Logo
  • Home
  • All Courses
    • Amazon - AWS
    • Cisco
    • CompTIA
    • EC Council
    • Microsoft
    • Oracle
    • Salesforce
    • Snowflake
  • Testimonials
  • Blogs
  • Login
  • Register
  • Cart

CompTIA Security+Exam (SY0-701) Free Questions - Part 34

Question No : 496) A security analyst reports a company policy violation in a case in which a large amount of sensitive data is being downloaded after hours from various mobile devices to an external site. Upon further investigation, the analyst notices that successful login attempts are being conducted with impossible travel times during the same time periods when the unauthorized downloads are occurring. The analyst also discovers a couple of WAPs are using the same SSID, but they have non-standard DHCP configurations and an overlapping channel. Which of the following attacks is being conducted? 

A. Evil twin

B. Jamming

C. DNS poisoning

D. Bluesnarfing

E. DDoS


Question No : 497) After installing a Windows server, a cybersecurity administrator needs to harden it, following security best practices. Which of the following will achieve the administrator's goal? (Select TWO).

A. Disabling guest accounts

B. Disabling service accounts

C. Enabling network sharing

D. Disabling NetBIOS over TCP/IP

E. Storing LAN manager hash values

F. Enabling NTLM


Question No : 498) A systems administrator is looking for a solution that will help prevent OAuth applications from being leveraged by hackers to trick users into authorizing the use of their corporate credentials. Which of the following BEST describes this solution?

A. CASB

B. UEM

C. WAF

D. VPC


Question No : 499) A customer called a company's security team to report that all invoices the customer has received over the last five days from the company appear to have fraudulent banking details. An investigation into the matter reveals the following

* The manager of the accounts payable department is using the same password across multiple external websites and the corporate account.

* One of the websites the manager used recently experienced a data breach.

* The manager's corporate email account was successfully accessed in the last five days by an IP address located in a foreign country

Which of the following attacks has MOST likely been used to compromise the manager's corporate account?

A. Remote access Trojan

B. Brute-force

C. Dictionary

D. Credential stuffing

E. Password spraying


Question No : 500) A desktop support technician recently installed a new document-scanning software program on a computer However, when the end user tried to launch the program, it did not respond. Which of the following is MOST likely the cause?

A. A new firewall rule is needed to access the application.

B. The system was quarantined for missing software updates

C. The software was not added to the application whitelist.

D. The system was isolated from the network due to infected software.


Question No : 501) Which of the following policies establishes rules to measure third-party work tasks and ensure deliverables are provided within a specific time line?

A. SLA

B. MOU

C. AUP

D. NDA


Question No : 502) A company wants to modify its current backup strategy to minimize the number of backups that would need to be restored in case of data loss. Which of the following would be the BEST backup strategy to implement?

A. Incremental backups followed by differential backups

B. Full backups followed by incremental backups

C. Delta backups followed by differential backups

D. Incremental backups followed by delta backups

E. Full backups followed by differential backups


Question No : 503) A new vulnerability in the SMB protocol on the Windows systems was recently discovered, but no patches are currently available to resolve the issue. The security administrator is concerned tf servers in the company's DMZ will be vulnerable to external attack; however, the administrator cannot disable the service on the servers, as SMB is used by a number of internal systems and applications on the LAN. Which of the following TCP ports should be blocked for all external inbound connections to the DMZ as a workaround to protect the servers? (Select TWO).

A. 135

B. 139

C. 143

D. 161

E. 443

F. 445


Question No : 504) An organization wants to integrate its incident response processes into a workflow with automated decision points and actions based on predefined playbooks. Which of the following should the organization implement?

A. SIEM

B. SOAR

C. EDR

D. CASB


Question No : 505) A new plug-and-play storage device was installed on a PC in the corporate environment. Which of the following safeguards will BEST help to protect the PC from malicious files on the storage device?

A. Change the default settings on the PC.

B. Define the PC firewall rules to limit access.

C. Encrypt the disk on the storage device.

D. Plug the storage device in to the UPS


Question No : 506) Security analysts are conducting an investigation of an attack that occurred inside the organization’s network. An attacker was able to connect network traffic between workstation throughout the network. The analysts review the following logs:

 

Security analysts are conducting an investigation of an attack that occurred inside the organization’s network.

 

The layer 2 address table has hundred of entries similar to the ones above. Which of the following attacks has MOST likely occurred?

A. SQL injection

B. DNS spoofing

C. MAC flooding

D. ARP poisoning


Question No : 507) Which of the following distributes data among nodes, making it more difficult to manipulate the data while also minimizing downtime?

A. MSSP

B. Public cloud

C. Hybrid cloud

D. Fog computing


Question No : 508) Which of the following BEST describes the MFA attribute that requires a callback on a predefined landline?

A. Something you exhibit

B. Something you can do

C. Someone you know

D. Somewhere you are


Question No : 509) A security researcher has alerted an organization that its sensitive user data was found for sale on a website. Which of the following should the organization use to inform the affected parties?

A. An incident response plan

B. A communications plan

C. A business continuity plan

D. A disaster recovery plan


Question No : 510) An engineer needs to deploy a security measure to identify and prevent data tampering within the enterprise. Which of the following will accomplish this goal? 

A. Antivirus

B. IPS

C. FTP

D. FIM

 

SY0-701 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Part 36

Part 37

Part 38

Part 39

Part 40

Part 41

Part 42

Logo

Our goal is to help students clear their exam by providing them genuine questions which helps students to achieve their goal. Many students have cleared their exam by going through our courses. Are you ready to clear yours?


Site Secured

mcaafe-secure

Last Scanned: 08-05-2025

Links

  • FAQ
  • Money Back Guarantee
  • About Us
  • Privacy Policy
  • Terms & Conditions
  • Contact Us
  • Testimonials

Disclaimer

  • SAP, Microsoft, Google, Amazon, Qualtrics, and all other brands are Registered Trademarks of their respective companies.
  • Theexamquestions.com is no way affiliated With any brand hosted on this website.
  • Theexamquestions.com offers only probable exam questions and answers.
  • Theexamquestions.com offer learning materials and practice tests created by subject matter technology experts to assist and help learners prepare for those exams. Theexamquestions.com do not offer dumps or questions from the actual exam.
  • Theexamquestions.com does not own or claim any ownership on any of the brands.
  • All Certification Brands used on the website are owned by the respective brand owners.

All course contents, trademarks, service marks, trade names, product names and logos appearing on the site are the property of their respective owners. The website Theexamquestions.com is in no way affiliated with any of the certification providers. Copyright © 2025 www.theexamquestions.com. All rights reserved.