CompTIA Security+Exam (SY0-701) Free Questions - Part 39
Question No : 571) Several universities are participating in a collaborative research project and need to share compute and storage resources. Which of the following cloud deployment strategies would BEST meet this need?
A. Community
B. Private
C. Public
D. Hybrid
Question No : 572) A financial analyst has been accused of violating the company’s AUP and there is forensic evidence to substantiate the allegation. Which of the following would dispute the analyst’s claim of innocence?
A. Legal hold
B. Order of volatility
C. Non-repudiation
D. Chain of custody
Question No : 573) Which of the following would be BEST for a technician to review to determine the total risk an organization can bear when assessing a "cloud-first" adoption strategy?
A. Risk matrix
B. Risk tolerance
C. Risk register
D. Risk appetite
Question No : 574) A global company is experiencing unauthorized logging due to credential theft and account lockouts caused by brute-force attacks. The company is considering implementing a thirdparty identity provider to help mitigate these attacks. Which of the following would be the BEST control for the company to require from prospective vendors?
A. IP restrictions
B. Multifactor authentication
C. A banned password list
D. A complex password policy
Question No : 575) The new Chief Executive Officer (CEO) of a large company has announced a partnership with a vendor that will provide multiple collaboration applications t make remote work easier. The company has a geographically dispersed staff located in numerous remote offices in different countries. The company's IT administrators are concerned about network traffic and load if all users simultaneously download the application. Which of the following would work BEST to allow each geographic region to download the software without negatively impacting the corporate network?
A. Update the host IDS rules.
B. Enable application whitelisting.
C. Modify the corporate firewall rules.
D. Deploy all applications simultaneously.
Question No : 576) A user downloaded an extension for a browser, and the uses device later became infected. The analyst who is investigating the incident saw various logs where the attacker was hiding activity by deleting data The following was observed running:
Which of the following is the malware using to execute the attack?
A. PowerShell
B. Python
C. Bash
D. Macros
Question No : 577) The Chief Information Security Officer warns lo prevent exfiltration of sensitive information from employee cell phones when using public USB power charging stations. Which of the following would be the BEST solution to Implement?
A. DLP
B. USB data blocker
C. USB OTG
D. Disabling USB ports
Question No : 578) After gaining access to a dual-homed (i.e.. wired and wireless) multifunction device by exploiting a vulnerability in the device's firmware, a penetration tester then gains shell access on another networked asset This technique is an example of:
A. privilege escalation
B. footprinting
C. persistence
D. pivoting.
Question No : 579) An organization would like to remediate the risk associated with its cloud service provider not meeting its advertised 99.999% availability metrics. Which of the following should the organization consult for the exact requirements for the cloud provider?
A. SLA
B. BPA
C. NDA
D. MOU
Question No : 580) Hackers recently attacked a company's network and obtained several unfavorable pictures from the Chief Executive Officer's workstation. The hackers are threatening to send the images to the press if a ransom is not paid. Which of the following is impacted the MOST?
A. Identify theft
B. Data loss
C. Data exfiltration
D. Reputation
Question No : 581) An organization has expanded its operations by opening a remote office. The new office is fully furnished with office resources to support up to 50 employees working on any given day. Which of the following VPN solutions would BEST support the new office?
A. Always On
B. Remote access
C. Site-to-site
D. Full tunnel
Question No : 582) A security analyst is Investigating a malware incident at a company. The malware Is accessing a command-and-control website at www.comptia.com. All outbound Internet traffic is logged to a syslog server and stored in /logfiles/messages. Which of the following commands would be BEST for the analyst to use on the syslog server to search for recent traffic to the command-and-control website?
A. Option A
B. Option B
C. Option C
D. Option D
Question No : 583) A security analyst receives an alert from the company's SIEM that anomalous activity is coming from a local source IP address of 192.168.34.26. The Chief Information Security Officer asks the analyst to block the originating source. Several days later another employee opens an internal ticket stating that vulnerability scans are no longer being performed properly. The IP address the employee provides is 192.168.34.26. Which of the following describes this type of alert?
A. True positive
B. True negative
C. False positive
D. False negative
Question No : 584) An application developer accidentally uploaded a company's code-signing certificate private key to a public web server. The company is concerned about malicious use of its certificate. Which of the following should the company do FIRST?
A. Delete the private key from the repository-.
B. Verify the public key is not exposed as well.
C. Update the DLP solution to check for private keys.
D. Revoke the code-signing certificate.
Question No : 585) An attack has occurred against a company.
INSTRUCTIONS
You have been tasked to do the following:
Identify the type of attack that is occurring on the network by clicking on the attacker’s tablet and reviewing the output. (Answer Area 1).
Identify which compensating controls should be implemented on the assets, in order to reduce the effectiveness of future attacks by dragging them to the correct server.
(Answer area 2) All objects will be used, but not all placeholders may be filled. Objects may only be used once.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Select and Place:
SY0-701 Answers