Practice Free SY0-701 Exam Online Questions
A security analyst finds a rogue device during a monthly audit of current endpoint assets that are connected to the network. The corporate network utilizes 002.1X for access control. To be allowed on the network, a device must have a Known hardware address, and a valid user name and password must be entered in a captive portal.
The following is the audit report:
Which of the following is the most likely way a rogue device was allowed to connect?
- A . A user performed a MAC cloning attack with a personal device.
- B . A DMCP failure caused an incorrect IP address to be distributed
- C . An administrator bypassed the security controls for testing.
- D . DNS hijacking let an attacker intercept the captive portal traffic.
A systems administrator set up a perimeter firewall but continues to notice suspicious connections between internal endpoints.
Which of the following should be set up in order to mitigate the threat posed by the suspicious activity?
- A . Host-based firewall
- B . Web application firewall
- C . Access control list
- D . Application allow list
A
Explanation:
A host-based firewall is a software application that runs on an individual endpoint and filters the incoming and outgoing network traffic based on a set of rules. A host-based firewall can help to mitigate the threat posed by suspicious connections between internal endpoints by blocking or allowing the traffic based on the source, destination, port, protocol, or application. A host-based firewall is different from a web application firewall, which is a type of firewall that protects web applications from common web-based attacks, such as SQL injection, cross-site scripting, and session hijacking. A host-based firewall is also different from an access control list, which is a list of rules that control the access to network resources, such as files, folders, printers, or routers. A host-based firewall is also different from an application allow list, which is a list of applications that are authorized to run on an endpoint, preventing unauthorized or malicious applications from executing.
Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 254
An organization is developing a security program that conveys the responsibilities associated with the general operation of systems and software within the organization.
Which of the following documents would most likely communicate these expectations?
- A . Business continuity plan
- B . Change management procedure
- C . Acceptable use policy
- D . Software development life cycle policy
D
Explanation:
A software development life cycle (SDLC) policy outlines responsibilities, best practices, and standards for developing, deploying, and maintaining secure systems and software.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: "Policies and Standards".
An important patch for a critical application has just been released, and a systems administrator is identifying all of the systems requiring the patch.
Which of the following must be maintained in order to ensure that all systems requiring the patch are updated?
- A . Asset inventory
- B . Network enumeration
- C . Data certification
- D . Procurement process
A
Explanation:
To ensure that all systems requiring the patch are updated, the systems administrator must maintain an accurate asset inventory. This inventory lists all hardware and software assets within the organization, allowing the administrator to identify which systems are affected by the patch and ensuring that none are missed during the update process.
Network enumeration is used to discover devices on a network but doesn’t track software that requires patching.
Data certification and procurement process are unrelated to tracking systems for patching purposes.
In order to strengthen a password and prevent a hacker from cracking it, a random string of 36 characters was added to the password.
Which of the following best describes this technique?
- A . Key stretching
- B . Tokenization
- C . Data masking
- D . Salting
D
Explanation:
Adding a random string of characters, known as a "salt," to a password before hashing it is known as salting. This technique strengthens passwords by ensuring that even if two users have the same password, their hashes will be different due to the unique salt, making it much harder for attackers to crack passwords using precomputed tables.
Reference: CompTIA Security+ SY0-701 course content and official CompTIA study resources.
Which of the following is die most important security concern when using legacy systems to provide production service?
- A . Instability
- B . Lack of vendor support
- C . Loss of availability
- D . Use of insecure protocols
An employee recently resigned from a company. The employee was responsible for managing and supporting weekly batch jobs over the past five years. A few weeks after the employee resigned. one of the batch jobs talked and caused a major disruption.
Which of the following would work best to prevent this type of incident from reoccurring?
- A . Job rotation
- B . Retention
- C . Outsourcing
- D . Separation of duties
A systems administrator wants to prevent users from being able to access data based on their responsibilities. The administrator also wants to apply the required access structure via a simplified format.
Which of the following should the administrator apply to the site recovery resource group?
- A . RBAC
- B . ACL
- C . SAML
- D . GPO
A
Explanation:
RBAC stands for Role-Based Access Control, which is a method of restricting access to data and resources based on the roles or responsibilities of users. RBAC simplifies the management of permissions by assigning roles to users and granting access rights to roles, rather than to individual users. RBAC can help enforce the principle of least privilege and reduce the risk of unauthorized access or data leakage. The other options are not as suitable for the scenario as RBAC, as they either do not prevent access based on responsibilities, or do not apply a simplified format.
Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 133 1
An organization disabled unneeded services and placed a firewall in front of a business-critical legacy system.
Which of the following best describes the actions taken by the organization?
- A . Exception
- B . Segmentation
- C . Risk transfer
- D . Compensating controls
D
Explanation:
Compensating controls are alternative security measures that are implemented when the primary controls are not feasible, cost-effective, or sufficient to mitigate the risk. In this case, the organization used compensating controls to protect the legacy system from potential attacks by disabling unneeded services and placing a firewall in front of it. This reduced the attack surface and the likelihood of exploitation.
Reference: Official CompTIA Security+ Study Guide (SY0-701), page 29 Security Controls – CompTIA Security+ SY0-701 – 1.1 1
A software developer would like to ensure. The source code cannot be reverse engineered or debugged.
Which of the following should the developer consider?
- A . Version control
- B . Obfuscation toolkit
- C . Code reuse
- D . Continuous integration
- E . Stored procedures
B
Explanation:
An obfuscation toolkit is used by developers to make source code difficult to understand and reverse engineer. This technique involves altering the code’s structure and naming conventions without changing its functionality, making it much harder for attackers to decipher the code or use debugging tools to analyze it. Obfuscation is an important practice in protecting proprietary software and intellectual property from reverse engineering.
Reference: CompTIA Security+ SY0-701 Course Content: Domain 03 Security Architecture.
CompTIA Security+ SY0-601 Study Guide: Chapter on Secure Coding Practices.