CompTIA Security+Exam (SY0-701) Free Questions - Part 10
Question No : 136) A security engineer is setting up passwordless authentication for the first time.
INSTRUCTIONS
Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Question No : 137) A cybersecurity manager has scheduled biannual meetings with the IT team and department leaders to discuss how they would respond to hypothetical cyberattacks. During these meetings, the manager presents a scenario and injects additional information throughout the session to replicate what might occur in a dynamic cybersecurity event involving the company, its facilities, its data, and its staff. Which of the following describes what the manager is doing?
A. Developing an incident response plan
B. Building a disaster recovery plan
C. Conducting a tabletop exercise
D. Running a simulation exercise
Question No : 138) A user contacts the help desk to report the following: Two days ago, a pop-up browser window prompted the user for a name and password after connecting to the corporate wireless SSID. This had never happened before, but the user entered the information as requested. The user was able to access the Internet but had trouble accessing the department share until the next day. The user is now getting notifications from the bank about unauthorized transactions. Which of the following attack vectors was MOST likely used in this scenario?
A. Rogue access point
B. Evil twin
C. DNS poisoning
D. ARP poisoning
Question No : 139) A startup company is using multiple SaaS and IaaS platform to stand up a corporate infrastructure and build out a customer-facing web application. Which of the following solutions would be BEST to provide security, manageability, and visibility into the platforms?
A. SIEM
B. DLP
C. CASB
D. SWG
Question No : 140) A consultant is configuring a vulnerability scanner for a large, global organization in multiple countries. The consultant will be using a service account to scan systems with administrative privileges on a weekly basis, but there is a concern that hackers could gain access to account to the account and pivot through the global network. Which of the following would be BEST to help mitigate this concern?
A. Create consultant accounts for each region, each configured with push MFA notifications.
B. Create one global administrator account and enforce Kerberos authentication
C. Create different accounts for each region. limit their logon times, and alert on risky logins
D. Create a guest account for each region. remember the last ten passwords, and block password reuse
Question No : 141) A development team employs a practice of bringing all the code changes from multiple team members into the same development project through automation. A tool is utilized to validate the code and track source code through version control. Which of the following BEST describes this process?
A. Continuous delivery
B. Continuous integration
C. Continuous validation
D. Continuous monitoring
Question No : 142) A smart switch has the ability to monitor electrical levels and shut off power to a building in the event of power surge or other fault situation. The switch was installed on a wired network in a hospital and is monitored by the facilities department via a cloud application. The security administrator isolated the switch on a separate VLAN and set up a patch routine. Which of the following steps should also be taken to harden the smart switch?
A. Set up an air gap for the switch.
B. Change the default password for the switch.
C. Place the switch In a Faraday cage.
D. Install a cable lock on the switch
Question No : 143) Company engineers regularly participate in a public Internet forum with other engineers throughout the industry. Which of the following tactics would an attacker MOST likely use in this scenario?
A. Watering-hole attack
B. Credential harvesting
C. Hybrid warfare
D. Pharming
Question No : 144) Which of the following allows for functional test data to be used in new systems for testing and training purposes to protect the real data?
A. Data encryption
B. Data masking
C. Data deduplication
D. Data minimization
Question No : 145) Which of the following is a team of people dedicated testing the effectiveness of organizational security programs by emulating the techniques of potential attackers?
A. Red team
B. While team
C. Blue team
D. Purple team
Question No : 146) An employee has been charged with fraud and is suspected of using corporate assets. As authorities collect evidence, and to preserve the admissibility of the evidence, which of the following forensic techniques should be used?
A. Order of volatility
B. Data recovery
C. Chain of custody
D. Non-repudiation
Question No : 147) A security administrator suspects an employee has been emailing proprietary information to a competitor. Company policy requires the administrator to capture an exact copy of the employee’s hard disk. Which of the following should the administrator use?
A. dd
B. chmod
C. dnsenum
D. logger
Question No : 148) A network administrator would like to configure a site-to-site VPN utilizing iPSec. The administrator wants the tunnel to be established with data integrity encryption, authentication and anti- replay functions Which of the following should the administrator use when configuring the VPN?
A. AH
B. EDR
C. ESP
D. DNSSEC
Question No : 149) Which of the following relets to applications and systems that are used within an organization without consent or approval?
A. Shadow IT
B. OSINT
C. Dark web
D. Insider threats
Question No : 150) Which of the following algorithms has the SMALLEST key size?
A. DES
B. Twofish
C. RSA
D. AES
SY0-701 Answers