CompTIA Security+Exam (SY0-701) Free Questions - Part 6

Question No : 76) A commercial cyber-threat intelligence organization observes IoCs across a variety of unrelated customers. Prior to releasing specific threat intelligence to other paid subscribers, the organization is MOST likely obligated by contracts to:

A. perform attribution to specific APTs and nation-state actors.

B. anonymize any PII that is observed within the IoC data.

C. add metadata to track the utilization of threat intelligence reports.

D. assist companies with impact assessments based on the observed data.

 

Question No : 77) A security analyst has been asked to investigate a situation after the SOC started to receive alerts from the SIEM. The analyst first looks at the domain controller and finds the following events: To better understand what is going on, the analyst runs a command and receives the following output:

 

A security analyst has been asked to investigate a situation after the SOC started to receive alerts from the SIEM.

 

Based on the analyst’s findings, which of the following attacks is being executed?

A. Credential harvesting

B. Keylogger

C. Brute-force

D. Spraying

 

Question No : 78) A Chief Security Officer (CSO) is concerned about the amount of PII that is stored locally on each salesperson’s laptop. The sales department has a higher-than-average rate of lost equipment. Which of the following recommendations would BEST address the CSO’s concern? 

A. Deploy an MDM solution.

B. Implement managed FDE.

C. Replace all hard drives with SEDs.

D. Install DLP agents on each laptop.

 

Question No : 79) A vulnerability assessment report will include the CVSS score of the discovered vulnerabilities because the score allows the organization to better.

A. validate the vulnerability exists in the organization's network through penetration testing

B. research the appropriate mitigation techniques in a vulnerability database

C. find the software patches that are required to mitigate a vulnerability

D. prioritize remediation of vulnerabilities based on the possible impact.

 

Question No : 80) A security analyst discovers that a company username and password database was posted on an internet forum. The username and passwords are stored in plan text. Which of the following would mitigate the damage done by this type of data exfiltration in the future? 

A. Create DLP controls that prevent documents from leaving the network

B. Implement salting and hashing

C. Configure the web content filter to block access to the forum.

D. Increase password complexity requirements

 

Question No : 81) A user reports constant lag and performance issues with the wireless network when working at a local coffee shop. A security analyst walks the user through an installation of Wireshark and get a five-minute pcap to analyze. The analyst observes the following output: Which of the following attacks does the analyst MOST likely see in this packet capture?

A. Session replay

B. Evil twin

C. Bluejacking

D. ARP poisoning

 

Question No : 82) The Chief Financial Officer (CFO) of an insurance company received an email from Ann, the company’s Chief Executive Officer (CEO), requesting a transfer of $10,000 to an account. The email states Ann is on vacation and has lost her purse, containing cash and credit cards. Which of the following social-engineering techniques is the attacker using?

A. Phishing

B. Whaling

C. Typo squatting

D. Pharming

 

Question No : 83) The IT department at a university is concerned about professors placing servers on the university network in an attempt to bypass security controls. Which of the following BEST represents this type of threat?

A. A script kiddie

B. Shadow IT

C. Hacktivism

D. White-hat

 

Question No : 84) A researcher has been analyzing large data sets for the last ten months. The researcher works with colleagues from other institutions and typically connects via SSH to retrieve additional data. Historically, this setup has worked without issue, but the researcher recently started getting the following message:

 

A researcher has been analyzing large data sets for the last ten months.

 

Which of the following network attacks is the researcher MOST likely experiencing?

A. MAC cloning

B. Evil twin

C. Man-in-the-middle

D. ARP poisoning

 

Question No : 85) A company recently moved sensitive videos between on-premises. Company-owned websites. The company then learned the videos had been uploaded and shared to the internet. Which of the following would MOST likely allow the company to find the cause?

A. Checksums

B. Watermarks

C. Oder of volatility

D. A log analysis

E. A right-to-audit clause

 

Question No : 86) A company recently experienced a data breach and the source was determined to be an executive who was charging a phone in a public area. Which of the following would MOST likely have prevented this breach?

A. A firewall

B. A device pin

C. A USB data blocker

D. Biometrics

 

Question No : 87) A database administrator needs to ensure all passwords are stored in a secure manner, so the administrate adds randomly generated data to each password before string. Which of the following techniques BEST explains this action?

A. Predictability

B. Key stretching

C. Salting

D. Hashing

 

Question No : 88) A company provides mobile devices to its users to permit access to email and enterprise applications. The company recently started allowing users to select from several different vendors and device models. When configuring the MDM, which of the following is a key security implication of this heterogeneous device approach?

A. The most common set of MDM configurations will become the effective set of enterprise mobile security controls.

B. All devices will need to support SCEP-based enrollment; therefore, the heterogeneity of the chosen architecture may unnecessarily expose private keys to adversaries.

C. Certain devices are inherently less secure than others, so compensatory controls will be needed to address the delta between device vendors.

D. MDMs typically will not support heterogeneous deployment environments, so multiple MDMs will need to be installed and configured.

 

Question No : 89) A network engineer notices the VPN concentrator overloaded and crashes on days when there are a lot of remote workers. Senior management has placed greater importance on the availability of VPN resources for the remote workers than the security of the end users’ traffic. Which of the following would be BEST to solve this issue?

A. iPSec

B. Always On

C. Split tunneling

D. L2TP

 

Question No : 90) A security auditor is reviewing vulnerability scan data provided by an internal security team. Which of the following BEST indicates that valid credentials were used? 

A. The scan results show open ports, protocols, and services exposed on the target host

B. The scan enumerated software versions of installed programs

C. The scan produced a list of vulnerabilities on the target host

D. The scan identified expired SSL certificates

 

SY0-701 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Part 36

Part 37

Part 38

Part 39

Part 40

Part 41

Part 42