CompTIA Security+Exam (SY0-701) Free Questions - Part 13
Question No : 181) After consulting with the Chief Risk Officer (CRO). a manager decides to acquire cybersecurity insurance for the company Which of the following risk management strategies is the manager adopting?
A. Risk acceptance
B. Risk avoidance
C. Risk transference
D. Risk mitigation
Question No : 182) A forensics investigator is examining a number of unauthorized payments the were reported on the company's website. Some unusual log entries show users received an email for an unwanted mailing list and clicked on a link to attempt to unsubscribe. One of the users reported the email to the phishing team, and the forwarded email revealed the link to be:
Click here to unsubscribe
Which of the following will the forensics investigator MOST likely determine has occurred?
A. SQL injection
B. CSRF
C. XSS
D. XSRF
Question No : 183) A security analyst needs to implement an MDM solution for BYOD users that will allow the company to retain control over company emails residing on the devices and limit data exfiltration that might occur if the devices are lost or stolen. Which of the following would BEST meet these requirements? (Select TWO).
A. Full-device encryption
B. Network usage rules
C. Geofencing
D. Containerization
E. Application whitelisting
F. Remote control
Question No : 184) A security analyst needs to make a recommendation for restricting access to certain segments of the network using only data-link layer security. Which of the following controls will the analyst MOST likely recommend?
A. MAC
B. ACL
C. BPDU
D. ARP
Question No : 185) A security engineer needs to enhance MFA access to sensitive areas in a building. A key card and fingerprint scan are already in use. Which of the following would add another factor of authentication?
A. Hard token
B. Retina scan
C. SMS text
D. Keypad PIN
Question No : 186) A large enterprise has moved all Hs data to the cloud behind strong authentication and encryption A sales director recently had a laptop stolen and later, enterprise data was round to have been compromised database. Which of the following was the MOST likely cause?
A. Shadow IT
B. Credential stuffing
C. SQL injection
D. Man-in-the-browser
E. Bluejacking
Question No : 187) An organization has hired a security analyst to perform a penetration test. The analyst captures 1Gb worth of inbound network traffic to the server and transfer the pcap back to the machine for analysis. Which of the following tools should the analyst use to further review the pcap?
A. Nmap
B. cURL
C. Netcat
D. Wireshark
Question No : 188) A security analyst needs to complete an assessment. The analyst is logged into a server and must use native tools to map services running on it to the server's listening ports. Which of the following tools can BEST accomplish this talk?
A. Netcat
B. Netstat
C. Nmap
D. Nessus
Question No : 189) A recent malware outbreak across a subnet included successful rootkit installations on many PCs, ensuring persistence by rendering remediation efforts ineffective. Which of the following would BEST detect the presence of a rootkit in the future?
A. FDE
B. NIDS
C. EDR
D. DLP
Question No : 190) An engineer wants to access sensitive data from a corporate-owned mobile device. Personal data is not allowed on the device. Which of the following MDM configurations must be considered when the engineer travels for business?
A. Screen locks
B. Application management
C. Geofencing
D. Containerization
Question No : 191) A security analyst receives the configuration of a current VPN profile and notices the authentication is only applied to the IP datagram portion of the packet. Which of the following should the analyst implement to authenticate the entire packet?
A. AH
B. ESP
C. SRTP
D. LDAP
Question No : 192) A security engineer needs to implement an MDM solution that complies with the corporate mobile device policy. The policy states that in order for mobile users to access corporate resources on their devices the following requirements must be met:
• Mobile device OSs must be patched up to the latest release
• A screen lock must be enabled (passcode or biometric)
• Corporate data must be removed if the device is reported lost or stolen
Which of the following controls should the security engineer configure? (Select TWO)
A. Containerization
B. Storage segmentation
C. Posture checking
D. Remote wipe
E. Full-device encryption
F. Geofencing
Question No : 193) A financial analyst is expecting an email containing sensitive information from a client. When the email arrives, the analyst receives an error and is unable to open the encrypted message. Which of the following is the MOST likely cause of the issue?
A. The S/MME plug-in is not enabled.
B. The SLL certificate has expired.
C. Secure IMAP was not implemented
D. POP3S is not supported.
Question No : 194) A security analyst is reviewing the output of a web server log and notices a particular account is attempting to transfer large amounts of money: Which of the following types of attack is MOST likely being conducted?
A. SQLi
B. CSRF
C. Session replay
D. API
Question No : 195) A security analyst is running a vulnerability scan to check for missing patches during a suspected security rodent During which of the following phases of the response process is this activity MOST likely occurring?
A. Containment
B. Identification
C. Recovery
D. Preparation
SY0-701 Answers