SY0-701 Dumps Questions - Effective Way to Get Certified

SY0-701 Dumps Questions – Effective Way to Get Certified

Category:

Comments:

0 Comments

Post Date:

December 9, 2023

If you're in the field of CompTIA, you know how important it is to stay up-to-date with the latest knowledge and skills to protect your organization's networks and data. One way to do that is by obtaining CompTIA Security+, specifically the SY0-701 exam. While preparing for the SY0-701 exam, you might consider using SY0-701 dumps to help you familiarize yourself with the exam format and content. These SY0-701 exam dumps questions can be an effective way to gauge your knowledge and identify areas where you may need additional study. Study online free SY0-701 exam dumps below.

Page 1 of 7

1. Which of the following teams combines both offensive and defensive testing techniques to protect an organization's critical systems?

Red

Blue

Purple

Yellow

2. Which of the following is the best reason to complete an audit in a banking environment?

Regulatory requirement

Organizational change

Self-assessment requirement

Service-level requirement

3. Which of the following automation use cases would best enhance the security posture of an organization by rapidly updating permissions when employees leave a company?

Provisioning resources

Disabling access

Reviewing change approvals

Escalating permission requests

4. An employee clicked a link in an email from a payment website that asked the employee to update contact information. The employee entered the log-in information but received a “page not found” error message.

Which of the following types of social engineering attacks occurred?

Brand impersonation

Pretexting

Typosquatting

Phishing

5. Which of the following is the most likely to be used to document risks, responsible parties, and thresholds?

Risk tolerance

Risk transfer

Risk register

Risk analysis

6. Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?

Compensating control

Network segmentation

Transfer of risk

SNMP traps

7. A security analyst reviews domain activity logs and notices the following:

Which of the following is the best explanation for what the security analyst has discovered?

The user jsmith's account has been locked out.

A keylogger is installed on [smith's workstation

An attacker is attempting to brute force ismith's account.

Ransomware has been deployed in the domain.

8. Which of the following would be used to detect an employee who is emailing a customer list to a personal account before leaving the company?

DLP

FIM

IDS

EDR

9. Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?

Integrity

Availability

Confidentiality

Non-repudiation

10. A newly appointed board member with cybersecurity knowledge wants the board of directors to receive a quarterly report detailing the number of incidents that impacted the organization. The systems administrator is creating a way to present the data to the board of directors.

Which of the following should the systems administrator use?

Packet captures

Vulnerability scans

Metadata

Dashboard

Page 2 of 7

11. An organization maintains intellectual property that it wants to protect.

Which of the following concepts would be most beneficial to add to the company's security awareness training program?

Insider threat detection

Simulated threats

Phishing awareness

Business continuity planning

12. Which of the following factors are the most important to address when formulating a training curriculum plan for a security awareness program? (Select two).

Channels by which the organization communicates with customers

The reporting mechanisms for ethics violations

Threat vectors based on the industry in which the organization operates

Secure software development training for all personnel

Cadence and duration of training events

Retraining requirements for individuals who fail phishing simulations

13. The CIRT is reviewing an incident that involved a human resources recruiter exfiltration sensitive company data. The CIRT found that the recruiter was able to use HTTP over port 53 to upload documents to a web server.

Which of the following security infrastructure devices could have identified and blocked this activity?

WAF utilizing SSL decryption

NGFW utilizing application inspection

UTM utilizing a threat feed

SD-WAN utilizing IPSec

14. Which of the following best describes configuring devices to log to an off-site location for possible future reference?

Log aggregation

DLP

Archiving

SCAP

15. A technician wants to improve the situational and environmental awareness of existing users as they transition from remote to in-office work.

Which of the following is the best option?

Send out periodic security reminders.

Update the content of new hire documentation.

Modify the content of recurring training. D Implement a phishing campaign

16. A security analyst locates a potentially malicious video file on a server and needs to identify both the creation date and the file's creator.

Which of the following actions would most likely give the security analyst the information required?

Obtain the file's SHA-256 hash.

Use hexdump on the file's contents.

Check endpoint logs.

Query the file's metadata.

17. Which of the following would be best suited for constantly changing environments?

RTOS

Containers

Embedded systems

SCADA

18. A security analyst and the management team are reviewing the organizational performance of a recent phishing campaign. The user click-through rate exceeded the acceptable risk threshold, and the management team wants to reduce the impact when a user clicks on a link in a phishing message.

Which of the following should the analyst do?

Place posters around the office to raise awareness of common phishing activities.

Implement email security filters to prevent phishing emails from being delivered

Update the EDR policies to block automatic execution of downloaded programs.

Create additional training for users to recognize the signs of phishing attempts.

19. Which of the following are considered physical security controls? (Choose two)

Encryption

Biometric identification

Mantrap

Token-based authentication

CCTV surveillance

20. An administrator notices that several users are logging in from suspicious IP addresses. After speaking with the users, the administrator determines that the employees were not logging in from those IP addresses and resets the affected users’ passwords.

Which of the following should the administrator implement to prevent this type of attack from succeeding in the future?

Multifactor authentication

Permissions assignment

Access management

Password complexity

Page 3 of 7

21. During a recent breach, employee credentials were compromised when a service desk employee issued an MFA bypass code to an attacker who called and posed as an employee.

Which of the following should be used to prevent this type of incident in the future?

Hardware token MFA

Biometrics

Identity proofing

Least privilege

22. The local administrator account for a company's VPN appliance was unexpectedly used to log in to the remote management interface.

Which of the following would have most likely prevented this from happening'?

Using least privilege

Changing the default password

Assigning individual user IDs

Reviewing logs more frequently

23. A security analyst is reviewing the source code of an application in order to identify misconfigurations and vulnerabilities.

Which of the following kinds of analysis best describes this review?

Dynamic

Static

Gap

Impact

24. Which type of attack involves overwhelming a system with traffic to make it unavailable to its intended users?

DoS attack

Man-in-the-middle attack

SQL injection

Cross-site scripting

25. 50.10.25 32 port 53

D. Access list outbound permit 10.50.10.25 32 0.0.0.0/0 port 53 Access list outbound deny 0.0.0.0.0.0.0.0.0/0 port 53

26. A company is planning to set up a SIEM system and assign an analyst to review the logs on a weekly basis Which of the following types of controls is the company setting up?

Corrective

Preventive

Detective

Deterrent

27. The marketing department set up its own project management software without telling the appropriate departments.

Which of the following describes this scenario?

Shadow IT

Insider threat

Data exfiltration

Service disruption

28. Which of the following is the best way to consistently determine on a daily basis whether security settings on servers have been modified?

Automation

Compliance checklist

Attestation

Manual audit

29. A company is discarding a classified storage array and hires an outside vendor to complete the disposal.

Which of the following should the company request from the vendor?

Certification

Inventory list

Classification

Proof of ownership

30. A penetration tester begins an engagement by performing port and service scans against the client environment according to the rules of engagement.

Which of the following reconnaissance types is the tester performing?

Active

Passive

Defensive

Offensive

Page 4 of 7

31. Users at a company are reporting they are unable to access the URL for a new retail website because it is flagged as gambling and is being blocked.

Which of the following changes would allow users to access the site?

Creating a firewall rule to allow HTTPS traffic

Configuring the IPS to allow shopping

Tuning the DLP rule that detects credit card data

Updating the categorization in the content filter

32. Which of the following should a security administrator adhere to when setting up a new set of firewall rules?

Disaster recovery plan

Incident response procedure

Business continuity plan

Change management procedure

33. Which of the following describes a security alerting and monitoring tool that collects system, application, and network logs from multiple sources in a centralized system?

SIEM

DLP

IDS

SNMP

34. Which of the following must be considered when designing a high-availability network? (Choose two).

Ease of recovery

Ability to patch

Physical isolation

Responsiveness

Attack surface

Extensible authentication

35. Which of the following actions could a security engineer take to ensure workstations and servers are properly monitored for unauthorized changes and software?

Configure all systems to log scheduled tasks.

Collect and monitor all traffic exiting the network.

Block traffic based on known malicious signatures.

Install endpoint management software on all systems.

36. During the onboarding process, an employee needs to create a password for an intranet account. The password must include ten characters, numbers, and letters, and two special characters. Once the password is created, the company will grant the employee access to other company-owned websites based on the intranet profile.

Which of the following access management concepts is the company most likely using to safeguard intranet accounts and grant access to multiple sites based on a user's intranet account? (Select two).

Federation

Identity proofing

Password complexity

Default password changes

Password manager

Open authentication

37. A systems administrator works for a local hospital and needs to ensure patient data is protected and secure.

Which of the following data classifications should be used to secure patient data?

Private

Critical

Sensitive

Public

38. Which of the following provides the details about the terms of a test with a third-party penetration tester?

Rules of engagement

Supply chain analysis

Right to audit clause

Due diligence

39. An attacker posing as the Chief Executive Officer calls an employee and instructs the employee to buy gift cards.

Which of the following techniques is the attacker using?

Smishing

Disinformation

Impersonating

Whaling

40. A company wants to verify that the software the company is deploying came from the vendor the company purchased the software from.

Which of the following is the best way for the company to confirm this information?

Validate the code signature.

Execute the code in a sandbox.

Search the executable for ASCII strings.

Generate a hash of the files.

Page 5 of 7

41. An administrator discovers that some files on a database server were recently encrypted. The administrator sees from the security logs that the data was last accessed by a domain user.

Which of the following best describes the type of attack that occurred?

Insider threat

Social engineering

Watering-hole

Unauthorized attacker

42. A company is expanding its threat surface program and allowing individuals to security test the company’s internet-facing application. The company will compensate researchers based on the vulnerabilities discovered.

Which of the following best describes the program the company is setting up?

Open-source intelligence

Bug bounty

Red team

Penetration testing

43. A client demands at least 99.99% uptime from a service provider's hosted security services.

Which of the following documents includes the information the service provider should return to the client?

MOA

SOW

MOU

SLA

44. A systems administrator would like to deploy a change to a production system.

Which of the following must the administrator submit to demonstrate that the system can be restored to a working state in the event of a performance issue?

Backout plan

Impact analysis

Test procedure

Approval procedure

45. A company's end users are reporting that they are unable to reach external websites. After reviewing the performance data for the DNS severs, the analyst discovers that the CPU, disk, and memory usage are minimal, but the network interface is flooded with inbound traffic. Network logs show only a small number of DNS queries sent to this server.

Which of the following best describes what the security analyst is seeing?

Concurrent session usage

Secure DNS cryptographic downgrade

On-path resource consumption

Reflected denial of service

46. A systems administrator wants to prevent users from being able to access data based on their responsibilities. The administrator also wants to apply the required access structure via a simplified format.

Which of the following should the administrator apply to the site recovery resource group?

RBAC

ACL

SAML

GPO

47. A security administrator is deploying a DLP solution to prevent the exfiltration of sensitive customer data.

Which of the following should the administrator do first?

Block access to cloud storage websites.

Create a rule to block outgoing email attachments.

Apply classifications to the data.

Remove all user permissions from shares on the file server.

48. One of a company's vendors sent an analyst a security bulletin that recommends a BIOS update.

Which of the following vulnerability types is being addressed by the patch?

Virtualization

Firmware

Application

Operating system

49. An organization recently updated its security policy to include the following statement:

Regular expressions are included in source code to remove special characters such as $, |, ;. &, `, and ? from variables set by forms in a web application.

Which of the following best explains the security technique the organization adopted by making this addition to the policy?

Identify embedded keys

Code debugging

Input validation

Static code analysis

50. A company decided to reduce the cost of its annual cyber insurance policy by removing the coverage for ransomware attacks.

Which of the following analysis elements did the company most likely use in making this decision?

IMTTR

RTO

ARO

MTBF

Page 6 of 7

51. A company prevented direct access from the database administrators’ workstations to the network segment that contains database servers.

Which of the following should a database administrator use to access the database servers?

Jump server

RADIUS

HSM

Load balancer

52. Which of the following security concepts is being followed when implementing a product that offers protection against DDoS attacks?

Availability

Non-repudiation

Integrity

Confidentiality

53. A company purchased cyber insurance to address items listed on the risk register.

Which of the following strategies does this represent?

Transfer

Mitigate

Avoid

54. After a recent ransomware attack on a company's system, an administrator reviewed the log files.

Which of the following control types did the administrator use?

Compensating

Detective

Preventive

Corrective

55. A company is required to use certified hardware when building networks.

Which of the following best addresses the risks associated with procuring counterfeit hardware?

A thorough analysis of the supply chain

A legally enforceable corporate acquisition policy

A right to audit clause in vendor contracts and SOWs

An in-depth penetration test of all suppliers and vendors

56. Employees in the research and development business unit receive extensive training to ensure they understand how to best protect company data.

Which of the following is the type of data these employees are most likely to use in day-to-day work activities?

Encrypted

Intellectual property

Critical

Data in transit

57. A company is working with a vendor to perform a penetration test Which of the following includes an estimate about the number of hours required to complete the engagement?

SOW

BPA

SLA

NDA

58. To improve the security at a data center, a security administrator implements a CCTV system and posts several signs about the possibility of being filmed.

Which of the following best describe these types of controls? (Select two).

Preventive

Deterrent

Corrective

Directive

Compensating

Detective

59. A company is planning to set up a SIEM system and assign an analyst to review the logs on a weekly basis.

Which of the following types of controls is the company setting up?

Corrective

Preventive

Detective

Deterrent

60. Which of the following roles, according to the shared responsibility model, is responsible for securing the company’s database in an IaaS model for a cloud environment?

Client

Third-party vendor

Cloud provider

DBA

Page 7 of 7

61. A company tested and validated the effectiveness of network security appliances within the corporate network. The IDS detected a high rate of SQL injection attacks against the company's servers, and the company's perimeter firewall is at capacity.

Which of the following would be the best action to maintain security and reduce the traffic to the perimeter firewall?

Set the appliance to IPS mode and place it in front of the company firewall.

Convert the firewall to a WAF and use IPSec tunnels to increase throughput.

Set the firewall to fail open if it is overloaded with traffic and send alerts to the SIE

Configure the firewall to perform deep packet inspection and monitor TLS traffic.

62. Which of the following is a security measure that filters incoming and outgoing traffic based on predetermined security rules?

Proxy

Gateway

Firewall

Switch

63. Which of the following is the best way to secure an on-site data center against intrusion from an insider?

Bollards

Access badge

Motion sensor

Video surveillance

64. Which of the following security concepts is accomplished with the installation of a RADIUS server?

CIA

AAA

ACL

PEM

65. After a security awareness training session, a user called the IT help desk and reported a suspicious call. The suspicious caller stated that the Chief Financial Officer wanted credit card information in order to close an invoice.

Which of the following topics did the user recognize from the training?

Insider threat

Email phishing

Social engineering

Executive whaling

66. Which of the following methods to secure credit card data is best to use when a requirement is to see only the last four numbers on a credit card?

Encryption

Hashing

Masking

Tokenization

67. Which of the following describes the category of data that is most impacted when it is lost?

Confidential

Public

Private

Critical

68. Which of the following is the most likely outcome if a large bank fails an internal PCI DSS compliance assessment?

Fines

Audit findings

Sanctions

Reputation damage

69. Which of the following allows for the attribution of messages to individuals?

Adaptive identity

Non-repudiation

Authentication

Access logs

70. A technician needs to apply a high-priority patch to a production system.

Which of the following steps should be taken first?

Air gap the system.

Move the system to a different network segment.

Create a change control request.

Apply the patch to the system.

TAGS:

SY0-701, SY0-701 exam dumps

Notify of

Label

Name*

Email*

Website

Label

Name*

Email*

Website

0 Comments

Oldest

Newest Most Voted

Inline Feedbacks

View all comments

Posts

CompTIA Free Dumps

Get SY0-701 Dumps Full Version

Q&As: 230
Versions: PDF and Software Download Now

About Dumpsinfo

Dumpsinfo is a good platform providing the latest exam information and dumps questions for all IT certification exams. You can study all the latest exam dumps questions online.

[email protected]

Mon - Sat 9:00am - 6:00pm

SY0-701 Dumps Questions – Effective Way to Get Certified

Related

Posts

Online XK0-005 Exam Dumps Help You Build Confidence

DS0-001 Dumps Questions Increase Your Chance of Success

Get Certified Easily with Online DA0-001 Dumps

CS0-003 Dumps Guarantee You Pass CS0-003 Exam Easily

About Us

EMAIL

Services

Opening Hours