CompTIA Security+Exam (SY0-701) Free Questions - Part 24

Question No : 346) After a phishing scam for a user's credentials, the red team was able to craft a payload to deploy on a server. The attack allowed the installation of malicious software that initiates a new remote session. Which of the following types of attacks has occurred? 

A. Privilege escalation

B. Session replay

C. Application programming interface

D. Directory traversalw


Question No : 347) A company suspects that some corporate accounts were compromised. The number of suspicious logins from locations not recognized by the users is increasing. Employees who travel need their accounts protected without the risk of blocking legitimate login requests that may be made over new sign-in properties. Which of the following security controls can be implemented?

A. Enforce MFA when an account request reaches a risk threshold.

B. implement geofenoing to only allow access from headquarters

C. Enforce time-based login requests trial align with business hours

D. Shift the access control scheme to a discretionary access control


Question No : 348) Administrators have allowed employee to access their company email from personal computers. However, the administrators are concerned that these computes are another attach surface and can result in user accounts being breached by foreign actors. Which of the following actions would provide the MOST secure solution? 

A. Enable an option in the administration center so accounts can be locked if they are accessed from different geographical areas

B. Implement a 16-character minimum length and 30-day expiration password policy

C. Set up a global mail rule to disallow the forwarding of any company email to email addresses outside the organization

D. Enforce a policy that allows employees to be able to access their email only while they are connected to the internet via VPN


Question No : 349) A SOC is implementing an in sider-threat-detection program. The primary concern is that users may be accessing confidential data without authorization. Which of the following should be deployed to detect a potential insider threat?

A. A honeyfile

B. ADMZ

C. DLP

D. File integrity monitoring


Question No : 350) A company just implemented a new telework policy that allows employees to use personal devices for official email and file sharing while working from home. Some of the requirements are:

* Employees must provide an alternate work location (i.e., a home address)

* Employees must install software on the device that will prevent the loss of proprietary data but will not restrict any other software from being installed.

Which of the following BEST describes the MDM options the company is using?

A. Geofencing, content management, remote wipe, containerization, and storage segmentation

B. Content management, remote wipe, geolocation, context-aware authentication, and containerization

C. Application management, remote wipe, geofencing, context-aware authentication, and containerization

D. Remote wipe, geolocation, screen locks, storage segmentation, and full-device encryption


Question No : 351) Which of the following would produce the closet experience of responding to an actual incident response scenario?

A. Lessons learned

B. Simulation

C. Walk-through

D. Tabletop


Question No : 352) A security analyst is responding to an alert from the SIEM. The alert states that malware was discovered on a host and was not automatically deleted. Which of the following would be BEST for the analyst to perform?

A. Add a deny-all rule to that host in the network ACL

B. Implement a network-wide scan for other instances of the malware.

C. Quarantine the host from other parts of the network

D. Revoke the client's network access certificates


Question No : 353) A cloud service provider has created an environment where customers can connect existing local networks to the cloud lor additional computing resources and block internal HR applications from reaching the cloud. Which of the following cloud models is being used?

A. Public

B. Community

C. Hybrid

D. Private


Question No : 354) The lessons-learned analysis from a recent incident reveals that an administrative office worker received a call from someone claiming to be from technical support. The caller convinced the office worker to visit a website, and then download and install a program masquerading as an antivirus package. The program was actually a backdoor that an attacker could later use to remote control the worker's PC. Which of the following would be BEST to help prevent this type of attack in the future?

A. Data loss prevention

B. Segmentation

C. Application whitelisting

D. Quarantine


Question No : 355) Which of the following would be MOST effective to contain a rapidly attack that is affecting a large number of organizations?

A. Machine learning

B. DNS sinkhole

C. Blocklist

D. Honeypot


Question No : 356) Law enforcement officials sent a company a notification that states electronically stored information and paper documents cannot be destroyed. Which of the following explains this process?

A. Data breach notification

B. Accountability

C. Legal hold

D. Chain of custody


Question No : 357) After a recent security breach, a security analyst reports that several administrative usernames and passwords are being sent via cleartext across the network to access network devices over port 23. Which of the following should be implemented so all credentials sent over the network are encrypted when remotely accessing and configuring network devices?

A. SSH

B. SNMPv3

C. SFTP

D. Telnet

E. FTP


Question No : 358) While reviewing pcap data, a network security analyst is able to locate plaintext usernames and passwords being sent from workstations to network witches. Which of the following is the security analyst MOST likely observing?

A. SNMP traps

B. A Telnet session

C. An SSH connection

D. SFTP traffic


Question No : 359) A forensics investigator is examining a number of unauthorized payments that were reported on the 00mpany’s website. Some unusual log entries show users received an email for an unwanted mailing list and clicked on a link to attempt to unsubscribe. One of the users reported the email to the phishing team, and the forwarded email revealed the link to be:

 

A forensics investigator is examining a number of unauthorized payments that were reported on the 00mpany’s website.

 

A. SQL injection

B. Broken authentication

C. XSS

D. XSRF


Question No : 360) A major clothing company recently lost a large amount of proprietary information The security officer must find a solution to ensure this never happens again Which of the following is the BEST technical implementation to prevent this from happening again?

A. Configure DLP solutions

B. Disable peer-to-peer sharing.

C. Enable role-based access controls

D. Mandate job rotation.

E. Implement content filters

 

SY0-701 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Part 36

Part 37

Part 38

Part 39

Part 40

Part 41

Part 42