  D. Lack of source code access
  A. Lack of security updates