CompTIA SY0-701 Online Practice Questions and Exam Preparation

CompTIA SY0-701 Online Questions & Answers

• Question 911:

  Which of the following should an organization focus on the most when making decisions about vulnerability prioritization?

  A. Exposure factor
  B. CVSS
  C. CVE
  D. Industry impact
  B. CVSS

  ---

  Explanation

  The Common Vulnerability Scoring System (CVSS) is a standardized metric used to assess the severity of vulnerabilities, aiding organizations in prioritizing their response based on risk.

  References:

  CompTIA Security+ SY0-701 Study Guide, Domain 2: Vulnerabilities, Section: "Vulnerability Prioritization and Metrics".

• Question 912:

  Which of the following can assist in recovering data if the decryption key is lost?

  A. CSR
  B. Salting
  C. Root of trust
  D. Escrow
  D. Escrow

  ---

  Explanation

  Key escrow is the process of storing encryption keys (or copies of them) with a trusted third party so data can be recovered if the primary decryption key is lost. In Security+ SY0-701, escrow is emphasized as a required safeguard for organizations that rely heavily on encryption, especially for regulated data or systems requiring guaranteed recoverability.

  A CSR (A) is a Certificate Signing Request and does not store keys. Salting (B) is used with hashing to prevent password attacks and does not assist in data recovery. A root of trust (C) ensures secure hardware initialization but does not store backup decryption keys.

  Key escrow directly addresses scenarios where encryption keys are misplaced, corrupted, deleted, or lost due to employee departure or system failure. Without escrow, encrypted data could become permanently inaccessible.

  Thus, the correct answer is Escrow, the only mechanism specifically designed to allow recovery when decryption keys are unavailable.

• Question 913:

  A technician needs to apply a high-priority patch to a production system.

  Which of the following steps should be taken first?

  A. Air gap the system.
  B. Move the system to a different network segment.
  C. Create a change control request.
  D. Apply the patch to the system.
  C. Create a change control request.

  ---

  Explanation

  A change control request is a document that describes the proposed change to a system, the reason for the change, the expected impact, the approval process, the testing plan, the implementation plan, the rollback plan, and the communication plan. A change control request is a best practice for applying any patch to a production system, especially a high-priority one, as it ensures that the change is authorized, documented, tested, and communicated. A change control request also minimizes the risk of unintended consequences, such as system downtime, data loss, or security breaches.

  References:

  CompTIA Security+ Study Guide with over 500 Practice Test Questions: Exam SY0-701, 9th Edition, Chapter 6, page 235. CompTIA Security+ SY0-701 Exam Objectives, Domain 4.1, page 13.

• Question 914:

  Which of the following describes the reason for using an MDM solution to prevent jailbreaking?

  A. To secure end-of-life devices from incompatible firmware updates
  B. To avoid hypervisor attacks through VM escape
  C. To eliminate buffer overflows at the application layer
  D. To prevent users from changing the OS of mobile devices
  D. To prevent users from changing the OS of mobile devices

• Question 915:

  A company prevented direct access from the database administrators' workstations to the network segment that contains database servers.

  Which of the following should a database administrator use to access the database servers?

  A. Jump server
  B. RADIUS
  C. HSM
  D. Load balancer
  A. Jump server

  ---

  Explanation

  A jump server is a device or virtual machine that acts as an intermediary between a user's workstation and a remote network segment. A jump server can be used to securely access servers or devices that are not directly reachable from the user's workstation, such as database servers. A jump server can also provide audit logs and access control for the remote connections. A jump server is also known as a jump box or a jump host. RADIUS is a protocol for authentication, authorization, and accounting of network access. RADIUS is not a device or a method to access remote servers, but rather a way to verify the identity and permissions of users or devices that request network access. HSM is an acronym for Hardware Security Module, which is a physical device that provides secure storage and generation of cryptographic keys. HSMs are used to protect sensitive data and applications, such as digital signatures, encryption, and authentication.

  HSMs are not used to access remote servers, but rather to enhance the security of the data and applications that reside on them. A load balancer is a device or software that distributes network traffic across multiple servers or devices, based on criteria such as availability, performance, or capacity. A load balancer can improve the scalability, reliability, and efficiency of network services, such as web servers, application servers, or database servers. A load balancer is not used to access remote servers, but rather to optimize the delivery of the services that run on them .

  References:

  How to access a remote server using a jump host Jump server RADIUS Remote Authentication Dial-In User Service (RADIUS) Hardware Security Module (HSM) [What is an HSM?] [Load balancing (computing)] [What is Load Balancing?]

• Question 916:

  A database administrator is updating the company's SQL database, which stores credit card information for pending purchases.

  Which of the following is the best method to secure the data against a potential breach?

  A. Hashing
  B. Obfuscation
  C. Tokenization
  D. Masking
  C. Tokenization

  ---

  Explanation

  Tokenization replaces sensitive data, like credit card information, with a unique identifier (token) that has no exploitable value outside of a specific context. This approach is widely used to secure payment card information and reduces the risk of exposure in case of a breach, as the actual credit card data is not stored in the database.

• Question 917:

  A security consultant is working with a client that wants to physically isolate its secure systems.

  Which of the following best describes this architecture?

  A. SDN
  B. Air gapped
  C. Containerized
  D. Highly available
  B. Air gapped

  ---

  Explanation

  An air-gapped system is physically isolated from any other network, meaning it has no direct or indirect connection to the internet or other networks. This architecture is commonly used to protect highly secure systems by ensuring that they are not accessible remotely, thus reducing the risk of unauthorized access or cyberattacks. This approach aligns with the client's goal of physically isolating its secure systems.

• Question 918:

  Which of the following provides the details about the terms of a test with a third-party penetration tester?

  A. Rules of engagement
  B. Supply chain analysis
  C. Right to audit clause
  D. Due diligence
  A. Rules of engagement

  ---

  Explanation

  Rules of engagement are the detailed guidelines and constraints regarding the execution of information security testing, such as penetration testing. They define the scope, objectives, methods, and boundaries of the test, as well as the roles and responsibilities of the testers and the clients. Rules of engagement help to ensure that the test is conducted in a legal, ethical, and professional manner, and that the results are accurate and reliable. Rules of engagement typically include the following elements: The type and scope of the test, such as black box, white box, or gray box, and the target systems, networks, applications, or data.

  The client contact details and the communication channels for reporting issues, incidents, or emergencies during the test.

  The testing team credentials and the authorized tools and techniques that they can use.

  The sensitive data handling and encryption requirements, such as how to store, transmit, or dispose of any data obtained during the test. The status meeting and report schedules, formats, and recipients, as well as the confidentiality and non-disclosure agreements for the test results. The timeline and duration of the test, and the hours of operation and testing windows. The professional and ethical behavior expectations for the testers, such as avoiding unnecessary damage, disruption, or disclosure of information. Supply chain analysis, right to audit clause, and due diligence are not related to the terms of a test with a third-party penetration tester. Supply chain analysis is the process of evaluating the security and risk posture of the suppliers and partners in a business network. Right to audit clause is a provision in a contract that gives one party the right to audit another party to verify their compliance with the contract terms and conditions. Due diligence is the process of identifying and addressing the cyber risks that a potential vendor or partner brings to an organization.

  References:

  https://www.yeahhub.com/every-penetration-tester-you-should-know-about-this-rules-of-engagement/

  https://bing.com/search?q=rules+of+engagement+penetration+testing

• Question 919:

  A software developer released a new application and is distributing application files via the developer's website.

  Which of the following should the developer post on the website to allow users to verify the integrity of the downloaded files?

  A. Hashes
  B. Certificates
  C. Algorithms
  D. Salting
  A. Hashes

• Question 920:

  Which of the following involves an attempt to take advantage of database misconfigurations?

  A. Buffer overflow
  B. SQL injection
  C. VM escape
  D. Memory injection
  B. SQL injection

  ---

  Explanation

  SQL injection is a type of attack that exploits a database misconfiguration or a flaw in the application code that interacts with the database. An attacker can inject malicious SQL statements into the user input fields or the URL parameters that are sent to the database server. These statements can then execute unauthorized commands, such as reading, modifying, deleting, or creating data, or even taking over the database server. SQL injection can compromise the confidentiality, integrity, and availability of the data and the system.

  References:

  CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 215