Valentine Day Sale Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 2493360325

Good News !!! SY0-701 CompTIA Security+ Exam 2024 is now Stable and With Pass Result

SY0-701 Practice Exam Questions and Answers

CompTIA Security+ Exam 2024

Last Update 4 days ago
Total Questions : 171

SY0-701 is stable now with all latest exam questions are added 4 days ago. Just download our Full package and start your journey with CompTIA Security+ Exam 2024 certification. All these CompTIA SY0-701 practice exam questions are real and verified by our Experts in the related industry fields.

SY0-701 PDF

SY0-701 PDF (Printable)
$48
$119.99

SY0-701 Testing Engine

SY0-701 PDF (Printable)
$56
$139.99

SY0-701 PDF + Testing Engine

SY0-701 PDF (Printable)
$70.8
$176.99
Question # 1

While troubleshooting a firewall configuration, a technician determines that a “deny any” policy should be added to the bottom of the ACL. The technician updates the policy, but the new policy causes several company servers to become unreachable.

Which of the following actions would prevent this issue?

Options:

A.  

Documenting the new policy in a change request and submitting the request to change management

B.  

Testing the policy in a non-production environment before enabling the policy in the production network

C.  

Disabling any intrusion prevention signatures on the 'deny any* policy prior to enabling the new policy

D.  

Including an 'allow any1 policy above the 'deny any* policy

Discussion 0
Question # 2

An employee receives a text message that appears to have been sent by the payroll department and is asking for credential verification. Which of the following social engineering techniques are being attempted? (Choose two.)

Options:

A.  

Typosquatting

B.  

Phishing

C.  

Impersonation

D.  

Vishing

E.  

Smishing

F.  

Misinformation

Discussion 0
Question # 3

A security analyst is reviewing alerts in the SIEM related to potential malicious network traffic coming from an employee’s corporate laptop. The security analyst has determined that additional data about the executable running on the machine is necessary to continue the investigation. Which of the following logs should the analyst use as a data source?

Options:

A.  

Application

B.  

IPS/IDS

C.  

Network

D.  

Endpoint

Discussion 0
Question # 4

A company prevented direct access from the database administrators’ workstations to the network segment that contains database servers. Which of the following should a database administrator use to access the database servers?

Options:

A.  

Jump server

B.  

RADIUS

C.  

HSM

D.  

Load balancer

Discussion 0
Question # 5

Which of the following allows for the attribution of messages to individuals?

Options:

A.  

Adaptive identity

B.  

Non-repudiation

C.  

Authentication

D.  

Access logs

Discussion 0
Question # 6

The management team notices that new accounts that are set up manually do not always have correct access or permissions.

Which of the following automation techniques should a systems administrator use to streamline account creation?

Options:

A.  

Guard rail script

B.  

Ticketing workflow

C.  

Escalation script

D.  

User provisioning script

Discussion 0
Question # 7

Which of the following is the most likely outcome if a large bank fails an internal PCI DSS compliance assessment?

Options:

A.  

Fines

B.  

Audit findings

C.  

Sanctions

D.  

Reputation damage

Discussion 0
Question # 8

A security analyst reviews domain activity logs and notices the following:

Question # 8

Which of the following is the best explanation for what the security analyst has discovered?

Options:

A.  

The user jsmith's account has been locked out.

B.  

A keylogger is installed on [smith's workstation

C.  

An attacker is attempting to brute force ismith's account.

D.  

Ransomware has been deployed in the domain.

Discussion 0
Question # 9

During a security incident, the security operations team identified sustained network traffic from a malicious IP address:

10.1.4.9. A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization’s network. Which of the following fulfills this request?

Options:

A.  

access-list inbound deny ig source 0.0.0.0/0 destination 10.1.4.9/32

B.  

access-list inbound deny ig source 10.1.4.9/32 destination 0.0.0.0/0

C.  

access-list inbound permit ig source 10.1.4.9/32 destination 0.0.0.0/0

D.  

access-list inbound permit ig source 0.0.0.0/0 destination 10.1.4.9/32

Discussion 0
Question # 10

Which of the following enables the use of an input field to run commands that can view or manipulate data?

Options:

A.  

Cross-site scripting

B.  

Side loading

C.  

Buffer overflow

D.  

SQL injection

Discussion 0
Question # 11

A security administrator would like to protect data on employees’ laptops. Which of the following encryption techniques should the security administrator use?

Options:

A.  

Partition

B.  

Asymmetric

C.  

Full disk

D.  

Database

Discussion 0
Question # 12

A company is developing a business continuity strategy and needs to determine how many staff members would be required to sustain the business in the case of a disruption. Which of the following best describes this step?

Options:

A.  

Capacity planning

B.  

Redundancy

C.  

Geographic dispersion

D.  

Tablet exercise

Discussion 0
Question # 13

A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?

Options:

A.  

Accept

B.  

Transfer

C.  

Mitigate

D.  

Avoid

Discussion 0
Question # 14

You are security administrator investigating a potential infection on a network.

Click on each host and firewall. Review all logs to determine which host originated the Infecton and then deny each remaining hosts clean or infected.

Question # 14

Question # 14

Question # 14

Question # 14

Question # 14

Question # 14

Question # 14

Options:

Discussion 0
Question # 15

Which of the following describes the reason root cause analysis should be conducted as part of incident response?

Options:

A.  

To gather loCs for the investigation

B.  

To discover which systems have been affected

C.  

To eradicate any trace of malware on the network

D.  

To prevent future incidents of the same nature

Discussion 0
Question # 16

A company’s legal department drafted sensitive documents in a SaaS application and wants to ensure the documents cannot be accessed by individuals in high-risk countries. Which of the following is the most effective way to limit this access?

Options:

A.  

Data masking

B.  

Encryption

C.  

Geolocation policy

D.  

Data sovereignty regulation

Discussion 0
Question # 17

Which of the following must be considered when designing a high-availability network? (Choose two).

Options:

A.  

Ease of recovery

B.  

Ability to patch

C.  

Physical isolation

D.  

Responsiveness

E.  

Attack surface

F.  

Extensible authentication

Discussion 0
Question # 18

An engineer needs to find a solution that creates an added layer of security by preventing unauthorized access to internal company resources. Which of the following would be the best solution?

Options:

A.  

RDP server

B.  

Jump server

C.  

Proxy server

D.  

Hypervisor

Discussion 0
Question # 19

An IT manager informs the entire help desk staff that only the IT manager and the help desk lead will have access to the administrator console of the help desk software. Which of the following security techniques is the IT manager setting up?

Options:

A.  

Hardening

B.  

Employee monitoring

C.  

Configuration enforcement

D.  

Least privilege

Discussion 0
Question # 20

Which of the following is the most likely to be used to document risks, responsible parties, and thresholds?

Options:

A.  

Risk tolerance

B.  

Risk transfer

C.  

Risk register

D.  

Risk analysis

Discussion 0
Question # 21

A company requires hard drives to be securely wiped before sending decommissioned systems to recycling. Which of the following best describes this policy?

Options:

A.  

Enumeration

B.  

Sanitization

C.  

Destruction

D.  

Inventory

Discussion 0
Question # 22

A company’s web filter is configured to scan the URL for strings and deny access when matches are found. Which of the following search strings should an analyst employ to prohibit access to non-encrypted websites?

Options:

A.  

encryption=off\

B.  

http://

C.  

www.*.com

D.  

:443

Discussion 0
Question # 23

An analyst is evaluating the implementation of Zero Trust principles within the data plane. Which of the following would be most relevant for the analyst to evaluate?

Options:

A.  

Secured zones

B.  

Subject role

C.  

Adaptive identity

D.  

Threat scope reduction

Discussion 0
Get SY0-701 dumps and pass your exam in 24 hours!

Free Exams Sample Questions