SY0-701 Dumps Questions - Effective Way to Get Certified

SY0-701 Dumps Questions – Effective Way to Get Certified

Category:

Comments:

0 Comments

Post Date:

December 9, 2023

If you're in the field of CompTIA, you know how important it is to stay up-to-date with the latest knowledge and skills to protect your organization's networks and data. One way to do that is by obtaining CompTIA Security+, specifically the SY0-701 exam. While preparing for the SY0-701 exam, you might consider using SY0-701 dumps to help you familiarize yourself with the exam format and content. These SY0-701 exam dumps questions can be an effective way to gauge your knowledge and identify areas where you may need additional study. Study online free SY0-701 exam dumps below.

Page 1 of 11

1. A company is implementing a vendor's security tool in the cloud. The security director does not want to manage users and passwords specific to this tool but would rather utilize the company's standard user directory.

Which of the following should the company implement?

802.1X

SAML

RADIUS

CHAP

2. A newly identified network access vulnerability has been found in the OS of legacy loT devices.

Which of the following would best mitigate this vulnerability quickly?

Insurance

Patching

Segmentation

Replacement

3. The CIRT is reviewing an incident that involved a human resources recruiter exfiltration sensitive company data. The CIRT found that the recruiter was able to use HTTP over port 53 to upload documents to a web server.

Which of the following security infrastructure devices could have identified and blocked this activity?

WAF utilizing SSL decryption

NGFW utilizing application inspection

UTM utilizing a threat feed

SD-WAN utilizing IPSec

4. An analyst is evaluating the implementation of Zero Trust principles within the data plane.

Which of the following would be most relevant for the analyst to evaluate?

Secured zones

Subject role

Adaptive identity

Threat scope reduction

5. The management team notices that new accounts that are set up manually do not always have correct access or permissions.

Which of the following automation techniques should a systems administrator use to streamline account creation?

Guard rail script

Ticketing workflow

Escalation script

User provisioning script

6. Which of the following describes an executive team that is meeting in a board room and testing the company's incident response plan?

Continuity of operations

Capacity planning

Tabletop exercise

Parallel processing

7. An analyst is evaluating the implementation of Zero Trust principles within the data plane.

Which of the following would be most relevant for the analyst to evaluate?

Secured zones

Subject role

Adaptive identity

Threat scope reduction

8. A cybersecurity incident response team at a large company receives notification that malware is present on several corporate desktops No known Indicators of compromise have been found on the network.

Which of the following should the team do first to secure the environment?

Contain the Impacted hosts

Add the malware to the application blocklist.

Segment the core database server.

Implement firewall rules to block outbound beaconing

9. The local administrator account for a company's VPN appliance was unexpectedly used to log in to the remote management interface.

Which of the following would have most likely prevented this from happening'?

Using least privilege

Changing the default password

Assigning individual user IDs

Reviewing logs more frequently

10. Users at a company are reporting they are unable to access the URL for a new retail website because it is flagged as gambling and is being blocked.

Which of the following changes would allow users to access the site?

Creating a firewall rule to allow HTTPS traffic

Configuring the IPS to allow shopping

Tuning the DLP rule that detects credit card data

Updating the categorization in the content filter

Page 2 of 11

11. Which of the following is the phase in the incident response process when a security analyst reviews roles and responsibilities?

Preparation

Recovery

Lessons learned

Analysis

12. After a company was compromised, customers initiated a lawsuit. The company's attorneys have requested that the security team initiate a legal hold in response to the lawsuit.

Which of the following describes the action the security team will most likely be required to take?

Retain the emails between the security team and affected customers for 30 days.

Retain any communications related to the security breach until further notice.

Retain any communications between security members during the breach response.

Retain all emails from the company to affected customers for an indefinite period of time.

13. A company most likely is developing a critical system for the government and storing project information on a fileshare.

Which of the following describes how this data will be classified? (Select two).

Private

Confidential

Public

Operational

Urgent

Restricted

14. A client demands at least 99.99% uptime from a service provider's hosted security services.

Which of the following documents includes the information the service provider should return to the client?

MOA

SOW

MOU

SLA

15. Which of the following agreement types defines the time frame in which a vendor needs to respond?

SOW

SLA

MOA

MOU

16. The Cruel Information Security Officer (CISO) asks a security analyst to install an OS update to a production VM that has a 99% uptime SL

A. The CISO tells me analyst the installation must be done as quickly as possible.

Which of the following courses of action should the security analyst take first?

A. Log in to the server and perform a health check on the VM.

B. Install the patch Immediately.

C. Confirm that the backup service is running.

D. Take a snapshot of the VM.

17. The application development teams have been asked to answer the following questions:

• Does this application receive patches from an external source?

• Does this application contain open-source code?

• is this application accessible by external users?

• Does this application meet the corporate password standard?

Which of the following are these questions port of?

Risk control self-assessment

Risk management strategy

Risk acceptance

Risk matrix

18. The marketing department set up its own project management software without telling the appropriate departments.

Which of the following describes this scenario?

Shadow IT

Insider threat

Data exfiltration

Service disruption

19. A systems administrator receives the following alert from a file integrity monitoring tool:

The hash of the cmd.exe file has changed.

The systems administrator checks the OS logs and notices that no patches were applied in the last two months.

Which of the following most likely occurred?

The end user changed the file permissions.

A cryptographic collision was detected.

A snapshot of the file system was taken.

A rootkit was deployed.

20. A company is expanding its threat surface program and allowing individuals to security test the company’s internet-facing application. The company will compensate researchers based on the vulnerabilities discovered.

Which of the following best describes the program the company is setting up?

Open-source intelligence

Bug bounty

Red team

Penetration testing

Page 3 of 11

21. After conducting a vulnerability scan, a systems administrator notices that one of the identified vulnerabilities is not present on the systems that were scanned.

Which of the following describes this example?

False positive

False negative

True positive

True negative

22. A security analyst is reviewing the source code of an application in order to identify misconfigurations and vulnerabilities.

Which of the following kinds of analysis best describes this review?

Dynamic

Static

Gap

Impact

23. A security analyst developed a script to automate a trivial and repeatable task.

Which of the following best describes the benefits of ensuring other team members understand how the script works?

To reduce implementation cost

To identify complexity

To remediate technical debt

To prevent a single point of failure

24. Which of the following best describe why a process would require a two-person integrity security control?

To Increase the chance that the activity will be completed in half of the time the process would take only one user to complete

To permit two users from another department to observe the activity that is being performed by an authorized user

To reduce the risk that the procedures are performed incorrectly or by an unauthorized user

To allow one person to perform the activity while being recorded on the CCTV camera

25. An IT security team is concerned about the confidentiality of documents left unattended in MFPs.

Which of the following should the security team do to mitigate the situation?

Educate users about the importance of paper shredder devices.

Deploy an authentication factor that requires ln-person action before printing.

Install a software client m every computer authorized to use the MFPs.

Update the management software to utilize encryption.

26. A security engineer is working to address the growing risks that shadow IT services are introducing to the organization. The organization has taken a cloud-first approach end does not have an on-premises IT infrastructure.

Which of the following would best secure the organization?

Upgrading to a next-generation firewall

Deploying an appropriate in-line CASB solution

Conducting user training on software policies

Configuring double key encryption in SaaS platforms

27. An employee in the accounting department receives an email containing a demand for payment tot services performed by a vendor However, the vendor is not in the vendor management database.

Which of the following in this scenario an example of?

Pretexting

Impersonation

Ransomware

Invoice scam

28. An administrator needs to perform server hardening before deployment.

Which of the following steps should the administrator take? (Select two).

Disable default accounts.

Add the server to the asset inventory.

Remove unnecessary services.

Document default passwords.

Send server logs to the SIE

Join the server to the corporate domain.

29. Which of the following should a systems administrator use to ensure an easy deployment of resources within the cloud provider?

Software as a service

Infrastructure as code

Internet of Things

Software-defined networking

30. A software developer would like to ensure. The source code cannot be reverse engineered or debugged.

Which of the following should the developer consider?

Version control

Obfuscation toolkit

Code reuse

Continuous integration

Stored procedures

Page 4 of 11

31. Which of the following is a primary security concern for a company setting up a BYOD program?

End of life

Buffer overflow

VM escape

Jailbreaking

32. Which of the following is the final step of the modem response process?

Lessons learned

Eradication

Containment

Recovery

33. Client files can only be accessed by employees who need to know the information and have specified roles in the company.

Which of the following best describes this security concept?

Availability

Confidentiality

Integrity

Non-repudiation

34. Which of the following actions could a security engineer take to ensure workstations and servers are properly monitored for unauthorized changes and software?

Configure all systems to log scheduled tasks.

Collect and monitor all traffic exiting the network.

Block traffic based on known malicious signatures.

Install endpoint management software on all systems.

35. Which of the following scenarios describes a possible business email compromise attack?

An employee receives a gift card request in an email that has an executive's name in the display field of the email.

Employees who open an email attachment receive messages demanding payment in order to access files.

A service desk employee receives an email from the HR director asking for log-in credentials to a cloud administrator account.

An employee receives an email with a link to a phishing site that is designed to look like the company's email portal.

36. A user would like to install software and features that are not available with a smartphone's default software.

Which of the following would allow the user to install unauthorized software and enable new features?

SOU

Cross-site scripting

Jailbreaking

Side loading

37. A systems administrator notices that one of the systems critical for processing customer transactions is running an end-of-life operating system.

Which of the following techniques would increase enterprise security?

Installing HIDS on the system

Placing the system in an isolated VLAN

Decommissioning the system

Encrypting the system's hard drive

38. A security analyst locates a potentially malicious video file on a server and needs to identify both the creation date and the file's creator.

Which of the following actions would most likely give the security analyst the information required?

Obtain the file's SHA-256 hash.

Use hexdump on the file's contents.

Check endpoint logs.

Query the file's metadata.

39. A company is currently utilizing usernames and passwords, and it wants to integrate an MFA method that is seamless, can Integrate easily into a user's workflow, and can utilize employee-owned devices.

Which of the following will meet these requirements?

Push notifications

Phone call

Smart card

Offline backup codes

40. Which of the following enables the use of an input field to run commands that can view or manipulate data?

Cross-site scripting

Side loading

Buffer overflow

SQL injection

Page 5 of 11

41. Which of the following allows for the attribution of messages to individuals?

Adaptive identity

Non-repudiation

Authentication

Access logs

42. Which of the following data roles is responsible for identifying risks and appropriate access to data?

Owner

Custodian

Steward

Controller

43. Which of the following is a hardware-specific vulnerability?

Firmware version

Buffer overflow

SQL injection

Cross-site scripting

44. Which of the following best describes configuring devices to log to an off-site location for possible future reference?

Log aggregation

DLP

Archiving

SCAP

45. A systems administrator is auditing all company servers to ensure. They meet the minimum security baseline While auditing a Linux server, the systems administrator observes the /etc/shadow file has permissions beyond the baseline recommendation.

Which of the following commands should the systems administrator use to resolve this issue?

chmod

grep

passwd

46. Which of the following would be the best ways to ensure only authorized personnel can access a secure facility? (Select two).

Fencing

Video surveillance

Badge access

Access control vestibule

Sign-in sheet

Sensor

47. A small business uses kiosks on the sales floor to display product information for customers. A security team discovers the kiosks use end-of-life operating systems.

Which of the following is the security team most likely to document as a security implication of the current architecture?

Patch availability

Product software compatibility

Ease of recovery

Cost of replacement

48. Which of the following is the most common data loss path for an air-gapped network?

Bastion host

Unsecured Bluetooth

Unpatched OS

Removable devices

49. A bank set up a new server that contains customers' Pll.

Which of the following should the bank use to make sure the sensitive data is not modified?

Full disk encryption

Network access control

File integrity monitoring

User behavior analytics

50. During a security incident, the security operations team identified sustained network traffic from a malicious IP address: 10.1.4.9. A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization’s network.

Which of the following fulfills this request?

access-list inbound deny ig source 0.0.0.0/0 destination 10.1.4.9/32

access-list inbound deny ig source 10.1.4.9/32 destination 0.0.0.0/0

access-list inbound permit ig source 10.1.4.9/32 destination 0.0.0.0/0

access-list inbound permit ig source 0.0.0.0/0 destination 10.1.4.9/32

Page 6 of 11

51. A newly appointed board member with cybersecurity knowledge wants the board of directors to receive a quarterly report detailing the number of incidents that impacted the organization. The systems administrator is creating a way to present the data to the board of directors.

Which of the following should the systems administrator use?

Packet captures

Vulnerability scans

Metadata

Dashboard

52. An organization recently updated its security policy to include the following statement:

Regular expressions are included in source code to remove special characters such as $, |, ;. &, `, and ? from variables set by forms in a web application.

Which of the following best explains the security technique the organization adopted by making this addition to the policy?

Identify embedded keys

Code debugging

Input validation

Static code analysis

53. Which of the following describes the reason root cause analysis should be conducted as part of incident response?

To gather loCs for the investigation

To discover which systems have been affected

To eradicate any trace of malware on the network

To prevent future incidents of the same nature

54. After performing an assessment, an analyst wants to provide a risk rating for the findings.

Which of the following concepts should most likely be considered when calculating the ratings?

Owners and thresholds

Impact and likelihood

Appetite and tolerance

Probability and exposure factor

55. A network administrator is working on a project to deploy a load balancer in the company's cloud environment.

Which of the following fundamental security requirements does this project fulfill?

Privacy

Integrity

Confidentiality

Availability

56. A security analyst scans a company's public network and discovers a host is running a remote desktop that can be used to access the production network.

Which of the following changes should the security analyst recommend?

Changing the remote desktop port to a non-standard number

Setting up a VPN and placing the jump server inside the firewall

Using a proxy for web connections from the remote desktop server

Connecting the remote server to the domain and increasing the password length

57. During the onboarding process, an employee needs to create a password for an intranet account. The password must include ten characters, numbers, and letters, and two special characters. Once the password is created, the company will grant the employee access to other company-owned websites based on the intranet profile.

Which of the following access management concepts is the company most likely using to safeguard intranet accounts and grant access to multiple sites based on a user's intranet account? (Select two).

Federation

Identity proofing

Password complexity

Default password changes

Password manager

Open authentication

58. Cadets speaking a foreign language are using company phone numbers to make unsolicited phone calls lo a partner organization. A security analyst validates through phone system logs that the calls are occurring and the numbers are not being spoofed.

Which of the following is the most likely explanation?

The executive team is traveling internationally and trying to avoid roaming charges

The company's SIP server security settings are weak.

Disgruntled employees are making calls to the partner organization.

The service provider has assigned multiple companies the same numbers

59. A user is attempting to patch a critical system, but the patch fails to transfer.

Which of the following access controls is most likely inhibiting the transfer?

Attribute-based

Time of day

Role-based

Least privilege

60. Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?

Compensating control

Network segmentation

Transfer of risk

SNMP traps

Page 7 of 11

61. Which of the following is most likely associated with introducing vulnerabilities on a corporate network by the deployment of unapproved software?

Hacktivists

Script kiddies

Competitors

Shadow IT

62. A company is planning to set up a SIEM system and assign an analyst to review the logs on a weekly basis Which of the following types of controls is the company setting up?

Corrective

Preventive

Detective

Deterrent

63. An engineer moved to another team and is unable to access the new team's shared folders while still being able to access the shared folders from the former team. After opening a ticket, the engineer discovers that the account was never moved to the new group.

Which of the following access controls is most likely causing the lack of access?

Role-based

Discretionary

Time of day

Least privilege

64. An organization is building a new backup data center with cost-benefit as the primary requirement and RTO and RPO values around two days.

Which of the following types of sites is the best for this scenario?

Real-time recovery

Hot

Cold

Warm

65. A software developer released a new application and is distributing application files via the developer's website.

Which of the following should the developer post on the website to allow users to verify the integrity of the downloaded files?

Hashes

Certificates

Algorithms

Salting

66. A security analyst and the management team are reviewing the organizational performance of a recent phishing campaign. The user click-through rate exceeded the acceptable risk threshold, and the management team wants to reduce the impact when a user clicks on a link in a phishing message.

Which of the following should the analyst do?

Place posters around the office to raise awareness of common phishing activities.

Implement email security filters to prevent phishing emails from being delivered

Update the EDR policies to block automatic execution of downloaded programs.

Create additional training for users to recognize the signs of phishing attempts.

67. SIMULATION

A systems administrator is configuring a site-to-site VPN between two branch offices. Some of the settings have already been configured correctly.

The systems administrator has been provided the following requirements as part of completing the configuration:

• Most secure algorithms should be selected

• All traffic should be encrypted over the VPN

• A secret password will be used to authenticate the two VPN concentrators

68. While investigating a recent security breach an analyst finds that an attacker gained access by SOL infection through a company website.

Which of the following should the analyst recommend to the website developers to prevent this from reoccurring?

Secure cookies

Input sanitization

Code signing

Blocklist

69. The security operations center is researching an event concerning a suspicious IP address A security analyst looks at the following event logs and discovers that a significant portion of the user accounts have experienced faded log-In attempts when authenticating from the same IP address:

Which of the following most likely describes attack that took place?

Spraying

Brute-force

Dictionary

Rainbow table

70. A security administrator would like to protect data on employees’ laptops.

Which of the following encryption techniques should the security administrator use?

Partition

Asymmetric

Full disk

Database

Page 8 of 11

71. Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?

Integrity

Availability

Confidentiality

Non-repudiation

72. A spoofed identity was detected for a digital certificate.

Which of the following are the type of unidentified key and the certificate mat could be in use on the company domain?

Private key and root certificate

Public key and expired certificate

Private key and self-signed certificate

Public key and wildcard certificate

73. A hacker gained access to a system via a phishing attempt that was a direct result of a user clicking a suspicious link. The link laterally deployed ransomware, which laid dormant for multiple weeks, across the network.

Which of the following would have mitigated the spread?

IPS

IDS

WAF

UAT

74. Which of the following would be the best way to handle a critical business application that is running on a legacy server?

Segmentation

Isolation

Hardening

Decommissioning

75. In order to strengthen a password and prevent a hacker from cracking it, a random string of 36 characters was added to the password.

Which of the following best describes this technique?

Key stretching

Tokenization

Data masking

Salting

76. Which of the following describes the maximum allowance of accepted risk?

Risk indicator

Risk level

Risk score

Risk threshold

77. A security analyst reviews domain activity logs and notices the following:

Which of the following is the best explanation for what the security analyst has discovered?

The user jsmith's account has been locked out.

A keylogger is installed on [smith's workstation

An attacker is attempting to brute force ismith's account.

Ransomware has been deployed in the domain.

78. A security administrator is configuring fileshares. The administrator removed the default permissions and added permissions for only users who will need to access the fileshares as part of their job duties.

Which of the following best describes why the administrator performed these actions?

Encryption standard compliance

Data replication requirements

Least privilege

Access control monitoring

79. An organization wants a third-party vendor to do a penetration test that targets a specific device. The organization has provided basic information about the device.

Which of the following best describes this kind of penetration test?

Partially known environment

Unknown environment

Integrated

Known environment

80. Visitors to a secured facility are required to check in with a photo ID and enter the facility through an access control vestibule.

Which of the following but describes this form of security control?

Physical

Managerial

Technical

Operational

Page 9 of 11

81. A company is utilizing an offshore team to help support the finance department. The company wants to keep the data secure by keeping it on a company device but does not want to provide equipment to the offshore team.

Which of the following should the company implement to meet this requirement?

VDI

MDM

VPN

VPC

82. Which of the following threat vectors is most commonly utilized by insider threat actors attempting data exfiltration?

Unidentified removable devices

Default network device credentials

Spear phishing emails

Impersonation of business units through typo squatting

83. Which of the following best describe a penetration test that resembles an actual external attach?

Known environment

Partially known environment

Bug bounty

Unknown environment

84. An administrator has identified and fingerprinted specific files that will generate an alert if an attempt is made to email these files outside of the organization.

Which of the following best describes the tool the administrator is using?

DLP

SNMP traps

SCAP

IPS

85. An employee receives a text message from an unknown number claiming to be the company's Chief Executive Officer and asking the employee to purchase several gift cards.

Which of the following types of attacks does this describe?

Vishing

Smishing

Pretexting

Phishing

86. A security administrator needs a method to secure data in an environment that includes some form of checks so that the administrator can track any changes.

Which of the following should the administrator set up to achieve this goal?

SPF

GPO

NAC

FIM

87. A bank insists all of its vendors must prevent data loss on stolen laptops.

Which of the following strategies is the bank requiring?

Encryption at rest

Masking

Data classification

Permission restrictions

88. Which of the following practices would be best to prevent an insider from introducing malicious code into a company's development process?

Code scanning for vulnerabilities

Open-source component usage

Quality assurance testing

Peer review and approval

89. A business needs a recovery site but does not require immediate failover. The business also wants to reduce the workload required to recover from an outage.

Which of the following recovery sites is the best option?

Hot

Cold

Warm

Geographically dispersed

90. An administrator discovers that some files on a database server were recently encrypted. The administrator sees from the security logs that the data was last accessed by a domain user.

Which of the following best describes the type of attack that occurred?

Insider threat

Social engineering

Watering-hole

Unauthorized attacker

Page 10 of 11

91. Which of the following best represents an application that does not have an on-premises requirement and is accessible from anywhere?

Pass

Hybrid cloud

Private cloud

IaaS

SaaS

92. Which of the following factors are the most important to address when formulating a training curriculum plan for a security awareness program? (Select two).

Channels by which the organization communicates with customers

The reporting mechanisms for ethics violations

Threat vectors based on the industry in which the organization operates

Secure software development training for all personnel

Cadence and duration of training events

Retraining requirements for individuals who fail phishing simulations

93. Which of the following tasks is typically included in the BIA process?

Estimating the recovery time of systems

Identifying the communication strategy

Evaluating the risk management plan

Establishing the backup and recovery procedures

Developing the incident response plan

94. Which of the following is required for an organization to properly manage its restore process in the event of system failure?

IRP

DRP

RPO

SDLC

95. An organization’s internet-facing website was compromised when an attacker exploited a buffer overflow.

Which of the following should the organization deploy to best protect against similar attacks in the future?

NGFW

WAF

TLS

SD-WAN

96. A legacy device is being decommissioned and is no longer receiving updates or patches.

Which of the following describes this scenario?

End of business

End of testing

End of support

End of life

97. A company purchased cyber insurance to address items listed on the risk register.

Which of the following strategies does this represent?

Transfer

Mitigate

Avoid

98. During an investigation, an incident response team attempts to understand the source of an incident.

Which of the following incident response activities describes this process?

Analysis

Lessons learned

Detection

Containment

99. Which of the following risks can be mitigated by HTTP headers?

SQLi

XSS

DoS

SSL

100. Which of the following would be most useful in determining whether the long-term cost to transfer a

risk is less than the impact of the risk?

ARO

RTO

RPO

ALE

SLE

Page 11 of 11

101. A security operations center determines that the malicious activity detected on a server is normal.

Which of the following activities describes the act of ignoring detected activity in the future?

Tuning

Aggregating

Quarantining

Archiving

TAGS:

SY0-701, SY0-701 exam dumps

Notify of

Label

Name*

Email*

Website

Label

Name*

Email*

Website

0 Comments

Oldest

Newest Most Voted

Inline Feedbacks

View all comments

Get SY0-701 Dumps Full Version

Q&As: 345
Versions: PDF and Software Download Now

About Dumpsinfo

Dumpsinfo is a good platform providing the latest exam information and dumps questions for all IT certification exams. You can study all the latest exam dumps questions online.

[email protected]

Mon - Sat 9:00am - 6:00pm

SY0-701 Dumps Questions – Effective Way to Get Certified

Related

Posts

CAS-005 Dumps Questions Increase Your Chance of Success

Valid PT0-003 Exam Dumps are Your best Choice to Pass

Prepare N10-009 Exam with Using N10-009 Dump Questions

Online XK0-005 Exam Dumps Help You Build Confidence

About Us

EMAIL

Services

Opening Hours