CompTIA SY0-701 Online Practice Questions and Exam Preparation

CompTIA SY0-701 Online Questions & Answers

• Question 731:

  A user needs to complete training at https://comptiatraining.com. After manually entering the URL, the user sees that the accessed website is noticeably different from the standard company website.

  Which of the following is the most likely explanation for the difference?

  A. Cross-site scripting
  B. Pretexting
  C. Typosquatting
  D. Vishing
  C. Typosquatting

  ---

  Explanation

  Typosquatting (also known as URL hijacking) is a type of attack where cybercriminals register domain names similar to legitimate sites but with slight misspellings (e.g., comptiatraning.com instead of comptiatraining.com). Attackers use these fake sites to steal credentials or distribute malware. Since the user manually entered the URL and reached an unexpected website, this strongly indicates a typosquatting attack.

  References:

  CompTIA Security+ SY0-701 Official Study Guide, Threats, Vulnerabilities, and Mitigations domain.

• Question 732:

  Which of the following is the best way to provide secure remote access for employees while minimizing the exposure of a company's internal network?

  A. VPN
  B. LDAP
  C. FTP
  D. RADIUS
  A. VPN

  ---

  Explanation

  A VPN (Virtual Private Network) is a secure method to provide employees with remote access to a company's network. It encrypts data, protecting it from interception and ensuring secure communication between the user and the internal network.

  References:

  Security+ SY0-701 Course Content, Security+ SY0-601 Book.

• Question 733:

  A security investigation revealed that malicious software was installed on a server using a server administrator's credentials. During the investigation, the server administrator explained that Telnet was regularly used to log in.

  Which of the following most likely occurred?

  A. A spraying attack was used to determine which credentials to use.
  B. A packet capture tool was used to steal the password.
  C. A remote-access Trojan was used to install the malware.
  D. A dictionary attack was used to log in as the server administrator.
  B. A packet capture tool was used to steal the password.

• Question 734:

  A security analyst created a fake account and saved the password in a non-readily accessible directory in a spreadsheet. An alert was also con gured to notify the security team if the spreadsheet is opened.

  Which of the following best describes the deception method being deployed?

  A. Honeypot
  B. Honeyfile
  C. Honeytoken
  D. Honeynet
  B. Honeyfile

• Question 735:

  Security controls in a data center are being reviewed to ensure data is properly protected and that human life considerations are included.

  Which of the following best describes how the controls should be set up?

  A. Remote access points should fail closed.
  B. Logging controls should fail open.
  C. Safety controls should fail open.
  D. Logical security controls should fail closed.
  C. Safety controls should fail open.

  ---

  Explanation

  Safety controls are security controls that are designed to protect human life and physical assets from harm or damage. Examples of safety controls include fire alarms, sprinklers, emergency exits, backup generators, and surge protectors.

  Safety controls should fail open, which means that they should remain operational or allow access when a failure or error occurs. Failing open can prevent or minimize the impact of a disaster, such as a fire, flood, earthquake, or power outage, on human life and physical assets. For example, if a fire alarm fails, it should still trigger the sprinklers and unlock the emergency exits, rather than remain silent and locked. Failing open can also ensure that essential services, such as healthcare, transportation, or communication, are available during a crisis. Remote access points, logging controls, and logical security controls are other types of security controls, but they should not fail open in a data center. Remote access points are security controls that allow users or systems to access a network or a system from a remote location, such as a VPN, a web portal, or a wireless access point. Remote access points should fail closed, which means that they should deny access when a failure or error occurs. Failing closed can prevent unauthorized or malicious access to the data center's network or systems, such as by hackers, malware, or rogue devices. Logging controls are security controls that record and monitor the activities and events that occur on a network or a system, such as user actions, system errors, security incidents, or performance metrics. Logging controls should also fail closed, which means that they should stop or suspend the activities or events when a failure or error occurs. Failing closed can prevent data loss, corruption, or tampering, as well as ensure compliance with regulations and standards. Logical security controls are security controls that use software or code to protect data and systems from unauthorized or malicious access, modification, or destruction, such as encryption, authentication, authorization, or firewall. Logical security controls should also fail closed, which means that they should block or restrict access when a failure or error occurs. Failing closed can prevent data breaches, cyberattacks, or logical flaws, as well as ensure confidentiality, integrity, and availability of data and systems.

  References:

  CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 142-143, 372-373, 376-377

• Question 736:

  A retail company receives a request to remove a customer's data.

  Which of the following is the retail company considered under GDPR legislation?

  A. Data processor
  B. Data controller
  C. Data subject
  D. Data custodian
  B. Data controller

  ---

  Explanation

  Under GDPR, the data controller determines the purposes and means of processing personal data. The retail company, which collects and manages customer data, is responsible for complying with data deletion requests and thus acts as the data controller.

• Question 737:

  A security analyst received a tip that sensitive proprietary information was leaked to the public. The analyst is reviewing the PCAP and notices traffic between an internal server and an external host that includes the following:

  ...

  12:47:22.327233 PPPoE [ses 0x8122] IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto IPv6 (41), length 331) 10.5.1.1 > 52.165.16.154: IP6 (hlim E3, next-header TCP (6) paylcad length: 271) 2001:67c:2158:a019::ace.53104 >

  2001:0:5ef5:79fd:380c:dddd:a601:24fa.13788: Flags [P.], cksum 0xd7ee (correct), seq 97:348, ack 102, win 16444, length 251 ...

  Which of the following was most likely used to exfiltrate the data?

  A. Encapsulation
  B. MAC address spoofing
  C. Steganography
  D. Broken encryption
  E. Sniffing via on-path position
  A. Encapsulation

• Question 738:

  Which of the following allows a systems administrator to tune permissions for a file?

  A. Patching
  B. Access control list
  C. Configuration enforcement
  D. Least privilege
  B. Access control list

  ---

  Explanation

  Access control lists (ACLs) allow administrators to fine-tune file permissions by specifying which users or groups have access to a file and defining the level of access.

  References:

  CompTIA Security+ SY0-701 Study Guide, Domain 3: Security Architecture, Section: "Access Control Mechanisms".

• Question 739:

  A software development team asked a security administrator to recommend techniques that should be used to reduce the chances of the software being reverse engineered.

  Which of the following should the security administrator recommend?

  A. Digitally signing the software
  B. Performing code obfuscation
  C. Limiting the use of third-party libraries
  D. Using compile flags
  B. Performing code obfuscation

• Question 740:

  Which of the following would most likely mitigate the impact of an extended power outage on a company's environment?

  A. Hot site
  B. UPS
  C. Snapshots
  D. SOAR
  B. UPS

  ---

  Explanation

  A UPS (Uninterruptible Power Supply) would most likely mitigate the impact of an extended power outage on a company's environment. A UPS provides backup power and ensures that systems continue to run during short-term power outages, giving enough time to perform an orderly shutdown or switch to a longer-term power solution like a generator.

  Hot site: A fully operational offsite data center that can be used if the primary site becomes unavailable. It's more suitable for disaster recovery rather than mitigating short-term power outages.

  UPS: Provides immediate backup power, protecting against data loss and hardware damage during power interruptions.

  Snapshots: Used for data backup and recovery, not for power outage mitigation.

  SOAR (Security Orchestration, Automation, and Response): A platform for automating security operations, not related to power outage mitigation.

  References:

  CompTIA Security+ SY0-701 Exam Objectives, Domain 3.4 - Importance of resilience and recovery in security architecture (Power: Generators, UPS).