CompTIA Security+Exam (SY0-701) Free Questions - Part 3
Question No : 31) A network administrator needs to build out a new datacenter, with a focus on resiliency and uptime. Which of the following would BEST meet this objective? (Choose two.)
A. Dual power supply
B. Off-site backups
C. Automatic OS upgrades
D. NIC teaming
E. Scheduled penetration testing
F. Network-attached storage
Question No : 32) A recently discovered zero-day exploit utilizes an unknown vulnerability in the SMB network protocol to rapidly infect computers. Once infected, computers are encrypted and held for ransom. Which of the following would BEST prevent this attack from reoccurring?
A. Configure the perimeter firewall to deny inbound external connections to SMB ports.
B. Ensure endpoint detection and response systems are alerting on suspicious SMB connections.
C. Deny unauthenticated users access to shared network folders.
D. Verify computers are set to install monthly operating system, updates automatically.
Question No : 33) A RAT that was used to compromise an organization’s banking credentials was found on a user’s computer. The RAT evaded antivirus detection. It was installed by a user who has local administrator rights to the system as part of a remote management tool set. Which of the following recommendations would BEST prevent this from reoccurring?
A. Create a new acceptable use policy.
B. Segment the network into trusted and untrusted zones.
C. Enforce application whitelisting.
D. Implement DLP at the network boundary.
Question No : 34) A cybersecurity analyst needs to implement secure authentication to third-party websites without users’ passwords. Which of the following would be the BEST way to achieve this objective?
A. OAuth
B. SSO
C. SAML
D. PAP
Question No : 35) Joe, an employee, receives an email stating he won the lottery. The email includes a link that requests a name, mobile phone number, address, and date of birth be provided to confirm Joe’s identity before sending him the prize. Which of the following BEST describes this type of email?
A. Spear phishing
B. Whaling
C. Phishing
D. Vishing
Question No : 36) A large industrial system's smart generator monitors the system status and sends alerts to third-party maintenance personnel when critical failures occur. While reviewing the network logs the company's security manager notices the generator's IP is sending packets to an internal file server's IP. Which of the following mitigations would be BEST for the security manager to implement while maintaining alerting capabilities?
A. Segmentation
B. Firewall whitelisting
C. Containment
D. isolation
Question No : 37) To secure an application after a large data breach, an e-commerce site will be resetting all users’ credentials. Which of the following will BEST ensure the site’s users are not compromised after the reset?
A. A password reuse policy
B. Account lockout after three failed attempts
C. Encrypted credentials in transit
D. A geofencing policy based on login history
Question No : 38) A security audit has revealed that a process control terminal is vulnerable to malicious users installing and executing software on the system. The terminal is beyond end-of-life support and cannot be upgraded, so it is placed on a projected network segment. Which of the following would be MOST effective to implement to further mitigate the reported vulnerability?
A. DNS sinkholding
B. DLP rules on the terminal
C. An IP blacklist
D. Application whitelisting
Question No : 39) During an incident response, a security analyst observes the following log entry on the web server. Which of the following BEST describes the type of attack the analyst is experience?
A. SQL injection
B. Cross-site scripting
C. Pass-the-hash
D. Directory traversal
Question No : 40) In the middle of a cybersecurity, a security engineer removes the infected devices from the network and lock down all compromised accounts. In which of the following incident response phases is the security engineer currently operating?
A. Identification
B. Preparation
C. Eradiction
D. Recovery
E. Containment
Question No : 41) An organization suffered an outage and a critical system took 90 minutes to come back online. Though there was no data loss during the outage, the expectation was that the critical system would be available again within 60 minutes Which of the following is the 60-minute expectation an example of:
A. MTBF
B. RPO
C. MTTR
D. RTO
Question No : 42) A network engineer needs to build a solution that will allow guests at the company’s headquarters to access the Internet via WiFi. This solution should not allow access to the internal corporate network, but it should require guests to sign off on the acceptable use policy before accessing the Internet. Which of the following should the engineer employ to meet these requirements?
A. Implement open PSK on the APs
B. Deploy a WAF
C. Configure WIPS on the APs
D. Install a captive portal
Question No : 43) A document that appears to be malicious has been discovered in an email that was sent to a company's Chief Financial Officer (CFO). Which of the following would be BEST to allow a security analyst to gather information and confirm it is a malicious document without executing any code it may contain?
A. Open the document on an air-gapped network
B. View the document's metadata for origin clues
C. Search for matching file hashes on malware websites
D. Detonate the document in an analysis sandbox
Question No : 44) Which of the following BEST describes a security exploit for which a vendor patch is not readily available?
A. Integer overflow
B. Zero-day
C. End of life
D. Race condition
Question No : 45) Which of the following is the purpose of a risk register?
A. To define the level or risk using probability and likelihood
B. To register the risk with the required regulatory agencies
C. To identify the risk, the risk owner, and the risk measures
D. To formally log the type of risk mitigation strategy the organization is using
SY0-701 Answers