CompTIA Security+Exam (SY0-701) Free Questions - Part 31
Question No : 451) A penetration tester was able to compromise an internal server and is now trying to pivot the current session in a network lateral movement. Which of the following tools, if available on the server, will provide the MOST useful information for the next assessment step?
A. Autopsy
B. Cuckoo
C. Memdump
D. Nmap
Question No : 452) Which of the following is a detective and deterrent control against physical intrusions?
A. A lock
B. An alarm
C. A fence
D. A sign
Question No : 453) A security operations analyst is using the company's SIEM solution to correlate alerts. Which of the following stages of the incident response process is this an example of?
A. Eradication
B. Recovery
C. Identification
D. Preparation
Question No : 454) Which of the following environments would MOST likely be used to assess the execution of component parts of a system at both the hardware and software levels and to measure performance characteristics?
A. Test
B. Staging
C. Development
D. Production
Question No : 455) The Chief Information Security Officer wants to pilot a new adaptive, user-based authentication method. The concept Includes granting logical access based on physical location and proximity. Which of the following Is the BEST solution for the pilot?
A. Geofencing
B. Self-sovereign identification
C. PKl certificates
D. SSO
Question No : 456) If a current private key is compromised, which of the following would ensure it cannot be used to decrypt all historical data?
A. Perfect forward secrecy
B. Elliptic-curve cryptography
C. Key stretching
D. Homomorphic encryption
Question No : 457) A company installed several crosscut shredders as part of increased information security practices targeting data leakage risks. Which of the following will this practice reduce?
A. Dumpster diving
B. Shoulder surfing
C. Information elicitation
D. Credential harvesting
Question No : 458) A security analyst is investigating a vulnerability in which a default file permission was set incorrectly. The company uses non-credentialed scanning for vulnerability management. Which of the following tools can the analyst use to verify the permissions?
A. ssh
B. chmod
C. 1s
D. setuid
E. nessus
F. nc
Question No : 459) Remote workers in an organization use company-provided laptops with locally installed applications and locally stored data Users can store data on a remote server using an encrypted connection. The organization discovered data stored on a laptop had been made available to the public Which of the following security solutions would mitigate the risk of future data disclosures?
A. FDE
B. TPM
C. HIDS
D. VPN
Question No : 460) Developers are about to release a financial application, but the number of fields on the forms that could be abused by an attacker is troubling. Which of the following techniques should be used to address this vulnerability?
A. Implement input validation
B. Encrypt data Before submission
C. Perform a manual review
D. Conduct a peer review session
Question No : 461) A security administrator has discovered that workstations on the LAN are becoming infected with malware. The cause of the infections appears to be users receiving phishing emails that are bypassing the current email-filtering technology. As a result, users are being tricked into clicking on malicious URLs, as no internal controls currently exist in the environment to evaluate their safety. Which of the following would be BEST to implement to address the issue?
A. Forward proxy
B. HIDS
C. Awareness training
D. A jump server
E. IPS
Question No : 462) A Chief Security Officer (CSO) has asked a technician to devise a solution that can detect unauthorized execution privileges from the OS in both executable and data files, and can work in conjunction with proxies or UTM. Which of the following would BEST meet the CSO's requirements?
A Fuzzing
B Sandboxing
C. Static code analysis
D. Code review
Question No : 463) Several large orders of merchandise were recently purchased on an e-commerce company's website. The totals for each of the transactions were negative values, resulting in credits on the customers' accounts. Which of the following should be implemented to prevent similar situations in the future?
A. Ensure input validation is in place to prevent the use of invalid characters and values.
B. Calculate all possible values to be added together and ensure the use of the proper integer in the code.
C. Configure the web application firewall to look for and block session replay attacks.
D. Make sure transactions that are submitted within very short time periods are prevented from being processed.
Question No : 464) A security analyst has identified malware spreading through the corporate network and has activated the CSIRT Which of the following should the analyst do NEXT?
A. Review how the malware was introduced to the network.
B. Attempt to quarantine all infected hosts to limit further spread.
C. Create help desk tickets to get infected systems reimaged.
D. Update all endpoint antivirus solutions with the latest updates.
Question No : 465) Which of the following cryptographic concepts would a security engineer utilize while implementing non-repudiation? (Select TWO)
A. Block cipher
B. Hashing
C. Private key
D. Perfect forward secrecy
E. Salting
F. Symmetric keys
SY0-701 Answers