CompTIA Security+Exam (SY0-701) Free Questions - Part 38

Question No : 556) Which of the following should a technician consider when selecting an encryption method for data that needs to remain confidential for a specific length of time?

A. The key length of the encryption algorithm

B. The encryption algorithm's longevity

C. A method of introducing entropy into key calculations

D. The computational overhead of calculating the encryption key


Question No : 557) An administrator is experiencing issues when trying to upload a support file to a vendor. A pop-up message reveals that a payment card number was found in the file, and the file upload was blocked. Which of the following controls is most likely causing this issue and should be checked FIRST?

A. DLP

B. Firewall rule

C. Content filter

D. MDM

E. Application whitelist


Question No : 558) A recent audit cited a risk involving numerous low-criticality vulnerabilities created by a web application using a third-party library. The development staff state there are still customers using the application even though it is end of life and it would be a substantial burden to update the application for compatibility with more secure libraries. Which of the following would be the MOST prudent course of action?

A. Accept the risk if there is a clear road map for timely decommission

B. Deny the risk due to the end-of-life status of the application.

C. Use containerization to segment the application from other applications to eliminate the risk

D. Outsource the application to a third-party developer group


Question No : 559) When planning to build a virtual environment, an administrator need to achieve the following,

• Establish polices in Limit who can create new VMs

• Allocate resources according to actual utilization‘

• Require justication for requests outside of the standard requirements.

• Create standardized categories based on size and resource requirements

Which of the following is the administrator MOST likely trying to do?

A. Implement IaaS replication

B. Product against VM escape

C. Deploy a PaaS

D. Avoid VM sprawl


Question No : 560) An.. that has a large number of mobile devices is exploring enhanced security controls to manage unauthorized access if a device is lost or stolen. Specifically, if mobile devices are more than 3mi (4 8km) from the building, the management team would like to have the security team alerted and server resources restricted on those devices. Which of the following controls should the organization implement?

A. Geofencing

B. Lockout

C. Near-field communication

D. GPS tagging


Question No : 561) A security analyst wants to fingerprint a web server. Which of the following tools will the security analyst MOST likely use to accomplish this task? 

A. nmap -p1-65535 192.168.0.10

B. dig 192.168.0.10

C. curl --head http://192.168.0.10

D. ping 192.168.0.10


Question No : 562) Multiple business accounts were compromised a few days after a public website had its credentials database leaked on the Internet. No business emails were identified in the breach, but the security team thinks that the list of passwords exposed was later used to compromise business accounts. Which of the following would mitigate the issue? 

A. Complexity requirements

B. Password history

C. Acceptable use policy

D. Shared accounts


Question No : 563) A network analyst is investigating compromised corporate information. The analyst leads to a theory that network traffic was intercepted before being transmitted to the internet. The following output was captured on an internal host:

 

A network analyst is investigating compromised corporate information.

 

Based on the IoCS, which of the following was the MOST likely attack used to compromise the network communication?

A. Denial of service

B. ARP poisoning

C. Command injection

D. MAC flooding


Question No : 564) An analyst Is generating a security report for the management team. Security guidelines recommend disabling all listening unencrypted services. Given this output from Nmap: 

 

An analyst Is generating a security report for the management team.

 

Which of the following should the analyst recommend to disable?

A. 21/tcp

B. 22/tcp

C. 23/tcp

D. 443/tcp


Question No : 565) An enterprise needs to keep cryptographic keys in a safe manner. Which of the following network appliances can achieve this goal?

A. HSM

B. CASB

C. TPM

D. DLP


Question No : 566) A security researching is tracking an adversary by noting its attack and techniques based on its capabilities, infrastructure, and victims. Which of the following is the researcher MOST likely using?

A. The Diamond Model of intrusion Analysis

B. The Cyber Kill Chain\

C. The MITRE CVE database

D. The incident response process


Question No : 567) A company is considering transitioning to the cloud. The company employs individuals from various locations around the world The company does not want to increase its on-premises infrastructure blueprint and only wants to pay for additional compute power required. Which of the following solutions would BEST meet the needs of the company?

A. Private cloud

B. Hybrid environment

C. Managed security service provider

D. Hot backup site


Question No : 568) A security analyst b concerned about traffic initiated to the dark web from the corporate LAN. Which of the following networks should he analyst monitor? 

A. SFTP

B. AS

C. Tor

D. IoC


Question No : 569) A company's help desk received several AV alerts indicating Mimikatz attempted to run on the remote systems. Several users also reported that the new company flash drives they picked up in the break room only have 512KB of storage. Which of the following is MOST likely the cause?

A. The GPO prevents the use of flash drives, which triggers a false positive AV indication and restricts the drives to only 512KB of storage.

B. The new flash drives need a driver that is being blocked by the AV software because the flash drives are not on the application's allow list, temporarily restricting the drives to 512KB of storage.

C. The new flash drives are incorrectly partitioned, and the systems are automatically trying to use an unapproved application to repartition the drives. 

D. The GPO blocking the flash drives is being bypassed by a malicious flash drive that is attempting to harvest plain text credentials from memory.


Question No : 570) An organization recently recovered from a data breach. During the root cause analysis, the organization determined the source of the breach to be a personal cell phone that had been reported lost. Which of the following solutions should the organization implement to reduce the likelihood of future data breaches?

A. MDM

B. MAM

C. VDI

D. DLP

 

SY0-701 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Part 36

Part 37

Part 38

Part 39

Part 40

Part 41

Part 42