Logo
  • Home
  • All Courses
    • Amazon - AWS
    • Cisco
    • CompTIA
    • EC Council
    • Microsoft
    • Oracle
    • Salesforce
    • Snowflake
  • Testimonials
  • Blogs
  • Login
  • Register
  • Cart

CompTIA Security+Exam (SY0-701) Free Questions - Part 23

Question No : 331) A company is setting up a web server on the Internet that will utilize both encrypted and unencrypted web-browsing protocols. A security engineer runs a port scan against the server from the Internet and sees the following output:

 

A company is setting up a web server on the Internet that will utilize both encrypted and unencrypted web-browsing protocols.

 

Which of the following steps would be best for the security engineer to take NEXT?

A. Allow DNS access from the internet.

B. Block SMTP access from the Internet

C. Block HTTPS access from the Internet

D. Block SSH access from the Internet.


Question No : 332) Which of the following should be monitored by threat intelligence researchers who search for leaked credentials?

A. Common Weakness Enumeration

B. OSINT

C. Dark web

D. Vulnerability databases


Question No : 333) A security proposal was set up to track requests for remote access by creating a baseline of the users' common sign-in properties. When a baseline deviation is detected, an Iv1FA challenge will be triggered. Which of the following should be configured in order to deploy the proposal?

A. Context-aware authentication

B. Simultaneous authentication of equals

C. Extensive authentication protocol

D. Agentless network access control


Question No : 334) A company is providing security awareness training regarding the importance of not forwarding social media messages from unverified sources. Which of the following risks would this training help to prevent?

A. Hoaxes

B. SPIMs

C. Identity fraud

D. Credential harvesting


Question No : 335) A cybersecurity administrator needs to implement a Layer 7 security control on a network and block potential attacks. Which of the following can block an attack at Layer 7? (Select TWO).

A. HIDS

B. NIPS

C. HSM

D. WAF

E. NAC

F. NIDS

G. Stateless firewall


Question No : 336) A company is implementing a new SIEM to log and send alerts whenever malicious activity is blocked by its antivirus and web content filters. Which of the following is the primary use case for this scenario?

A. Implementation of preventive controls

B. Implementation of detective controls

C. Implementation of deterrent controls

D. Implementation of corrective controls


Question No : 337) Name: Wikipedia.org Address: 208.80.154.224 Which of the following attacks MOST likely occurred on the user’s internal network?

A. DNS poisoning
B. URL redirection
C. ARP poisoning
D. /etc/hosts poisoning

 

Question No : 338) Which of the following control types would be BEST to use to identify violations and incidents?

A. Detective

B. Compensating

C. Deterrent

D. Corrective

E. Recovery

F. Preventive


Question No : 339) A dynamic application vulnerability scan identified code injection could be performed using a web form. Which of the following will be BEST remediation to prevent this vulnerability? 

A. Implement input validations

B. Deploy MFA

C. Utilize a WAF

D. Configure HIPS


Question No : 340) A company reduced the area utilized in its datacenter by creating virtual networking through automation and by creating provisioning routes and rules through scripting. Which of the following does this example describe?

A. laC

B. MSSP

C. Containers

D. SaaS


Question No : 341) An analyst is generating a security report for the management team. Security guidelines recommend disabling all listening unencrypted services. Given this output from Nmap.

 

An analyst is generating a security report for the management team.

 

Which of the following should the analyst recommend to disable?

A. 21/tcp

B. 22/tcp

C. 23/tcp

D. 443/tcp


Question No : 342) A network engineer at a company with a web server is building a new web environment with the following requirements: Only one web server at a time can service requests. If the primary web server fails, a failover needs to occur to ensure the secondary web server becomes the primary. Which of the following load-balancing options BEST fits the requirements?

A. Cookie-based

B. Active-passive

C. Persistence

D. Round robin


Question No : 343) A security manager runs Nessus scans of the network after every maintenance window. Which of the following is the security manger MOST likely trying to accomplish? 

A. Verifying that system patching has effectively removed knows vulnerabilities

B. Identifying assets on the network that may not exist on the network asset inventory

C. Validating the hosts do not have vulnerable ports exposed to the internet

D. Checking the status of the automated malware analysis that is being performed


Question No : 344) A security analyst generated a file named host1.pcap and shared it with a team member who is going to use it for further incident analysis. Which of the following tools will the other team member MOST likely use to open this file?

A. Autopsy

B. Memdump

C. FTK imager

D. Wireshark


Question No : 345) A user's PC was recently infected by malware. The user has a legacy printer without vendor support, and the user's OS is fully patched. The user downloaded a driver package from the internet. No threats were found on the downloaded file, but during file installation, a malicious runtime threat was detected. Which of the following is MOST likely cause of the infection?

A. The driver has malware installed and was refactored upon download to avoid detection.

B. The user's computer has a rootkit installed that has avoided detection until the new driver overwrote key files.

C. The user's antivirus software definition were out of date and were damaged by the installation of the driver

D. The user's computer has been infected with a logic bomb set to run when new driver was installed.

 

SY0-701 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Part 36

Part 37

Part 38

Part 39

Part 40

Part 41

Part 42

Logo

Our goal is to help students clear their exam by providing them genuine questions which helps students to achieve their goal. Many students have cleared their exam by going through our courses. Are you ready to clear yours?


Site Secured

mcaafe-secure

Last Scanned: 08-05-2025

Links

  • FAQ
  • Money Back Guarantee
  • About Us
  • Privacy Policy
  • Terms & Conditions
  • Contact Us
  • Testimonials

Disclaimer

  • SAP, Microsoft, Google, Amazon, Qualtrics, and all other brands are Registered Trademarks of their respective companies.
  • Theexamquestions.com is no way affiliated With any brand hosted on this website.
  • Theexamquestions.com offers only probable exam questions and answers.
  • Theexamquestions.com offer learning materials and practice tests created by subject matter technology experts to assist and help learners prepare for those exams. Theexamquestions.com do not offer dumps or questions from the actual exam.
  • Theexamquestions.com does not own or claim any ownership on any of the brands.
  • All Certification Brands used on the website are owned by the respective brand owners.

All course contents, trademarks, service marks, trade names, product names and logos appearing on the site are the property of their respective owners. The website Theexamquestions.com is in no way affiliated with any of the certification providers. Copyright © 2025 www.theexamquestions.com. All rights reserved.