Logo
  • Home
  • All Courses
    • Amazon - AWS
    • Cisco
    • CompTIA
    • EC Council
    • Microsoft
    • Oracle
    • Salesforce
    • Snowflake
  • Testimonials
  • Blogs
  • Login
  • Register
  • Cart

CompTIA Security+Exam (SY0-701) Free Questions - Part 12

Question No : 166) A company's Chief Information Security Officer (CISO) recently warned the security manager that the company’s Chief Executive Officer (CEO) is planning to publish a controversial option article in a national newspaper, which may result in new cyberattacks Which of the following would be BEST for the security manager to use in a threat mode?

A. Hacktivists

B. White-hat hackers

C. Script kiddies

D. Insider threats

 

Question No : 167) An organization is concerned that its hosted web servers are not running the most updated version of the software. Which of the following would work BEST to help identify potential vulnerabilities?

A. hping3 -S corsptia.org -p 80

B. nc —1 —v comptia.org -p 80

C. nmap comptia.org -p 80 —sV

D. nslookup -port=80 comptia.org

 

Question No : 168) Which of the following types of controls is a CCTV camera that is not being monitored?

A. Detective

B. Deterrent

C. Physical

D. Preventive

 

Question No : 169) A security analyst is logged into a Windows file server and needs to see who is accessing files and from which computers Which of the following tools should the analyst use?

A. netstat

B. net share

C. netcat

D. nbtstat

E. net session

 

Question No : 170) The facilities supervisor for a government agency is concerned about unauthorized access to environmental systems in the event the staff WiFi network is breached. Which of the blowing would BEST address this security concern?

A. install a smart meter on the staff WiFi.

B. Place the environmental systems in the same DHCP scope as the staff WiFi.

C. Implement Zigbee on the staff WiFi access points.

D. Segment the staff WiFi network from the environmental systems network.

 

Question No : 171) A company is launching a new internet platform for its clients. The company does not want to implement its own authorization solution but instead wants to rely on the authorization provided by another platform. Which of the following is the BEST approach to implement the desired solution?

A. OAuth

B. TACACS+

C. SAML

D. RADIUS

 

Question No : 172) A university is opening a facility in a location where there is an elevated risk of theft The university wants to protect the desktops in its classrooms and labs Which of the following should the university use to BEST protect these assets deployed in the facility?

A. Visitor logs

B. Cable locks

C. Guards

D. Disk encryption

E. Motion detection

 

Question No : 173) The following is an administrative control that would be MOST effective to reduce the occurrence of malware execution?

A. Security awareness training

B. Frequency of NIDS updates

C. Change control procedures

D. EDR reporting cycle

 

Question No : 174) A security analyst needs to generate a server certificate to be used for 802.1X and secure RDP connections. The analyst is unsure what is required to perform the task and solicits help from a senior colleague. Which of the following is the FIRST step the senior colleague will most likely tell the analyst to perform to accomplish this task?

A. Create an OCSP

B. Generate a CSR

C. Create a CRL

D. Generate a .pfx file

 

Question No : 175) A Chief Executive Officer's (CEO) personal information was stolen in a social engineering attack. Which of the following sources would reveal if the CEO's personal information is for sale?

A. Automated information sharing

B. Open-source intelligence

C. The dark web

D. Vulnerability databases

 

Question No : 176) An information security incident recently occurred at an organization, and the organization was required to report the incident to authorities and notify the affected parties. When the organization's customers became of aware of the incident, some reduced their orders or stopped placing orders entirely. Which of the following is the organization experiencing?

A. Reputation damage

B. Identity theft

C. Anonymlzation

D. Interrupted supply chain

 

Question No : 177) An organization's RPO for a critical system is two hours. The system is used Monday through Friday, from 9:00 am to 5:00 pm. Currently, the organization performs a full backup every Saturday that takes four hours to complete. Which of the following additional backup implementations would be the BEST way for the analyst to meet the business requirements?

A. Incremental backups Monday through Friday at 6:00 p.m and differential backups hourly

B. Full backups Monday through Friday at 6:00 p.m and incremental backups hourly.

C. incremental backups Monday through Friday at 6:00 p.m and full backups hourly.

D. Full backups Monday through Friday at 6:00 p.m and differential backups hourly.

 

Question No : 178) An organization has decided to host its web application and database in the cloud Which of the following BEST describes the security concerns for this decision?

A. Access to the organization's servers could be exposed to other cloud-provider clients

B. The cloud vendor is a new attack vector within the supply chain

C. Outsourcing the code development adds risk to the cloud provider

D. Vendor support will cease when the hosting platforms reach EOL.

 

Question No : 179) During a routine scan of a wireless segment at a retail company, a security administrator discovers several devices are connected to the network that do not match the company's naming convention and are not in the asset Inventory. WiFi access Is protected with 255-Wt encryption via WPA2. Physical access to the company's facility requires two-factor authentication using a badge and a passcode Which of the following should the administrator implement to find and remediate the Issue? (Select TWO).

A. Check the SIEM for failed logins to the LDAP directory.

B. Enable MAC filtering on the switches that support the wireless network.

C. Run a vulnerability scan on all the devices in the wireless network

D. Deploy multifactor authentication for access to the wireless network

E. Scan the wireless network for rogue access points.

F. Deploy a honeypot on the network

 

Question No : 180) An enterprise has hired an outside security firm to conduct penetration testing on its network and applications. The firm has only been given the documentation available to the customers of the applications. Which of the following BEST represents the type of testing that will occur?

A. Bug bounty

B. Black-box

C. Gray-box

D. White-box

E. Red-team

 

SY0-701 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Part 36

Part 37

Part 38

Part 39

Part 40

Part 41

Part 42

Logo

Our goal is to help students clear their exam by providing them genuine questions which helps students to achieve their goal. Many students have cleared their exam by going through our courses. Are you ready to clear yours?


Site Secured

mcaafe-secure

Last Scanned: 08-05-2025

Links

  • FAQ
  • Money Back Guarantee
  • About Us
  • Privacy Policy
  • Terms & Conditions
  • Contact Us
  • Testimonials

Disclaimer

  • SAP, Microsoft, Google, Amazon, Qualtrics, and all other brands are Registered Trademarks of their respective companies.
  • Theexamquestions.com is no way affiliated With any brand hosted on this website.
  • Theexamquestions.com offers only probable exam questions and answers.
  • Theexamquestions.com offer learning materials and practice tests created by subject matter technology experts to assist and help learners prepare for those exams. Theexamquestions.com do not offer dumps or questions from the actual exam.
  • Theexamquestions.com does not own or claim any ownership on any of the brands.
  • All Certification Brands used on the website are owned by the respective brand owners.

All course contents, trademarks, service marks, trade names, product names and logos appearing on the site are the property of their respective owners. The website Theexamquestions.com is in no way affiliated with any of the certification providers. Copyright © 2025 www.theexamquestions.com. All rights reserved.