Logo
  • Home
  • All Courses
    • Amazon - AWS
    • Cisco
    • CompTIA
    • EC Council
    • Microsoft
    • Oracle
    • Salesforce
    • Snowflake
  • Testimonials
  • Blogs
  • Login
  • Register
  • Cart

CompTIA Security+Exam (SY0-701) Free Questions - Part 15

Question No : 211) A well-known organization has been experiencing attacks from APIs. The organization is concerned that custom malware is being created and emailed into the company or installed on USB sticks that are dropped in parking lots. Which of the following is the BEST defense against this scenario?

A. Configuring signature-based antivirus io update every 30 minutes

B. Enforcing S/MIME for email and automatically encrypting USB drives upon insertion.

C. Implementing application execution in a sandbox for unknown software.

D. Fuzzing new files for vulnerabilities if they are not digitally signed

 

Question No : 212) Which of the following would be BEST to establish between organizations that have agreed cooperate and are engaged in early discussion to define the responsibilities of each party, but do not want to establish a contractually binding agreement?

A. An SLA

B. An NDA

C. A BPA

D. An MOU

 

Question No : 213) An organization hired a consultant to assist with an active attack, and the consultant was able to identify the compromised accounts and computers. Which of the following is the consultant MOST likely to recommend to prepare for eradication? 

A. Quarantining the compromised accounts and computers, only providing them with network access

B. Segmenting the compromised accounts and computers into a honeynet so as to not alert the attackers.

C. Isolating the compromised accounts and computers, cutting off all network and internet access.

D. Logging off and deleting the compromised accounts and computers to eliminate attacker access.

 

Question No : 214) Users at organization have been installing programs from the internet on their workstations without first proper authorization. The organization maintains a portal from which users can install standardized programs. However, some users have administrative access on their workstations to enable legacy programs to function property. Which of the following should the security administrator consider implementing to address this issue?

A. Application code signing

B. Application whitellsting

C. Data loss prevention

D. Web application firewalls

 

Question No : 215) Which of the following would be BEST to establish between organizations to define the responsibilities of each party outline the key deliverables and include monetary penalties for breaches to manage third-party risk?

A. An ARO

B. An MOU

C. An SLA

D. A BPA

 

Question No : 216) An attacker is exploiting a vulnerability that does not have a patch available. Which of the following is the attacker exploiting? 

A. Zero-day

B. Default permissions

C. Weak encryption

D. Unsecure root accounts

 

Question No : 217) A systems analyst is responsible for generating a new digital forensics chain-of-custody form Which of the following should the analyst Include in this documentation? (Select TWO).

A. The order of volatility

B. A checksum

C. The location of the artifacts

D. The vendor's name

E. The date and time

F. A warning banner

 

Question No : 218) A Chief Information Security Officer (CISO) is concerned about the organization's ability to continue business operation in the event of a prolonged DDoS attack on its local datacenter that consumes database resources. Which of the following will the CISO MOST likely recommend to mitigate this risk? 

A. Upgrade the bandwidth available into the datacenter

B. Implement a hot-site failover location

C. Switch to a complete SaaS offering to customers

D. Implement a challenge response test on all end-user queries

 

Question No : 219) A cybersecurity administrator is using iptables as an enterprise firewall. The administrator created some rules, but the network now seems to be unresponsive All connections are being dropped by the firewall. Which of the following would be the BEST option to remove the rules?

A. # iptables -t mangle -X

B. # iptables -F

C. # iptables -Z

D. # iptables -P INPUT -j DROP

 

Question No : 220) A security administrator checks the table of a network switch, which shows the following output:

 

A security administrator checks the table of a network switch, which shows the following output:

 

Which of the following is happening to this switch?

A. MAC Flooding

B. DNS poisoning

C. MAC cloning

D. ARP poisoning

 

Question No : 221) A security analyst is reviewing information regarding recent vulnerabilities. Which of the following will the analyst MOST likely consult to validate which platforms have been affected?

A. OSINT

B. SIEM

C. CVSS

D. CVE

 

Question No : 222) An analyst has determined that a server was not patched and an external actor exfiltrated data on port 139. Which of the following sources should the analyst review to BEST ascertain how the Incident could have been prevented?

A. The vulnerability scan output

B. The security logs

C. The baseline report

D. The correlation of events

 

Question No : 223) A security analyst discovers several .jpg photos from a cellular phone during a forensics investigation involving a compromised system. The analyst runs a forensics tool to gather file metadata. Which of the following would be part of the images if all the metadata is still intact?

A. The GPS location

B. When the file was deleted

C. The total number of print jobs

D. The number of copies made

 

Question No : 224) A forensics examiner is attempting to dump password cached in the physical memory of a live system but keeps receiving an error message. Which of the following BEST describes the cause of the error?

A. The examiner does not have administrative privileges to the system

B. The system must be taken offline before a snapshot can be created

C. Checksum mismatches are invalidating the disk image

D. The swap file needs to be unlocked before it can be accessed

 

Question No : 225) Which of the following will MOST likely cause machine learning and Al-enabled systems to operate with unintended consequences?

A. Stored procedures

B. Buffer overflows

C. Data bias

D. Code reuse

 

SY0-701 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Part 36

Part 37

Part 38

Part 39

Part 40

Part 41

Part 42

Logo

Our goal is to help students clear their exam by providing them genuine questions which helps students to achieve their goal. Many students have cleared their exam by going through our courses. Are you ready to clear yours?


Site Secured

mcaafe-secure

Last Scanned: 08-05-2025

Links

  • FAQ
  • Money Back Guarantee
  • About Us
  • Privacy Policy
  • Terms & Conditions
  • Contact Us
  • Testimonials

Disclaimer

  • SAP, Microsoft, Google, Amazon, Qualtrics, and all other brands are Registered Trademarks of their respective companies.
  • Theexamquestions.com is no way affiliated With any brand hosted on this website.
  • Theexamquestions.com offers only probable exam questions and answers.
  • Theexamquestions.com offer learning materials and practice tests created by subject matter technology experts to assist and help learners prepare for those exams. Theexamquestions.com do not offer dumps or questions from the actual exam.
  • Theexamquestions.com does not own or claim any ownership on any of the brands.
  • All Certification Brands used on the website are owned by the respective brand owners.

All course contents, trademarks, service marks, trade names, product names and logos appearing on the site are the property of their respective owners. The website Theexamquestions.com is in no way affiliated with any of the certification providers. Copyright © 2025 www.theexamquestions.com. All rights reserved.