Practice Free SY0-701 Exam Online Questions
Question #41
Which of the following is most likely associated with introducing vulnerabilities on a corporate network by the deployment of unapproved software?
- A . Hacktivists
- B . Script kiddies
- C . Competitors
- D . Shadow IT
Correct Answer: D
D
Explanation:
Shadow IT refers to the use of information technology systems, devices, software, applications, and services without explicit IT department approval. This is the most likely cause of introducing vulnerabilities on a corporate network by deploying unapproved software, as such software may not have been vetted for security compliance, increasing the risk of vulnerabilities.
Reference: CompTIA Security+ SY0-701 Course Content: The concept of Shadow IT is discussed as a significant risk due to the introduction of unapproved and potentially vulnerable software into the corporate network.
D
Explanation:
Shadow IT refers to the use of information technology systems, devices, software, applications, and services without explicit IT department approval. This is the most likely cause of introducing vulnerabilities on a corporate network by deploying unapproved software, as such software may not have been vetted for security compliance, increasing the risk of vulnerabilities.
Reference: CompTIA Security+ SY0-701 Course Content: The concept of Shadow IT is discussed as a significant risk due to the introduction of unapproved and potentially vulnerable software into the corporate network.
Question #42
A company requires hard drives to be securely wiped before sending decommissioned systems to recycling.
Which of the following best describes this policy?
- A . Enumeration
- B . Sanitization
- C . Destruction
- D . Inventory
Correct Answer: B
B
Explanation:
Sanitization is the process of removing sensitive data from a storage device or a system before it is disposed of or reused. Sanitization can be done by using software tools or hardware devices that overwrite the data with random patterns or zeros, making it unrecoverable. Sanitization is different from destruction, which is the physical damage of the storage device to render it unusable. Sanitization is also different from enumeration, which is the identification of network resources or devices, and inventory, which is the tracking of assets and their locations. The policy of securely wiping hard drives before sending decommissioned systems to recycling is an example of sanitization, as it ensures that no confidential data can be retrieved from the recycled devices.
Reference: Secure Data Destruction C SY0-601 CompTIA Security+: 2.7, video at 1:00; CompTIA Security+ SY0-701 Certification Study Guide, page 387.
B
Explanation:
Sanitization is the process of removing sensitive data from a storage device or a system before it is disposed of or reused. Sanitization can be done by using software tools or hardware devices that overwrite the data with random patterns or zeros, making it unrecoverable. Sanitization is different from destruction, which is the physical damage of the storage device to render it unusable. Sanitization is also different from enumeration, which is the identification of network resources or devices, and inventory, which is the tracking of assets and their locations. The policy of securely wiping hard drives before sending decommissioned systems to recycling is an example of sanitization, as it ensures that no confidential data can be retrieved from the recycled devices.
Reference: Secure Data Destruction C SY0-601 CompTIA Security+: 2.7, video at 1:00; CompTIA Security+ SY0-701 Certification Study Guide, page 387.
Question #43
An employee fell for a phishing scam, which allowed an attacker to gain access to a company PC. The attacker scraped the PC’s memory to find other credentials. Without cracking these credentials, the attacker used them to move laterally through the corporate network.
Which of the following describes this type of attack?
- A . Privilege escalation
- B . Buffer overflow
- C . SQL injection
- D . Pass-the-hash
Correct Answer: D
Question #44
Which of the following must be considered when designing a high-availability network? (Choose two).
- A . Ease of recovery
- B . Ability to patch
- C . Physical isolation
- D . Responsiveness
- E . Attack surface
- F . Extensible authentication
Correct Answer: A, E
A, E
Explanation:
A high-availability network is a network that is designed to minimize downtime and ensure continuous operation even in the event of a failure or disruption. A high-availability network must consider the following factors12:
Ease of recovery: This refers to the ability of the network to restore normal functionality quickly and efficiently after a failure or disruption. Ease of recovery can be achieved by implementing backup and restore procedures, redundancy and failover mechanisms, fault tolerance and resilience, and disaster recovery plans.
Attack surface: This refers to the amount of exposure and vulnerability of the network to potential
threats and attacks. Attack surface can be reduced by implementing security controls such as firewalls, encryption, authentication, access control, segmentation, and hardening.
The other options are not directly related to high-availability network design:
Ability to patch: This refers to the process of updating and fixing software components to address security issues, bugs, or performance improvements. Ability to patch is important for maintaining the security and functionality of the network, but it is not a specific factor for high-availability network design.
Physical isolation: This refers to the separation of network components or devices from other networks or physical environments. Physical isolation can enhance the security and performance of the network, but it can also reduce the availability and accessibility of the network resources. Responsiveness: This refers to the speed and quality of the network’s performance and service delivery. Responsiveness can be measured by metrics such as latency, throughput, jitter, and packet loss. Responsiveness is important for ensuring customer satisfaction and user experience, but it is not a specific factor for high-availability network design.
Extensible authentication: This refers to the ability of the network to support multiple and flexible authentication methods and protocols. Extensible authentication can improve the security and convenience of the network, but it is not a specific factor for high-availability network design. Reference 1: CompTIA Security+ SY0-701 Certification Study Guide, page 972: High Availability C CompTIA Security+ SY0-701 C 3.4, video by Professor Messer.
A, E
Explanation:
A high-availability network is a network that is designed to minimize downtime and ensure continuous operation even in the event of a failure or disruption. A high-availability network must consider the following factors12:
Ease of recovery: This refers to the ability of the network to restore normal functionality quickly and efficiently after a failure or disruption. Ease of recovery can be achieved by implementing backup and restore procedures, redundancy and failover mechanisms, fault tolerance and resilience, and disaster recovery plans.
Attack surface: This refers to the amount of exposure and vulnerability of the network to potential
threats and attacks. Attack surface can be reduced by implementing security controls such as firewalls, encryption, authentication, access control, segmentation, and hardening.
The other options are not directly related to high-availability network design:
Ability to patch: This refers to the process of updating and fixing software components to address security issues, bugs, or performance improvements. Ability to patch is important for maintaining the security and functionality of the network, but it is not a specific factor for high-availability network design.
Physical isolation: This refers to the separation of network components or devices from other networks or physical environments. Physical isolation can enhance the security and performance of the network, but it can also reduce the availability and accessibility of the network resources. Responsiveness: This refers to the speed and quality of the network’s performance and service delivery. Responsiveness can be measured by metrics such as latency, throughput, jitter, and packet loss. Responsiveness is important for ensuring customer satisfaction and user experience, but it is not a specific factor for high-availability network design.
Extensible authentication: This refers to the ability of the network to support multiple and flexible authentication methods and protocols. Extensible authentication can improve the security and convenience of the network, but it is not a specific factor for high-availability network design. Reference 1: CompTIA Security+ SY0-701 Certification Study Guide, page 972: High Availability C CompTIA Security+ SY0-701 C 3.4, video by Professor Messer.
Question #45
Which of the following is a possible consequence of a VM escape?
- A . Malicious instructions can be inserted into memory and give the attacker elevated permissions.
- B . An attacker can access the hypervisor and compromise other VMs.
- C . Unencrypted data can be read by a user in a separate environment.
- D . Users can install software that is not on the manufacturer’s approved list.
Correct Answer: B
B
Explanation:
A VM escape occurs when an attacker breaks out of a virtual machine’s isolation to access the hypervisor. This compromise can allow control of the hypervisor and all other VMs on the host, posing significant security risks.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 3: Security Architecture, Section: "Virtualization Risks and Mitigation".
B
Explanation:
A VM escape occurs when an attacker breaks out of a virtual machine’s isolation to access the hypervisor. This compromise can allow control of the hypervisor and all other VMs on the host, posing significant security risks.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 3: Security Architecture, Section: "Virtualization Risks and Mitigation".
Question #46
A user would like to install software and features that are not available with a smartphone’s default software.
Which of the following would allow the user to install unauthorized software and enable new features?
- A . SOU
- B . Cross-site scripting
- C . Jailbreaking
- D . Side loading
Correct Answer: C
C
Explanation:
Jailbreaking is the process of removing restrictions imposed by the manufacturer on a smartphone, allowing the user to install unauthorized software and features not available through official app stores. This action typically voids the warranty and can introduce security risks by bypassing built-in protections.
SOU (Statement of Understanding) is not related to modifying devices.
Cross-site scripting is a web-based attack technique, unrelated to smartphone software.
Side loading refers to installing apps from unofficial sources but without necessarily removing built-in restrictions like jailbreaking does.
C
Explanation:
Jailbreaking is the process of removing restrictions imposed by the manufacturer on a smartphone, allowing the user to install unauthorized software and features not available through official app stores. This action typically voids the warranty and can introduce security risks by bypassing built-in protections.
SOU (Statement of Understanding) is not related to modifying devices.
Cross-site scripting is a web-based attack technique, unrelated to smartphone software.
Side loading refers to installing apps from unofficial sources but without necessarily removing built-in restrictions like jailbreaking does.
Question #47
Which of the following should a company use to provide proof of external network security testing?
- A . Business impact analysis
- B . Supply chain analysis
- C . Vulnerability assessment
- D . Third-party attestation
Correct Answer: D
D
Explanation:
Third-party attestation involves an external, independent party performing a network security assessment and providing documented proof, ensuring objectivity and compliance with regulatory or client requirements.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: "Compliance and Security Audits".
D
Explanation:
Third-party attestation involves an external, independent party performing a network security assessment and providing documented proof, ensuring objectivity and compliance with regulatory or client requirements.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: "Compliance and Security Audits".
Question #48
A security analyst is investigating an application server and discovers that software on the server is behaving abnormally. The software normally runs batch jobs locally and does not generate traffic, but the process is now generating outbound traffic over random high ports.
Which of the following vulnerabilities has likely been exploited in this software?
- A . Memory injection
- B . Race condition
- C . Side loading
- D . SQL injection
Correct Answer: A
A
Explanation:
Memory injection vulnerabilities allow unauthorized code or commands to be executed within a software program, leading to abnormal behavior such as generating outbound traffic over random high ports. This issue often arises from software not properly validating or encoding input, which can be exploited by attackers to inject malicious code.
Reference: CompTIA Security+ SY0-701 course content and official CompTIA study resources.
A
Explanation:
Memory injection vulnerabilities allow unauthorized code or commands to be executed within a software program, leading to abnormal behavior such as generating outbound traffic over random high ports. This issue often arises from software not properly validating or encoding input, which can be exploited by attackers to inject malicious code.
Reference: CompTIA Security+ SY0-701 course content and official CompTIA study resources.
Question #49
Which of the following best describes why me SMS DIP authentication method is more risky to implement than the TOTP method?
- A . The SMS OTP method requires an end user to have an active mobile telephone service and SIM card.
- B . Generally. SMS OTP codes are valid for up to 15 minutes while the TOTP time frame is 30 to 60 seconds
- C . The SMS OTP is more likely to be intercepted and lead to unauthorized disclosure of the code than the TOTP method.
- D . The algorithm used to generate on SMS OTP code is weaker than the one used to generate a TOTP code
Correct Answer: C
C
Explanation:
The SMS OTP (One-Time Password) method is more vulnerable to interception compared to TOTP (Time-based One-Time Password) because SMS messages can be intercepted through various attack vectors like SIM swapping or SMS phishing. TOTP, on the other hand, generates codes directly on the device and does not rely on a communication channel like SMS, making it less susceptible to interception.
Reference: CompTIA Security+ SY0-701 study materials, particularly in the domain of identity and access management.
C
Explanation:
The SMS OTP (One-Time Password) method is more vulnerable to interception compared to TOTP (Time-based One-Time Password) because SMS messages can be intercepted through various attack vectors like SIM swapping or SMS phishing. TOTP, on the other hand, generates codes directly on the device and does not rely on a communication channel like SMS, making it less susceptible to interception.
Reference: CompTIA Security+ SY0-701 study materials, particularly in the domain of identity and access management.
Question #50
A Chief Information Security Officer wants to monitor the company’s servers for SQLi attacks and allow for comprehensive investigations if an attack occurs. The company uses SSL decryption to allow traffic monitoring.
Which of the following strategies would best accomplish this goal?
- A . Logging all NetFlow traffic into a SIEM
- B . Deploying network traffic sensors on the same subnet as the servers
- C . Logging endpoint and OS-specific security logs
- D . Enabling full packet capture for traffic entering and exiting the servers
Correct Answer: D
D
Explanation:
Full packet capture is a technique that records all network traffic passing through a device, such as a router or firewall. It allows for analysis and investigation of network events, such as SQLi attacks, by providing the complete content and context of the packets. Full packet capture can help identify the source, destination, payload, and timing of an SQLi attack, as well as the impact on the server and database. Logging NetFlow traffic, network traffic sensors, and endpoint and OS-specific security logs can provide some information about network activity, but they do not capture the full content of the
packets, which may limit the scope and depth of the investigation.
Reference: CompTIA Security+
Study Guide: Exam SY0-701, 9th Edition, page 372-373
D
Explanation:
Full packet capture is a technique that records all network traffic passing through a device, such as a router or firewall. It allows for analysis and investigation of network events, such as SQLi attacks, by providing the complete content and context of the packets. Full packet capture can help identify the source, destination, payload, and timing of an SQLi attack, as well as the impact on the server and database. Logging NetFlow traffic, network traffic sensors, and endpoint and OS-specific security logs can provide some information about network activity, but they do not capture the full content of the
packets, which may limit the scope and depth of the investigation.
Reference: CompTIA Security+
Study Guide: Exam SY0-701, 9th Edition, page 372-373