SY0-701 Exam Details

  • Exam Code
    :SY0-701
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1016 Q&As
  • Last Updated
    :Jul 14, 2026

CompTIA SY0-701 Online Questions & Answers

  • Question 71:

    During a routine audit, an analyst discovers that a department at a high school uses a simul-ation program that was not properly vetted before deployment.

    Which of the following threats is this an example of?

    A. Espionage
    B. Data exfiltration
    C. Shadow IT
    D. Zero-day

  • Question 72:

    A security analyst is assessing several company firewalls.

    Which of the following tools would the analyst most likely use to generate custom packets to use during the assessment?

    A. hping
    B. Wireshark
    C. PowerShell
    D. netstat

  • Question 73:

    After multiple on premises security solutions were migrated to the cloud, the incident response time increased. The analyst are spending a long time to trace information on different cloud consoles and correlating data in different formats.

    Which of the following can be used to optimize the incident response time?

    A. CASB
    B. VPC
    C. SWG
    D. CMS

  • Question 74:

    A SOC analyst establishes a remote control session on an end user's machine and discovers the following in a file:

    gmail.com[ENT][email protected][ENT]NoOneCanGuessThis123! [ENT]Hello Susan, it was great to see you the other day! Let's plan a followup[BACKSPACE]follow-up meeting soon. Here is the link to register. [RTN][CTRL]c [CTRL]v [RTN]after[BACKSPACE]After you register give me a call on my cellphone.

    Which of the following actions should the SOC analyst perform rst?

    A. Advise the user to change passwords.
    B. Reimage the end user's machine.
    C. Check the policy on personal email at work.
    D. Check host rewall logs.

  • Question 75:

    A security team is in the process of hardening the network against externally crafted malicious packets.

    Which of the following is the most secure method to protect the internal network?

    A. Anti-malware solutions
    B. Host-based rewalls
    C. Intrusion prevention systems
    D. Network access control
    E. Network allow list

  • Question 76:

    A security analyst created a fake account and saved the password in a non-readily accessible directory in a spreadsheet. An alert was also con gured to notify the security team if the spreadsheet is opened.

    Which of the following best describes the deception method being deployed?

    A. Honeypot
    B. Honeyfile
    C. Honeytoken
    D. Honeynet

  • Question 77:

    Which of the following security principles most likely requires validation before allowing traffic between systems?

    A. Policy enforcement
    B. Authentication
    C. Zero Trust architecture
    D. Confidentiality

  • Question 78:

    A company tested and validated the effectiveness of network security appliances within the corporate network. The IDS detected a high rate of SQL injection attacks against the company's servers, and the company's perimeter firewall is at capacity.

    Which of the following would be the best action to maintain security and reduce the traffic to the perimeter firewall?

    A. Set the appliance to IPS mode and place it in front of the company firewall.
    B. Convert the firewall to a WAF and use IPSec tunnels to increase throughput.
    C. Set the firewall to fail open if it is overloaded with traffic and send alerts to the SIEM.
    D. Configure the firewall to perform deep packet inspection and monitor TLS traffic.

  • Question 79:

    A systems administrator successfully configures VPN access to a cloud environment.

    Which of the following capabilities should the administrator use to best facilitate remote administration?

    A. A jump host in the shared services security zone
    B. An SSH server within the corporate LAN
    C. A reverse proxy on the firewall
    D. An MDM solution with conditional access

  • Question 80:

    An administrator notices that several users are logging in from suspicious IP addresses. After speaking with the users, the administrator determines that the employees were not logging in from those IP addresses and resets the affected users' passwords.

    Which of the following should the administrator implement to prevent this type of attack from succeeding in the future?

    A. Multifactor authentication
    B. Permissions assignment
    C. Access management
    D. Password complexity

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-701 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.