CompTIA Security+Exam (SY0-701) Free Questions - Part 36

Question No : 526) A small business office is setting up a wireless infrastructure with primary requirements centered around protecting customer information and preventing unauthorized access to the business network. Which of the following would BEST support the office's business needs? (Select TWO)

A. Installing WAPs with strategic placement

B. Configuring access using WPA3

C. Installing a WIDS

D. Enabling MAC filtering

E. Changing the WiFi password every 30 days

F. Reducing WiFi transmit power throughout the office


Question No : 527) A company's cybersecurity department is looking for a new solution to maintain high availability. Which of the following can be utilized to build a solution? (Select Two)

A. A stateful inspection

B. IP hashes

C. A round robin

D. A VLAN

E. A DMZ


Question No : 528) A security analyst has been reading about a newly discovered cyber attack from a known threat actor. Which of the following would BEST support the analyst's review of the tactics, techniques, and protocols the threat actor was observed using in previous campaigns?

A. Security research publications

B. The MITRE ATT&CK framework

C. The Diamond Model of Intrusion Analysis

D. The Cyber Kill Chain


Question No : 529) A systems analyst is responsible for generating a new digital forensics chain-of-custody form. Which of the following should the analyst include in this documentation? (Choose two.)

A. The order of volatility

B. ACRC32 checksum

C. The provenance of the artifacts

D. The vendor's name

E. The date and time

F. A warning banner


Question No : 530) Which of the following types of attacks is specific to the individual it targets?

A. Whaling

B. Pharming

C. Smishing

D. Credential harvesting


Question No : 531) A Chief Security Officer (CSO) is concerned about the volume and integrity of sensitive information that is exchanged between the organization and a third party through email. The CSO is particularly concerned about an unauthorized party who is intercepting information that is in transit between the two organizations. Which of the following would address the CSO's concerns?

A. SPF

B. DMARC

C. SSL

D. DKIM

E. TLS


Question No : 532) Which two features are available only in next-generation firewalls? (Choose two )

A. deep packet inspection

B. packet filtering

C. application awareness

D. stateful inspection

E. virtual private network


Question No : 533) An organization plans to transition the intrusion detection and prevention techniques on a critical subnet to an anomaly-based system. Which of the following does the organization need to determine for this to be successful?

A. The baseline

B. The endpoint configurations

C. The adversary behavior profiles

D. The IPS signatures


Question No : 534) An organization is planning to open other datacenters to sustain operations in the event of a natural disaster. Which of the following considerations would BEST support the organization's resiliency?

A. Geographic dispersal

B. Generator power

C. Fire suppression

D. Facility automation


Question No : 535) Which of the following is the correct order of volatility from MOST to LEAST volatile?

A. Memory, temporary filesystems, routing tables, disk, network storage

B. Cache, memory, temporary filesystems, disk, archival media

C. Memory, disk, temporary filesystems, cache, archival media

D. Cache, disk, temporary filesystems, network storage, archival media


Question No : 536) Which of the following is the BEST reason to maintain a functional and effective asset management policy that aids in ensuring the security of an organization?

A. To provide data to quantity risk based on the organization's systems.

B. To keep all software and hardware fully patched for known vulnerabilities

C. To only allow approved, organization-owned devices onto the business network

D. To standardize by selecting one laptop model for all users in the organization


Question No : 537) During an investigation, the incident response team discovers that multiple administrator accounts were suspected of being compromised. The host audit logs indicate a repeated brute-force attack on a single administrator account followed by suspicious logins from unfamiliar geographic locations. Which of the following data sources would be BEST to use to assess the accounts impacted by this attack?

A. User behavior analytics

B. Dump files

C. Bandwidth monitors

D. Protocol analyzer output


Question No : 538) A website developer who is concerned about theft of the company's user database warns to protect weak passwords from offline brute-force attacks. Which of the following be the BEST solution?

A. Lock accounts after five failed logons

B. Precompute passwords with rainbow tables

C. Use a key-stretching technique

D. Hash passwords with the MD5 algorithm


Question No : 539) A company was compromised, and a security analyst discovered the attacker was able to get access to a service account. The following logs were discovered during the investigation:

 

A company was compromised, and a security analyst discovered the attacker was able to get access to a service accou

 

Which of the following MOST likely would have prevented the attacker from learning the service account name?

A. Race condition testing

B. Proper error handling

C. Forward web server logs to a SIEM

D. Input sanitization


Question No : 540) Which of the following would BEST identify and remediate a data-loss event in an enterprise using third-party, web-based services and file-sharing platforms?

A. SIEM

B. CASB

C. UTM

D. EDR

 

SY0-701 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Part 36

Part 37

Part 38

Part 39

Part 40

Part 41

Part 42