Logo
  • Home
  • All Courses
    • Amazon - AWS
    • Cisco
    • CompTIA
    • EC Council
    • Microsoft
    • Oracle
    • Salesforce
    • Snowflake
  • Testimonials
  • Blogs
  • Login
  • Register
  • Cart

CompTIA Security+Exam (SY0-701) Free Questions - Part 41

Question No : 601) An incident, which is affecting dozens of systems, involves malware that reaches out to an Internet service for rules and updates. The IP addresses for the Internet host appear to be different in each case. The organization would like to determine a common IoC to support response and recovery actions. Which of the following sources of information would BEST support this solution?

A. Web log files

B. Browser cache

C. DNS query logs

D. Antivirus


Question No : 602) Security analyst must enforce policies to harden an MOM infrastructure. The requirements are as follows:

• Ensure mobile devices can be traded and wiped.

• Conrm mobile devices are encrypted.

Which of the following should the analyst enable on all the devices to meet these requirements?

A. Geofencing

B. Biometric authentication

C. Geolocation

D. Geotagging


Question No : 603) An application owner reports suspicious activity on an internal financial application from various internal users within the past 14 days. A security analyst notices the following:

• Financial transactions were occurring during irregular time frames and outside of business hours by unauthorized users.

• Internal users in question were changing their passwords frequently during that time period.

• A jump box that several domain administrator users use to connect to remote devices was recently compromised.

• The authentication method used in the environment is NTLM.

Which of the following types of attacks is MOST likely being used to gain unauthorized access?

A. Pass-the-hash

B. Brute-force

C. Directory traversal

D. Replay


Question No : 604) The Chief Information Security Officer (CISO) has decided to reorganize security staff to concentrate on incident response and to outsource outbound Internet URL categorization and filtering to an outside company. Additionally, the CISO would like this solution to provide the same protections even when a company laptop or mobile device is away from a home office. Which of the following should the CISO choose?

A. CASB

B. Next-generation SWG

C. NGFW

D. Web-application firewall


Question No : 605) A security analyst has received several reports of an issue on an internal web application. Users stale they are having to provide their credential twice lo log in. The analyst checks with the application team and notes this is not an expected behavior. After looking at several loos the analyst decades to run some commands on the gateway and obtains the following output Internet address.

 

ity analyst has received several reports of an issue on an internal web application.

 

Which of the following BEST describes the attack the company is experiencing?

A. MAC flooding

B. URL redirection

C. ARP poisoning

D. DNS hijacking


Question No : 606) Which of the following holds staff accountable while escorting unauthorized personnel? 

A. Locks

B. Badges

C. Cameras

D. Visitor logs


Question No : 607) An attacker was easily able to log in to a company's security camera by performing a baste online search for a setup guide for that particular camera brand and model. Which of the following BEST describes the configurations the attacker exploited?

A. Weak encryption

B. Unsecure protocols

C. Default settings

D. Open permissions


Question No : 608) A security analyst wants to verify that a client-server (non-web) application is sending encrypted traffic. Which of the following should the analyst use?

A. openssl

B. hping

C. netcat

D. tcpdump


Question No : 609) Which biometric error would allow an unauthorized user to access a system?

A. False acceptance

B. False entrance

C. False rejection

D. False denial


Question No : 610) A security administrator has noticed unusual activity occurring between different global instances and workloads and needs to identify the source of the unusual traffic. Which of the following log sources would be BEST to show the source of the unusual traffic?

A. HIDS

B. UEBA

C. CASB

D. VPC


Question No : 611) A company would like to provide flexibility for employees on device preference. However, the company is concerned about supporting too many different types of hardware. Which of the following deployment models will provide the needed flexibility with the GREATEST amount of control and security over company data and infrastructure?

A. BYOD

B. VDI

C. COPE

D. CYOD


Question No : 612) A company wants to restrict emailing of PHI documents. The company is implementing a DLP solution. In order to restrict PHI documents, which of the following should be performed FIRST?

A. Retention

B. Governance

C. Classification

D. Change management


Question No : 613) A bad actor tries to persuade someone to provide financial information over the phone in order to gain access to funds. Which of the following types of attacks does this scenario describe?

A. Vishing

B. Phishing

C. Spear phishing

D. Whaling


Question No : 614) DDoS attacks are causing an overload on the cluster of cloud servers. A security architect is researching alternatives to make the cloud environment respond to load fluctuation in a cost-effective way. Which of the following options BEST fulfils the architect’s requirements?

A. An orchestration solution that can adjust scalability of cloud assets

B. Use of multipath by adding more connections to cloud storage

C. Cloud assets replicated on geographically distributed regions

D. An on-site backup that is deployed and only used when the load increases


Question No : 615) A security analyst is reviewing a penetration-testing report from a third-party contractor. The penetration testers used the organization's new API to bypass a driver to perform privilege escalation on the organization's web servers. Upon looking at the API, the security analyst realizes the particular API call was to a legacy system running an outdated OS. Which of the following is the MOST likely attack type?

A. Request forgery

B. Session replay

C. DLL injection

D. Shimming

 

SY0-701 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Part 36

Part 37

Part 38

Part 39

Part 40

Part 41

Part 42

Logo

Our goal is to help students clear their exam by providing them genuine questions which helps students to achieve their goal. Many students have cleared their exam by going through our courses. Are you ready to clear yours?


Site Secured

mcaafe-secure

Last Scanned: 08-05-2025

Links

  • FAQ
  • Money Back Guarantee
  • About Us
  • Privacy Policy
  • Terms & Conditions
  • Contact Us
  • Testimonials

Disclaimer

  • SAP, Microsoft, Google, Amazon, Qualtrics, and all other brands are Registered Trademarks of their respective companies.
  • Theexamquestions.com is no way affiliated With any brand hosted on this website.
  • Theexamquestions.com offers only probable exam questions and answers.
  • Theexamquestions.com offer learning materials and practice tests created by subject matter technology experts to assist and help learners prepare for those exams. Theexamquestions.com do not offer dumps or questions from the actual exam.
  • Theexamquestions.com does not own or claim any ownership on any of the brands.
  • All Certification Brands used on the website are owned by the respective brand owners.

All course contents, trademarks, service marks, trade names, product names and logos appearing on the site are the property of their respective owners. The website Theexamquestions.com is in no way affiliated with any of the certification providers. Copyright © 2025 www.theexamquestions.com. All rights reserved.