CompTIA SY0-701 Online Practice
Questions and Exam Preparation
SY0-701 Exam Details
Exam Code
:SY0-701
Exam Name
:CompTIA Security+
Certification
:CompTIA Certifications
Vendor
:CompTIA
Total Questions
:983 Q&As
Last Updated
:May 26, 2026
CompTIA SY0-701 Online Questions &
Answers
Question 591:
Which of the following techniques can be used to sanitize the data contained on a hard drive while allowing for the hard drive to be repurposed?
A. Degaussing B. Drive shredder C. Retention platform D. Wipe tool
D. Wipe tool
Explanation
A wipe tool can be used to securely erase all data on a hard drive without physically damaging it, making it suitable for repurposing. Wiping overwrites the data on the drive multiple times, ensuring that previously stored information cannot be recovered. This approach allows the hard drive to be reused safely, as opposed to degaussing or physical destruction, which renders the drive unusable.
Question 592:
Which of the following is most likely to be used as a just-in-time reference document within a security operations center?
A. Change management policy B. Risk profile C. Playbook D. SIEM profile
C. Playbook
Explanation
A playbook provides step-by-step procedures for responding to specific types of security incidents, making it an essential just-in-time reference during active incidents. SOC analysts rely on playbooks to quickly access instructions and guidance for consistent and effective response actions.
Question 593:
Which of the following would be the best solution to deploy a low-cost standby site that includes hardware and internet access?
A. Recovery site B. Cold site C. Hot site D. Warm site
B. Cold site
Explanation
A cold site is a standby site that provides basic infrastructure such as space, power, and internet access but typically does not have active hardware or data. It is a low-cost option compared to hot and warm sites, as it requires minimal ongoing expenses. In the event of a disaster, the organization can bring in hardware and data to the cold site to restore operations. This makes it suitable for scenarios where a low-cost standby solution is needed.
Question 594:
Several employees received a fraudulent text message from someone claiming to be the Chief Executive Officer (CEO). The message stated: "I'm in an airport right now with no access to email. I need you to buy gift cards for employee recognition awards. Please send the gift cards to following email address."
Which of the following are the best responses to this situation?
(Choose two).
A. Cancel current employee recognition gift cards. B. Add a smishing exercise to the annual company training. C. Issue a general email warning to the company. D. Have the CEO change phone numbers. E. Conduct a forensic investigation on the CEO's phone. F. Implement mobile device management.
B. Add a smishing exercise to the annual company training. C. Issue a general email warning to the company.
Explanation
This situation is an example of smishing, which is a type of phishing that uses text messages (SMS) to entice individuals into providing personal or sensitive information to cybercriminals. The best responses to this situation are to add a smishing exercise to the annual company training and to issue a general email warning to the company. A smishing exercise can help raise awareness and educate employees on how to recognize and avoid smishing attacks. An email warning can alert employees to the fraudulent text message and remind them to verify the identity and legitimacy of any requests for information or money.
References:
What Is Phishing | Cybersecurity | CompTIA, Phishing -SY0-601 CompTIA Security+ : 1.1 - Professor Messer IT Certification Training Courses
Question 595:
Which of the following control types describes an alert from a SIEM tool?
A. Preventive B. Corrective C. Compensating D. Detective
D. Detective
Question 596:
A customer reports that software the customer downloaded from a public website has malware in it. However, the company that created the software denies any malware in its software at delivery time.
Which of the following techniques will address this concern?
A. Secure storage B. Static code analysis C. Input validation D. Code signing
D. Code signing
Question 597:
A program manager wants to ensure contract employees can only use the company's computers Monday through Friday from 9 a.m. to 5 p.m.
Which of the following would best enforce this access control?
A. Creating a GPO for all contract employees and setting time-of-day log-in restrictions B. Creating a discretionary access policy and setting rule-based access for contract employees C. Implementing an OAuth server and then setting least privilege for contract employees D. Implementing SAML with federation to the contract employees' authentication server
A. Creating a GPO for all contract employees and setting time-of-day log-in restrictions
Question 598:
A small business uses kiosks on the sales floor to display product information for customers. A security team discovers the kiosks use end-of-life operating systems.
Which of the following is the security team most likely to document as a security implication of the current architecture?
A. Patch availability B. Product software compatibility C. Ease of recovery D. Cost of replacement
A. Patch availability
Explanation
End-of-life operating systems are those that are no longer supported by the vendor or manufacturer, meaning they do not receive any security updates or patches. This makes them vulnerable to exploits and attacks that take advantage of known or unknown flaws in the software. Patch availability is the security implication of using end-of-life operating systems, as it affects the ability to fix or prevent security issues. Other factors, such as product software compatibility, ease of recovery, or cost of replacement, are not directly related to security, but rather to functionality, availability, or budget.
References:
CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 29
Question 599:
A company web server is initiating outbound traffic to a low-reputation, public IP on non-standard pat. The web server is used to present an unauthenticated page to clients who upload images the company. An analyst notices a suspicious process running on the server hat was not created by the company development team.
Which of the following is the most likely explanation for his security incident?
A. A web shell has been deployed to the server through the page. B. A vulnerability has been exploited to deploy a worm to the server. C. Malicious insiders are using the server to mine cryptocurrency. D. Attackers have deployed a rootkit Trojan to the server over an exposed RDP port.
A. A web shell has been deployed to the server through the page.
Question 600:
Which of the following are the best security controls for controlling on-premises access? (Select two.)
A. Swipe card B. Picture ID C. Phone authentication application D. Biometric scanner E. Camera F. Memorable
A. Swipe card D. Biometric scanner
Explanation
Swipe cards and biometric scanners are commonly used to control on-premises access due to their reliability and ability to restrict unauthorized entry. Swipe cards provide physical access control, while biometric scanners ensure identity verification.
References:
CompTIA Security+ SY0-701 Study Guide, Domain 1: General Security Concepts, Section: "Physical Security Controls".
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your SY0-701 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.