Logo
  • Home
  • All Courses
    • Amazon - AWS
    • Cisco
    • CompTIA
    • EC Council
    • Microsoft
    • Oracle
    • Salesforce
    • Snowflake
  • Testimonials
  • Blogs
  • Login
  • Register
  • Cart

CompTIA Security+Exam (SY0-701) Free Questions - Part 20

Question No : 286) A user must introduce a password and a USB key to authenticate against a secure computer, and authentication is limited to the state in which the company resides. Which of the following authentication concepts are in use?

A. Something you know, something you have, and somewhere you are

B. Something you know, something you can do, and somewhere you are

C. Something you are, something you know, and something you can exhibit

D. Something you have, somewhere you are, and someone you know


Question No : 287) A security analyst must determine if either SSH or Telnet is being used to log in to servers. Which of the following should the analyst use?

A. logger

B. Metasploit

C. tcpdump

D. netstat


Question No : 288) A500 is implementing an insider threat detection program, The primary concern is that users may be accessing confidential data without authorization. Which of the fallowing should be deployed to detect a potential insider threat?

A. A honeyfile

B. A DMZ

C. ULF

D. File integrity monitoring


Question No : 289) After a hardware incident, an unplanned emergency maintenance activity was conducted to rectify the issue. Multiple alerts were generated on the SIEM during this period of time. Which of the following BEST explains what happened?

A The unexpected traffic correlated against multiple rules, generating multiple alerts. 

B. Multiple alerts were generated due to an attack occurring at the same time.

C. An error in the correlation rules triggered multiple alerts.

D. The SIEM was unable to correlate the rules, triggering the alerts.


Question No : 290) Which of the following components can be used to consolidate and forward inbound Interne! traffic to multiple cloud environments though a single firewall?

A. Transit gateway

B. Cloud hot site

C. Edge computing

D. DNS sinkhole


Question No : 291) Historically. a company has had issues with users plugging in personally owned removable media devices into corporate computers. As a result, the threat of malware incidents is almost constant. Which of the following would BEST help prevent the malware from being installed on the computers?

A. AUP

B. NGFW

C. DLP

D. EDR


Question No : 292) A company recently experienced an attack during which its main website was directed to the attacker’s web server, allowing the attacker to harvest credentials from unsuspecting customers. Which of the following should the company implement to prevent this type of attack occurring in the future?

A. IPSec

B. SSL/TLS

C. DNSSEC

D. S/MIME


Question No : 293) Which of the following controls would BEST identify and report malicious insider activities? 

A. An intrusion detection system

B. A proxy

C. Audit trails

D. Strong authentication


Question No : 294) A security assessment found that several embedded systems are running unsecure protocols. These Systems were purchased two years ago and the company that developed them is no longer in business Which of the following constraints BEST describes the reason the findings cannot be remediated?

A. inability to authenticate

B. Implied trust

C. Lack of computing power

D. Unavailable patch


Question No : 295) A company just developed a new web application for a government agency. The application must be assessed and authorized prior to being deployed. Which of the following is required to assess the vulnerabilities resident in the application? 

A. Repository transaction logs

B. Common Vulnerabilities and Exposures

C. Static code analysis

D. Non-credentialed scans


Question No : 296) The security administrator has installed a new firewall which implements an implicit DENY policy by default.

INSTRUCTIONS:

Click on the firewall and configure it to allow ONLY the following communication.

1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.

2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port

3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port. Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.

 

The security administrator has installed a new firewall which implements an implicit DENY policy by default.

Hot Area:

 

The security administrator has installed a new firewall which implements an implicit DENY policy by default.


Question No : 297) A developer is concerned about people downloading fake malware-infected replicas of a popular game. Which of the following should the developer do to help verify legitimate versions of the game for users?

A. Digitally sign the relevant game files.

B. Embed a watermark using steganography.

C. Implement TLS on the license activation server.

D. Fuzz the application for unknown vulnerabilities.


Question No : 298) An organization maintains several environments in which patches are developed and tested before deployed to an operation status. Which of the following is the environment in which patches will be deployed just prior to being put into an operational status?

A. Development

B. Test

C. Production

D. Staging


Question No : 299) Which of the following types of attacks is being attempted and how can it be mitigated? 

 

The security administrator has installed a new firewall which implements an implicit DENY policy by default.

 

A. XSS; implement a SIEM

B. CSRF; implement an IPS

C. Directory traversal: implement a WAF

D. SQL injection: implement an IDS


Question No : 300) After segmenting the network, the network manager wants to control the traffic between the segments. Which of the following should the manager use to control the network traffic?

A. A DMZ

B. A VPN

C. A VLAN

D. An ACL
 

SY0-701 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Part 36

Part 37

Part 38

Part 39

Part 40

Part 41

Part 42

Logo

Our goal is to help students clear their exam by providing them genuine questions which helps students to achieve their goal. Many students have cleared their exam by going through our courses. Are you ready to clear yours?


Site Secured

mcaafe-secure

Last Scanned: 08-05-2025

Links

  • FAQ
  • Money Back Guarantee
  • About Us
  • Privacy Policy
  • Terms & Conditions
  • Contact Us
  • Testimonials

Disclaimer

  • SAP, Microsoft, Google, Amazon, Qualtrics, and all other brands are Registered Trademarks of their respective companies.
  • Theexamquestions.com is no way affiliated With any brand hosted on this website.
  • Theexamquestions.com offers only probable exam questions and answers.
  • Theexamquestions.com offer learning materials and practice tests created by subject matter technology experts to assist and help learners prepare for those exams. Theexamquestions.com do not offer dumps or questions from the actual exam.
  • Theexamquestions.com does not own or claim any ownership on any of the brands.
  • All Certification Brands used on the website are owned by the respective brand owners.

All course contents, trademarks, service marks, trade names, product names and logos appearing on the site are the property of their respective owners. The website Theexamquestions.com is in no way affiliated with any of the certification providers. Copyright © 2025 www.theexamquestions.com. All rights reserved.