Logo
  • Home
  • All Courses
    • Amazon - AWS
    • Cisco
    • CompTIA
    • EC Council
    • Microsoft
    • Oracle
    • Salesforce
    • Snowflake
  • Testimonials
  • Blogs
  • Login
  • Register
  • Cart

CompTIA Security+Exam (SY0-701) Free Questions - Part 9

Question No : 121) Which of the following will MOST likely adversely impact the operations of unpatched traditional programmable-logic controllers, running a back-end LAMP server and OT systems with human-management interfaces that are accessible over the Internet via a web interface? (Choose two.)

A. Cross-site scripting

B. Data exfiltration

C. Poor system logging

D. Weak encryption

E. SQL injection

F. Server-side request forgery

 

Question No : 122) A financial organization has adopted a new secure, encrypted document-sharing application to help with its customer loan process. Some important PII needs to be shared across this new platform, but it is getting blocked by the DLP systems. Which of the following actions will BEST allow the PII to be shared with the secure application without compromising the organization’s security posture?

A. Configure the DLP policies to allow all PII

B. Configure the firewall to allow all ports that are used by this application

C. Configure the antivirus software to allow the application

D. Configure the DLP policies to whitelist this application with the specific PII

E. Configure the application to encrypt the PII

 

Question No : 123) An organization wants to implement a third factor to an existing multifactor authentication. The organization already uses a smart card and password. Which of the following would meet the organization’s needs for a third factor?

A. Date of birth

B. Fingerprints

C. PIN

D. TPM

 

Question No : 124) A network administrator is setting up wireless access points in all the conference rooms and wants to authenticate device using PKI. Which of the following should the administrator configure?

A. A captive portal

B. PSK

C. 802.1X

D. WPS

 

Question No : 125) A malicious actor recently penetration a company’s network and moved laterally to the datacenter. Upon investigation, a forensics firm wants to know was in the memory on the compromised server. Which of the following files should be given to the forensics firm?

A. Security

B. Application

C. Dump

D. Syslog

 

Question No : 126) After entering a username and password, and administrator must gesture on a touch screen. Which of the following demonstrates what the administrator is providing?

A. Multifactor authentication

B. Something you can do

C. Biometric

D. Two-factor authentication

 

Question No : 127) A workwide manufacturing company has been experiencing email account compromised. In one incident, a user logged in from the corporate office in France, but then seconds later, the same user account attempted a login from Brazil. Which of the following account policies would BEST prevent this type of attack?

A. Network location

B. Impossible travel time

C. Geolocation

D. Geofencing

 

Question No : 128) A security administrator needs to create a RAID configuration that is focused on high read speeds and fault tolerance. It is unlikely that multiple drivers will fail simultaneously. Which of the following RAID configurations should the administration use?

A. RA1D 0

B. RAID1

C. RAID 5

D. RAID 10

 

Question No : 129) Which of the following incident response steps involves actions to protect critical systems while maintaining business operations?

A. Investigation

B. Containment

C. Recovery

D. Lessons learned

 

Question No : 130) A security analyst receives a SIEM alert that someone logged in to the appadmin test account, which is only used for the early detection of attacks. The security analyst then reviews the following application log:

 

A security analyst receives a SIEM alert that someone logged in to the appadmin test account

 

Which of the following can the security analyst conclude?

A. A replay attack is being conducted against the application.

B. An injection attack is being conducted against a user authentication system.

C. A service account password may have been changed, resulting in continuous failed logins within the application.

D. A credentialed vulnerability scanner attack is testing several CVEs against the application.

 

Question No : 131) Which of the following types of controls is a turnstile?

A. Physical

B. Detective

C. Corrective

D. Technical

 

Question No : 132) Which of the following BEST explains the reason why a server administrator would place a document named password.txt on the desktop of an administrator account on a server?

A. The document is a honeyfile and is meant to attract the attention of a cyberintruder.

B. The document is a backup file if the system needs to be recovered.

C. The document is a standard file that the OS needs to verify the login credentials.

D. The document is a keylogger that stores all keystrokes should the account be compromised.

 

Question No : 133) A startup company is using multiple SaaS and IaaS platforms to stand up a corporate infrastructure and build out a customer-facing web application. Which of the following solutions would be BEST to provide security, manageability, and visibility into the platforms?

A. SIEM

B. DLP

C. CASB

D. SWG

 

Question No : 134) On which of the following is the live acquisition of data for forensic analysis MOST dependent? (Choose two.)

A. Data accessibility

B. Legal hold

C. Cryptographic or hash algorithm

D. Data retention legislation

E. Value and volatility of data

F. Right-to-audit clauses

 

Question No : 135) The Chief Security Officer (CSO) at a major hospital wants to implement SSO to help improve in the environment patient data, particularly at shared terminals. The Chief Risk Officer (CRO) is concerned that training and guidance have been provided to frontline staff, and a risk analysis has not been performed. Which of the following is the MOST likely cause of the CRO’s concerns?

A. SSO would simplify username and password management, making it easier for hackers to pass guess accounts.

B. SSO would reduce password fatigue, but staff would still need to remember more complex passwords.

C. SSO would reduce the password complexity for frontline staff.

D. D. SSO would reduce the resilience and availability of system if the provider goes offline.

 

SY0-701 Answers

 

Part 1

Part 2

Part 3

Part 4

Part 5

Part 6

Part 7

Part 8

Part 9

Part 10

Part 11

Part 12

Part 13

Part 14

Part 15

Part 16

Part 17

Part 18

Part 19

Part 20

Part 21

Part 22

Part 23

Part 24

Part 25

Part 26

Part 27

Part 28

Part 29

Part 30

Part 31

Part 32

Part 33

Part 34

Part 35

Part 36

Part 37

Part 38

Part 39

Part 40

Part 41

Part 42

Logo

Our goal is to help students clear their exam by providing them genuine questions which helps students to achieve their goal. Many students have cleared their exam by going through our courses. Are you ready to clear yours?


Site Secured

mcaafe-secure

Last Scanned: 08-05-2025

Links

  • FAQ
  • Money Back Guarantee
  • About Us
  • Privacy Policy
  • Terms & Conditions
  • Contact Us
  • Testimonials

Disclaimer

  • SAP, Microsoft, Google, Amazon, Qualtrics, and all other brands are Registered Trademarks of their respective companies.
  • Theexamquestions.com is no way affiliated With any brand hosted on this website.
  • Theexamquestions.com offers only probable exam questions and answers.
  • Theexamquestions.com offer learning materials and practice tests created by subject matter technology experts to assist and help learners prepare for those exams. Theexamquestions.com do not offer dumps or questions from the actual exam.
  • Theexamquestions.com does not own or claim any ownership on any of the brands.
  • All Certification Brands used on the website are owned by the respective brand owners.

All course contents, trademarks, service marks, trade names, product names and logos appearing on the site are the property of their respective owners. The website Theexamquestions.com is in no way affiliated with any of the certification providers. Copyright © 2025 www.theexamquestions.com. All rights reserved.