Logo
  • Home
  • All Courses
    • Amazon - AWS
    • Cisco
    • CompTIA
    • EC Council
    • Microsoft
    • Oracle
    • Salesforce
    • Snowflake
  • Testimonials
  • Blogs
  • Login
  • Register
  • Cart

CompTIA Security+Exam (SY0-701) Free Questions - Part 33

Question No : 481) An organization recently discovered that a purchasing officer approved an invoice for an amount that was different than the original purchase order. After further investigation a security analyst determines that the digital signature for the fraudulent invoice is exactly the same as the digital signature for the correct invoice that had been approved Which of the following attacks MOST likely explains the behavior?

A. Birthday

B. Rainbow table

C. Impersonation

D. Whaling


Question No : 482) Which of the following should a data owner require all personnel to sign to legally protect intellectual property?

A. An NDA

B. An AUP

C. An ISA

D. An MOU


Question No : 483) Which of the following terms should be included in a contract to help a company monitor the ongoing security maturity of a new vendor?

A. A right-to-audit clause allowing for annual security audits

B. Requirements for event logs to be kept for a minimum of 30 days

C. Integration of threat intelligence in the company's AV

D. A data-breach clause requiring disclosure of significant data loss


Question No : 484) A security analyst was called to Investigate a file received directly from a hardware manufacturer. The analyst is trying to determine whether the file was modified in transit before installation on the user's computer. Which of the following can be used to safely assess the file? 

A. Check the hash of the installation file

B. Match the file names

C. Verify the URL download location

D. Verify the code-signing certificate


Question No : 485) A security analyst is concerned about critical vulnerabilities that have been detected on some applications running inside containers. Which of the following is the BEST remediation strategy?

A. Update the base container image and redeploy the environment.

B. Include the containers in the regular patching schedule for servers

C. Patch each running container individually and test the application

D. Update the host in which the containers are running


Question No : 486) A security administrator needs to inspect in-transit files on the enterprise network to search for Pll, credit card data, and classification words. Which of the following would be the BEST to use?

A. IDS solution

B. EDR solution

C. HIPS software solution
D. Network DLP solution


Question No : 487) A penetration tester successfully gained access to a company's network The investigating analyst determines malicious traffic connected through the WAP despite filtering rules being in place. Logging in to the connected switch, the analyst sees the following m the ARP table: 

 

A penetration tester successfully gained access to a company's network

 

Which of the following did the penetration tester MOST likely use?

A. ARP poisoning

B. MAC cloning

C. Man in the middle

D. Evil twin


Question No : 488) Which of the following BEST reduces the security risks introduced when running systems that have expired vendor support and lack an immediate replacement? 

A. Implement proper network access restrictions

B. Initiate a bug bounty program

C. Classify the system as shadow IT.

D. Increase the frequency of vulnerability scans


Question No : 489) Which of the following uses six initial steps that provide basic control over system security by including hardware and software inventory, vulnerability management, and continuous monitoring to minimize risk in all network environments?

A. ISO 27701

B. The Center for Internet Security

C. SSAE SOC 2

D. NIST Risk Management Framework


Question No : 490) A company Is concerned about is security after a red-team exercise. The report shows the team was able to reach the critical servers due to the SMB being exposed to the Internet and running NTLMV1, Which of the following BEST explains the findings?

A. Default settings on the servers

B. Unsecured administrator accounts

C. Open ports and services

D. Weak Data encryption


Question No : 491) Joe, an employee, is transferring departments and is providing copies of his files to a network share folder for his previous team to access. Joe is granting read-write-execute permissions to his manager but giving read-only access to the rest of the team. Which of the following access controls is Joe using?

A. FACL

B. DAC

C. ABAC

D. MAC


Question No : 492) Which of the following control types is focused primarily on reducing risk before an incident occurs?

A. Preventive

B. Deterrent

C. Corrective

D. Detective


Question No : 493) A company currently uses passwords for logging in to company-owned devices and wants to add a second authentication factor. Per corporate policy, users are not allowed to have smartphones at their desks. Which of the following would meet these requirements?

A. Smart card

B. PIN code

C. Knowledge-based question

D. Secret key


Question No : 494) The security team received a report of copyright infringement from the IP space of lire corporate network. The report provided a precise time stamp for the incident as well as the name of the copyrighted le. The analyst has been tasked with determining the infringing source machine and instructed to implement measures to prevent such incidents from occurring again. Which of the following is MOST capable of accomplishing both tasks?

A. HIDS

B. Allow list

C. TPM

D. NGFW


Question No : 495) Which of the following environments minimizes end user disruption and is MOST likely to be used to assess the impacts of any database migrations or major system changes by using the final version of the code in an operationally representative environment?

A. Staging

B. Test

C. Production

D. Development

 

SY0-701 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Part 36

Part 37

Part 38

Part 39

Part 40

Part 41

Part 42

Logo

Our goal is to help students clear their exam by providing them genuine questions which helps students to achieve their goal. Many students have cleared their exam by going through our courses. Are you ready to clear yours?


Site Secured

mcaafe-secure

Last Scanned: 08-05-2025

Links

  • FAQ
  • Money Back Guarantee
  • About Us
  • Privacy Policy
  • Terms & Conditions
  • Contact Us
  • Testimonials

Disclaimer

  • SAP, Microsoft, Google, Amazon, Qualtrics, and all other brands are Registered Trademarks of their respective companies.
  • Theexamquestions.com is no way affiliated With any brand hosted on this website.
  • Theexamquestions.com offers only probable exam questions and answers.
  • Theexamquestions.com offer learning materials and practice tests created by subject matter technology experts to assist and help learners prepare for those exams. Theexamquestions.com do not offer dumps or questions from the actual exam.
  • Theexamquestions.com does not own or claim any ownership on any of the brands.
  • All Certification Brands used on the website are owned by the respective brand owners.

All course contents, trademarks, service marks, trade names, product names and logos appearing on the site are the property of their respective owners. The website Theexamquestions.com is in no way affiliated with any of the certification providers. Copyright © 2025 www.theexamquestions.com. All rights reserved.