SY0-701: CompTIA Security+ 2023 Topic 3
Q81. Which of the following would be best suited for constantly changing environments?
A. RTOS
B. Containers
C. Embedded systems
D. SCADA
Hint answer: B
Q82. Security controls in a data center are being reviewed to ensure data is properly protected and that human life considerations are included. Which of the following best describes how the controls should be set up?
A. Remote access points should fail closed.
B. Logging controls should fail open.
C. Safety controls should fail open.
D. Logical security controls should fail closed.
Hint answer: C
Q83. A security analyst scans a company’s public network and discovers a host is running a remote desktop that can be used to access the production network. Which of the following changes should the security analyst recommend?
A. Changing the remote desktop port to a non-standard number
B. Setting up a VPN and placing the jump server inside the firewall
C. Using a proxy for web connections from the remote desktop server
D. Connecting the remote server to the domain and increasing the password length
Hint answer: B
Q84. During the onboarding process, an employee needs to create a password for an intranet account. The password must include ten characters, numbers, and letters, and two special characters. Once the password is created, the company will grant the employee access to other company-owned websites based on the intranet profile. Which of the following access management concepts is the company most likely using to safeguard intranet accounts and grant access to multiple sites based on a user’s intranet account? (Choose two.)
A. Federation
B. Identity proofing
C. Password complexity
D. Default password changes
E. Password manager
F. Open authentication
Hint answer: A
Q85. The local administrator account for a company’s VPN appliance was unexpectedly used to log in to the remote management interface. Which of the following would have most likely prevented this from happening?
A. Using least privilege
B. Changing the default password
C. Assigning individual user IDs
D. Reviewing logs more frequently
Hint answer: B
Q86. HOTSPOT –
Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation.
INSTRUCTIONS –
Not all attacks and remediation actions will be used.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Q87. Which of the following is the most likely to be included as an element of communication in a security awareness program?
A. Reporting phishing attempts or other suspicious activities
B. Detecting insider threats using anomalous behavior recognition
C. Verifying information when modifying wire transfer data
D. Performing social engineering as part of third-party penetration testing
Hint answer: A
Q88. Which of the following can best protect against an employee inadvertently installing malware on a company system?
A. Host-based firewall
B. System isolation
C. Least privilege
D. Application allow list
Hint answer: D
Q89. A company is working with a vendor to perform a penetration test. Which of the following includes an estimate about the number of hours required to complete the engagement?
A. SOW
B. BPA
C. SLA
D. NDA
Hint answer: A
Q90. Which of the following vulnerabilities is exploited when an attacker overwrites a register with a malicious address?
A. VM escape
B. SQL injection
C. Buffer overflow
D. Race condition
Hint answer: C
Q91. After a company was compromised, customers initiated a lawsuit. The company’s attorneys have requested that the security team initiate a legal hold in response to the lawsuit. Which of the following describes the action the security team will most likely be required to take?
A. Retain the emails between the security team and affected customers for 30 days.
B. Retain any communications related to the security breach until further notice.
C. Retain any communications between security members during the breach response.
D. Retain all emails from the company to affected customers for an indefinite period of time.
Hint answer: B
Q92. A network manager wants to protect the company’s VPN by implementing multifactor authentication that uses:
Something you know –
Something you have –
Something you are –
Which of the following would accomplish the manager’s goal?
A. Domain name, PKI, GeoIP lookup
B. VPN IP address, company ID, facial structure
C. Password, authentication token, thumbprint
D. Company URL, TLS certificate, home address
Hint answer: C
Q93. A legacy device is being decommissioned and is no longer receiving updates or patches. Which of the following describes this scenario?
A. End of business
B. End of testing
C. End of support
D. End of life
Hint answer: D
Q94. A company is planning a disaster recovery site and needs to ensure that a single natural disaster would not result in the complete loss of regulated backup data. Which of the following should the company consider?
A. Geographic dispersion
B. Platform diversity
C. Hot site
D. Load balancing
Hint answer: A
Q95. A client demands at least 99.99% uptime from a service provider’s hosted security services. Which of the following documents includes the information the service provider should return to the client?
A. MOA
B. SOW
C. MOU
D. SLA
Hint answer: D
Q96. Which of the following best ensures minimal downtime and data loss for organizations with critical computing equipment located in earthquake-prone areas?
A. Generators and UPS
B. Off-site replication
C. Redundant cold sites
D. High availability networking
Hint answer: B
Q97. Which of the following exercises should an organization use to improve its incident response process?
A. Tabletop
B. Replication
C. Failover
D. Recovery
Hint answer: A
Q98. After a recent ransomware attack on a company’s system, an administrator reviewed the log files. Which of the following control types did the administrator use?
A. Compensating
B. Detective
C. Preventive
D. Corrective
Hint answer: B
Q99. A company is required to perform a risk assessment on an annual basis. Which of the following types of risk assessments does this requirement describe?
A. Continuous
B. Ad hoc
C. Recurring
D. One time
Hint answer: C
Q100. Which of the following is the best reason to complete an audit in a banking environment?
A. Regulatory requirement
B. Organizational change
C. Self-assessment requirement
D. Service-level requirement
Hint answer: A
Q101. Malware spread across a company’s network after an employee visited a compromised industry blog. Which of the following best describes this type of attack?
A. Impersonation
B. Disinformation
C. Watering-hole
D. Smishing
Hint answer: C
Q102. Which of the following would be the best ways to ensure only authorized personnel can access a secure facility? (Choose two.)
A. Fencing
B. Video surveillance
C. Badge access
D. Access control vestibule
E. Sign-in sheet
F. Sensor
Hint answer: C D
Q103. Which of the following practices would be best to prevent an insider from introducing malicious code into a company’s development process?
A. Code scanning for vulnerabilities
B. Open-source component usage
C. Quality assurance testing
D. Peer review and approval
Hint answer: D
Q104. An administrator assists the legal and compliance team with ensuring information about customer transactions is archived for the proper time period. Which of the following data policies is the administrator carrying out?
A. Compromise
B. Retention
C. Analysis
D. Transfer
E. Inventory
Hint answer: B
Q105. A security administrator is deploying a DLP solution to prevent the exfiltration of sensitive customer data. Which of the following should the administrator do first?
A. Block access to cloud storage websites.
B. Create a rule to block outgoing email attachments.
C. Apply classifications to the data.
D. Remove all user permissions from shares on the file server.
Hint answer: C
Q106. Which of the following should a systems administrator use to ensure an easy deployment of resources within the cloud provider?
A. Software as a service
B. Infrastructure as code
C. Internet of Things
D. Software-defined networking
Hint answer: B
Q107. An administrator assists the legal and compliance team with ensuring information about customer transactions is archived for the proper time period. Which of the following data policies is the administrator carrying out?
A. Compromise
B. Retention
C. Analysis
D. Transfer
E. Inventory
Hint answer: B
Q108. A security administrator is deploying a DLP solution to prevent the exfiltration of sensitive customer data. Which of the following should the administrator do first?
A. Block access to cloud storage websites.
B. Create a rule to block outgoing email attachments.
C. Apply classifications to the data.
D. Remove all user permissions from shares on the file server.
Hint answer: C
Q109. Which of the following should a systems administrator use to ensure an easy deployment of resources within the cloud provider?
A. Software as a service
B. Infrastructure as code
C. Internet of Things
D. Software-defined networking
Hint answer: B
Q110. A security consultant needs secure, remote access to a client environment. Which of the following should the security consultant most likely use to gain access?
A. EAP
B. DHCP
C. IPSec
D. NAT
Hint answer: C
Q111. Which of the following vulnerabilities is associated with installing software outside of a manufacturer’s approved software repository?
A. Jailbreaking
B. Memory injection
C. Resource reuse
D. Side loading
Hint answer: D
Q112. A company prevented direct access from the database administrators’ workstations to the network segment that contains database servers. Which of the following should a database administrator use to access the database servers?
A. Jump server
B. RADIUS
C. HSM
D. Load balancer
Hint answer: A
Q113. A company is concerned about weather events causing damage to the server room and downtime. Which of the following should the company consider?
A. Clustering servers
B. Geographic dispersion
C. Load balancers
D. Off-site backups
Hint answer: B
Q114. An organization recently updated its security policy to include the following statement:
Regular expressions are included in source code to remove special characters such as $, |, ;. &, `, and ? from variables set by forms in a web application.
Which of the following best explains the security technique the organization adopted by making this addition to the policy?
A. Identify embedded keys
B. Code debugging
C. Input validation
D. Static code analysis
Hint answer: C
Q115. Which of the following tools can assist with detecting an employee who has accidentally emailed a file containing a customer’s PII?
A. SCAP
B. NetFlow
C. Antivirus
D. DLP
Hint answer: D
Q116. Which of the following allows for the attribution of messages to individuals?
A. Adaptive identity
B. Non-repudiation
C. Authentication
D. Access logs
Hint answer: B
Q117. Which of the following can be used to identify potential attacker activities without affecting production servers?
A. Honeypot
B. Video surveillance
C. Zero Trust
D. Geofencing
Hint answer: A
Q118. Which of the following would be the best way to block unknown programs from executing?
A. Access control list
B. Application allow list
C. Host-based firewall
D. DLP solution
Hint answer: B
Q119. Which of the following threat actors is the most likely to be motivated by profit?
A. Hacktivist
B. Insider threat
C. Organized crime
D. Shadow IT
Hint answer: C
Q120. A network administrator is working on a project to deploy a load balancer in the company’s cloud environment. Which of the following fundamental security requirements does this project fulfil?
A. Privacy
B. Integrity
C. Confidentiality
D. Availability
Hint answer: D
