Practice Free SY0-701 Exam Online Questions
Question #71
A systems administrate wants to implement a backup solution. the solution needs to allow recovery of the entire system, including the operating system, in case of a disaster.
Which of the following backup types should the administrator consider?
- A . Incremental
- B . Storage area network
- C . Differential
- D . Image
Correct Answer: D
D
Explanation:
An image backup, also known as a full system backup, captures the entire contents of a system, including the operating system, applications, settings, and all data. This type of backup allows for a complete recovery of the system in case of a disaster, as it includes everything needed to restore the system to its previous state. This makes it the ideal choice for a systems administrator who needs to ensure the ability to recover the entire system, including the OS.
Reference: CompTIA Security+ SY0-701 study materials, domain on Security Operations.
D
Explanation:
An image backup, also known as a full system backup, captures the entire contents of a system, including the operating system, applications, settings, and all data. This type of backup allows for a complete recovery of the system in case of a disaster, as it includes everything needed to restore the system to its previous state. This makes it the ideal choice for a systems administrator who needs to ensure the ability to recover the entire system, including the OS.
Reference: CompTIA Security+ SY0-701 study materials, domain on Security Operations.
Question #72
An organization is building a new backup data center with cost-benefit as the primary requirement and RTO and RPO values around two days.
Which of the following types of sites is the best for this scenario?
- A . Real-time recovery
- B . Hot
- C . Cold
- D . Warm
Correct Answer: C
C
Explanation:
A cold site is a type of backup data center that has the necessary infrastructure to support IT operations, but does not have any pre-configured hardware or software. A cold site is the cheapest option among the backup data center types, but it also has the longest recovery time objective (RTO) and recovery point objective (RPO) values. A cold site is suitable for scenarios where the cost-benefit is the primary requirement and the RTO and RPO values are not very stringent. A cold site can take up to two days or more to restore the normal operations after a disaster.
Reference: CompTIA Security+ SY0-701 Certification Study Guide, page 387; Backup Types C SY0-601 CompTIA Security+: 2.5, video at 4:50.
C
Explanation:
A cold site is a type of backup data center that has the necessary infrastructure to support IT operations, but does not have any pre-configured hardware or software. A cold site is the cheapest option among the backup data center types, but it also has the longest recovery time objective (RTO) and recovery point objective (RPO) values. A cold site is suitable for scenarios where the cost-benefit is the primary requirement and the RTO and RPO values are not very stringent. A cold site can take up to two days or more to restore the normal operations after a disaster.
Reference: CompTIA Security+ SY0-701 Certification Study Guide, page 387; Backup Types C SY0-601 CompTIA Security+: 2.5, video at 4:50.
Question #73
The marketing department set up its own project management software without telling the appropriate departments.
Which of the following describes this scenario?
- A . Shadow IT
- B . Insider threat
- C . Data exfiltration
- D . Service disruption
Correct Answer: A
A
Explanation:
Shadow IT is the term used to describe the use of unauthorized or unapproved IT resources within an organization. The marketing department set up its own project management software without telling the appropriate departments, such as IT, security, or compliance. This could pose a risk to the organization’s security posture, data integrity, and regulatory compliance1.
Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 2, page 35.
A
Explanation:
Shadow IT is the term used to describe the use of unauthorized or unapproved IT resources within an organization. The marketing department set up its own project management software without telling the appropriate departments, such as IT, security, or compliance. This could pose a risk to the organization’s security posture, data integrity, and regulatory compliance1.
Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 2, page 35.
Question #74
A newly identified network access vulnerability has been found in the OS of legacy loT devices.
Which of the following would best mitigate this vulnerability quickly?
- A . Insurance
- B . Patching
- C . Segmentation
- D . Replacement
Correct Answer: C
C
Explanation:
Segmentation is a technique that divides a network into smaller subnetworks or segments, each with its own security policies and controls. Segmentation can help mitigate network access vulnerabilities in legacy loT devices by isolating them from other devices and systems, reducing their attack surface and limiting the potential impact of a breach. Segmentation can also improve network performance and efficiency by reducing congestion and traffic. Patching, insurance, and replacement are other possible strategies to deal with network access vulnerabilities, but they may not be feasible or effective in the short term. Patching may not be available or compatible for legacy loT devices, insurance may not cover the costs or damages of a cyberattack, and replacement may be expensive and time-consuming.
Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 142-143
C
Explanation:
Segmentation is a technique that divides a network into smaller subnetworks or segments, each with its own security policies and controls. Segmentation can help mitigate network access vulnerabilities in legacy loT devices by isolating them from other devices and systems, reducing their attack surface and limiting the potential impact of a breach. Segmentation can also improve network performance and efficiency by reducing congestion and traffic. Patching, insurance, and replacement are other possible strategies to deal with network access vulnerabilities, but they may not be feasible or effective in the short term. Patching may not be available or compatible for legacy loT devices, insurance may not cover the costs or damages of a cyberattack, and replacement may be expensive and time-consuming.
Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 142-143
Question #75
A growing company would like to enhance the ability of its security operations center to detect threats but reduce the amount of manual work required tor the security analysts.
Which of the following would best enable the reduction in manual work?
- A . SOAR
- B . SIEM
- C . MDM
- D . DLP
Correct Answer: A
Question #76
A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system.
Which of the following would detect this behavior?
- A . Implementing encryption
- B . Monitoring outbound traffic
- C . Using default settings
- D . Closing all open ports
Correct Answer: B
B
Explanation:
Monitoring outbound traffic is essential for detecting unauthorized data exfiltration from a system. A new vulnerability that allows malware to move data unauthorizedly would typically attempt to send this data out of the network. By monitoring outbound traffic, security tools can detect unusual data transfers, trigger alerts, and help prevent the exfiltration of sensitive information.
Reference: CompTIA Security+ SY0-701 Course Content: Domain 04 Security Operations.
CompTIA Security+ SY0-601 Study Guide: Chapter on Threat Detection and Response.
B
Explanation:
Monitoring outbound traffic is essential for detecting unauthorized data exfiltration from a system. A new vulnerability that allows malware to move data unauthorizedly would typically attempt to send this data out of the network. By monitoring outbound traffic, security tools can detect unusual data transfers, trigger alerts, and help prevent the exfiltration of sensitive information.
Reference: CompTIA Security+ SY0-701 Course Content: Domain 04 Security Operations.
CompTIA Security+ SY0-601 Study Guide: Chapter on Threat Detection and Response.
Question #77
A vendor needs to remotely and securely transfer files from one server to another using the command line.
Which of the following protocols should be Implemented to allow for this type of access? (Select two).
- A . SSH
- B . SNMP
- C . RDP
- D . S/MIME
- E . SMTP
- F . SFTP
Correct Answer: A, F
A, F
Explanation:
Secure Shell (SSH) is a protocol used for secure command-line access to remote systems, while Secure File Transfer Protocol (SFTP) is an extension of SSH used specifically for securely transferring files. Both SSH and SFTP ensure that data is encrypted during transmission, protecting it from interception or tampering.
Reference: CompTIA Security+ SY0-701 Course Content: Domain 03 Security Architecture.
CompTIA Security+ SY0-601 Study Guide: Chapter on Secure Protocols and Encryption.
A, F
Explanation:
Secure Shell (SSH) is a protocol used for secure command-line access to remote systems, while Secure File Transfer Protocol (SFTP) is an extension of SSH used specifically for securely transferring files. Both SSH and SFTP ensure that data is encrypted during transmission, protecting it from interception or tampering.
Reference: CompTIA Security+ SY0-701 Course Content: Domain 03 Security Architecture.
CompTIA Security+ SY0-601 Study Guide: Chapter on Secure Protocols and Encryption.
Question #78
A systems administrator is looking for a low-cost application-hosting solution that is cloud-based.
Which of the following meets these requirements?
- A . Serverless framework
- B . Type 1 hvpervisor
- C . SD-WAN
- D . SDN
Correct Answer: A
A
Explanation:
A serverless framework is a cloud-based application-hosting solution that meets the requirements of low-cost and cloud-based. A serverless framework is a type of cloud computing service that allows developers to run applications without managing or provisioning any servers. The cloud provider handles the server-side infrastructure, such as scaling, load balancing, security, and maintenance, and charges the developer only for the resources consumed by the application. A serverless framework enables developers to focus on the application logic and functionality, and reduces the operational costs and complexity of hosting applications. Some examples of serverless frameworks are AWS Lambda, Azure Functions, and Google Cloud Functions.
A type 1 hypervisor, SD-WAN, and SDN are not cloud-based application-hosting solutions that meet the requirements of low-cost and cloud-based. A type 1 hypervisor is a software layer that runs directly on the hardware and creates multiple virtual machines that can run different operating systems and applications. A type 1 hypervisor is not a cloud-based service, but a virtualization technology that can be used to create private or hybrid clouds. A type 1 hypervisor also requires the developer to manage and provision the servers and the virtual machines, which can increase the operational costs and complexity of hosting applications. Some examples of type 1 hypervisors are VMware ESXi, Microsoft Hyper-V, and Citrix XenServer.
SD-WAN (Software-Defined Wide Area Network) is a network architecture that uses software to dynamically route traffic across multiple WAN connections, such as broadband, LTE, or MPLS. SD-WAN is not a cloud-based service, but a network optimization technology that can improve the performance, reliability, and security of WAN connections. SD-WAN can be used to connect remote sites or users to cloud-based applications, but it does not host the applications itself. Some examples of SD-WAN vendors are Cisco, VMware, and Fortinet.
SDN (Software-Defined Networking) is a network architecture that decouples the control plane from the data plane, and uses a centralized controller to programmatically manage and configure the network devices and traffic flows. SDN is not a cloud-based service, but a network automation technology that can enhance the scalability, flexibility, and efficiency of the network. SDN can be used to create virtual networks or network functions that can support cloud-based applications, but it does not host the applications itself. Some examples of SDN vendors are OpenFlow, OpenDaylight, and OpenStack.
Reference: CompTIA Security+ SY0-701 Certification Study Guide, page 264-265; Professor Messer’s CompTIA SY0-701 Security+ Training Course, video 3.1 – Cloud and Virtualization, 7:40 – 10:00; [Serverless Framework]; [Type 1 Hypervisor]; [SD-WAN]; [SDN].
A
Explanation:
A serverless framework is a cloud-based application-hosting solution that meets the requirements of low-cost and cloud-based. A serverless framework is a type of cloud computing service that allows developers to run applications without managing or provisioning any servers. The cloud provider handles the server-side infrastructure, such as scaling, load balancing, security, and maintenance, and charges the developer only for the resources consumed by the application. A serverless framework enables developers to focus on the application logic and functionality, and reduces the operational costs and complexity of hosting applications. Some examples of serverless frameworks are AWS Lambda, Azure Functions, and Google Cloud Functions.
A type 1 hypervisor, SD-WAN, and SDN are not cloud-based application-hosting solutions that meet the requirements of low-cost and cloud-based. A type 1 hypervisor is a software layer that runs directly on the hardware and creates multiple virtual machines that can run different operating systems and applications. A type 1 hypervisor is not a cloud-based service, but a virtualization technology that can be used to create private or hybrid clouds. A type 1 hypervisor also requires the developer to manage and provision the servers and the virtual machines, which can increase the operational costs and complexity of hosting applications. Some examples of type 1 hypervisors are VMware ESXi, Microsoft Hyper-V, and Citrix XenServer.
SD-WAN (Software-Defined Wide Area Network) is a network architecture that uses software to dynamically route traffic across multiple WAN connections, such as broadband, LTE, or MPLS. SD-WAN is not a cloud-based service, but a network optimization technology that can improve the performance, reliability, and security of WAN connections. SD-WAN can be used to connect remote sites or users to cloud-based applications, but it does not host the applications itself. Some examples of SD-WAN vendors are Cisco, VMware, and Fortinet.
SDN (Software-Defined Networking) is a network architecture that decouples the control plane from the data plane, and uses a centralized controller to programmatically manage and configure the network devices and traffic flows. SDN is not a cloud-based service, but a network automation technology that can enhance the scalability, flexibility, and efficiency of the network. SDN can be used to create virtual networks or network functions that can support cloud-based applications, but it does not host the applications itself. Some examples of SDN vendors are OpenFlow, OpenDaylight, and OpenStack.
Reference: CompTIA Security+ SY0-701 Certification Study Guide, page 264-265; Professor Messer’s CompTIA SY0-701 Security+ Training Course, video 3.1 – Cloud and Virtualization, 7:40 – 10:00; [Serverless Framework]; [Type 1 Hypervisor]; [SD-WAN]; [SDN].
Question #79
A company wants to track modifications to the code used to build new virtual servers.
Which of the following will the company most likely deploy?
- A . Change management ticketing system
- B . Behavioral analyzer
- C . Collaboration platform
- D . Version control tool
Correct Answer: D
D
Explanation:
A version control tool, such as Git, tracks changes made to code, maintains history, and allows developers to manage and revert to earlier versions when needed. This ensures accountability and control over modifications.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 3: Security Architecture, Section: "Version Control and Documentation".
D
Explanation:
A version control tool, such as Git, tracks changes made to code, maintains history, and allows developers to manage and revert to earlier versions when needed. This ensures accountability and control over modifications.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 3: Security Architecture, Section: "Version Control and Documentation".
Question #80
A website user is locked out of an account after clicking an email link and visiting a different website Web server logs show the user’s password was changed, even though the user did not change the password.
Which of the following is the most likely cause?
- A . Cross-sue request forgery
- B . Directory traversal
- C . ARP poisoning
- D . SQL injection
Correct Answer: A
A
Explanation:
The scenario describes a situation where a user unknowingly triggers an unwanted action, such as changing their password, by clicking a malicious link. This is indicative of a Cross-Site Request Forgery (CSRF) attack, where an attacker tricks the user into executing actions they did not intend to perform on a web application in which they are authenticated.
Reference: CompTIA Security+ SY0-701 study materials, particularly in the domain of web application security and common attack vectors like CSRF.
A
Explanation:
The scenario describes a situation where a user unknowingly triggers an unwanted action, such as changing their password, by clicking a malicious link. This is indicative of a Cross-Site Request Forgery (CSRF) attack, where an attacker tricks the user into executing actions they did not intend to perform on a web application in which they are authenticated.
Reference: CompTIA Security+ SY0-701 study materials, particularly in the domain of web application security and common attack vectors like CSRF.