CompTIA Security+Exam (SY0-701) Free Questions - Part 8

Question No : 106) Which of the following cloud models provides clients with servers, storage, and networks but nothing else?

A. SaaS

B. PaaS

C. IaaS

D. DaaS

 

Question No : 107) A company uses wireless tor all laptops and keeps a very detailed record of its assets, along with a comprehensive list of devices that are authorized to be on the wirelessnetwork. The Chief Information Officer (CIO) is concerned about a script kiddie potentially using an unauthorized device to brute force the wireless PSK and obtain access to the internal network. Which of the following should the company implement to BEST prevent this from occurring?

A. A BPDU guard

B. WPA-EAP

C. IP filtering

D. A WIDS

 

Question No : 108) While checking logs, a security engineer notices a number of end users suddenly downloading files with the .tar.gz extension. Closer examination of the files reveals they are PE32 files. The end users state they did not initiate any of the downloads. Further investigation reveals the end users all clicked on an external email containing an infected MHT file with an href link a week prior. Which of the following is MOST likely occurring?

A. A RAT was installed and is transferring additional exploit tools.

B. The workstations are beaconing to a command-and-control server.

C. A logic bomb was executed and is responsible for the data transfers.

D. A fireless virus is spreading in the local network environment.

 

Question No : 109) A cybersecurity analyst reviews the log files from a web server and sees a series of files that indicates a directory-traversal attack has occurred. Which of the following is the analyst MOST likely seeing?

A)

 A cybersecurity analyst reviews the log files from a web server

B)

 A cybersecurity analyst reviews the log files from a web server

C)

 A cybersecurity analyst reviews the log files from a web server

A. Option A

B. Option B

C. Option C

D. Option D

 

Question No : 110) When selecting a technical solution for identity management, an architect chooses to go from an in-house to a third-party SaaS provider. Which of the following risk management strategies is this an example of?

A. Acceptance

B. Mitigation

C. Avoidance

D. Transference

 

Question No : 111) An organization needs to implement more stringent controls over administrator/root credentials and service accounts. Requirements for the project include:

Check-in/checkout of credentials

The ability to use but not know the password

Automated password changes

Logging of access to credentials

Which of the following solutions would meet the requirements?

A. OAuth 2.0

B. Secure Enclave

C. A privileged access management system

D. An OpenID Connect authentication system

 

Question No : 112) Phishing and spear-phishing attacks have been occurring more frequently against a company’s staff. Which of the following would MOST likely help mitigate this issue?

A. DNSSEC and DMARC

B. DNS query logging

C. Exact mail exchanger records in the DNS

D. The addition of DNS conditional forwarders

 

Question No : 113) An analyst needs to identify the applications a user was running and the files that were open before the user’s computer was shut off by holding down the power button. Which of the following would MOST likely contain that information?

A. NGFW

B. Pagefile

C. NetFlow

D. RAM

 

Question No : 114) A company recently set up an e-commerce portal to sell its product online. The company wants to start accepting credit cards for payment, which requires compliance with a security standard. Which of the following standards must the company comply with before accepting credit cards on its e-commerce platform?

A. PCI DSS

B. ISO 22301

C. ISO 27001

D. NIST CSF

 

Question No : 115) Which of the following would MOST likely support the integrity of a voting machine?

A. Asymmetric encryption

B. Blockchain

C. Transport Layer Security

D. Perfect forward secrecy

 

Question No : 116) Which of the following are the MOST likely vectors for the unauthorized inclusion of vulnerable code in a software company’s final software releases? (Select TWO.)

A. Unsecure protocols

B. Use of penetration-testing utilities

C. Weak passwords

D. Included third-party libraries

E. Vendors/supply chain

F. Outdated anti-malware software

 

Question No : 117) An organization has a growing workforce that is mostly driven by additions to the sales department. Each newly hired salesperson relies on a mobile device to conduct business. The Chief Information Officer (CIO) is wondering it the organization may need to scale down just as quickly as it scaled up. The ClO is also concerned about the organization's security and customer privacy. Which of the following would be BEST to address the ClO’s concerns?

A. Disallow new hires from using mobile devices for six months

B. Select four devices for the sales department to use in a CYOD model

C. Implement BYOD for the sates department while leveraging the MDM

D. Deploy mobile devices using the COPE methodology

 

Question No : 118) A university with remote campuses, which all use different service providers, loses Internet connectivity across all locations. After a few minutes, Internet and VoIP services are restored, only to go offline again at random intervals, typically within four minutes of services being restored. Outages continue throughout the day, impacting all inbound and outbound connections and services. Services that are limited to the local LAN or WiFi network are not impacted, but all WAN and VoIP services are affected. Later that day, the edge-router manufacturer releases a CVE outlining the ability of an attacker to exploit the SIP protocol handling on devices, leading to resource exhaustion and system reloads. Which of the following BEST describe this type of attack? (Choose two.)

A. DoS

B. SSL stripping

C. Memory leak

D. Race condition

E. Shimming

F. Refactoring

 

Question No : 119) A company's Chief Information Office (CIO) is meeting with the Chief Information Security Officer (CISO) to plan some activities to enhance the skill levels of the company's developers. Which of the following would be MOST suitable for training the developers'?

A. A capture-the-flag competition

B. A phishing simulation

C. Physical security training

D. Baste awareness training

 

Question No : 120) A network administrator has been asked to install an IDS to improve the security posture of an organization. Which of the following control types is an IDS?

A. Corrective

B. Physical

C. Detective

D. Administrative

 

SY0-701 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Part 36

Part 37

Part 38

Part 39

Part 40

Part 41

Part 42