CompTIA Security+ SY0-701 Dumps in PDF

Free CompTIA SY0-701 Real Questions (page: 12)

A security team is addressing a risk associated with the attack surface of the organization's web application over port 443. Currently, no advanced network security capabilities are in place. Which of the following would be best to set up? (Choose two.)

  1. NIDS
  2. Honeypot
  3. Certificate revocation list
  4. HIPS
  5. WAF
  6. SIEM

Answer(s): A,E

Explanation:

Option A is correct because a NIDS monitors traffic for threats on the network edge, helping detect malicious activity over port 443 in real-time. Option E is correct because a WAF protects web applications from exploits (SQLi, XSS, CSRF) and enforces rules for traffic to port 443. Incorrect:
B is wrong as a honeypot diverts attackers but does not directly protect or monitor production traffic.
C is incorrect because a certificate revocation list manages revocations, not threat detection or web app protection.
D is incorrect since HIPS focuses on host-based agent protections, not network perimeters.
F is incorrect because a SIEM aggregates logs but does not directly mitigate traffic on port 443.



A systems administrator would like to create a point-in-time backup of a virtual machine. Which of the following should the administrator use?

  1. Replication
  2. Simulation
  3. Snapshot
  4. Containerization

Answer(s): C

Explanation:

Option C is correct because a snapshot captures the VM’s state at a specific point in time, enabling a quick recovery to that exact moment. Replication (A) continuously copies data to another location, not a point-in-time backup. Simulation (B) is for testing scenarios, not creating backups. Containerization (D) packages applications in containers, not VM state backups.



A security administrator notices numerous unused, non-compliant desktops are connected to the network. Which of the following actions would the administrator most likely recommend to the management team?

  1. Monitoring
  2. Decommissioning
  3. Patching
  4. Isolating

Answer(s): B

Explanation:

Option B is correct because decommissioning unused, non-compliant desktops removes devices from the network, reducing attack surface and risk from unmanaged endpoints. Monitoring (A) detects issues but does not remove risk; it doesn’t eliminate non-compliant devices. Patching (C) applies updates but requires devices to be managed and online; it does not address devices that are unused or non-compliant. Isolating (D) could mitigate risk by network segmentation, but it may be impractical for portable or unmanaged endpoints and doesn’t remove them from the environment; decommissioning is the definitive action for unused assets.



Which of the following is a common data removal option for companies that want to wipe sensitive data from hard drives in a repeatable manner but allow the hard drives to be reused?

  1. Sanitization
  2. Formatting
  3. Degaussing
  4. Defragmentation

Answer(s): A

Explanation:

Option A is correct because sanitization is a data-removal process that renders data unrecoverable while allowing media reuse, using methods like data sanitization standards or secure erase. Incorrect — B: Formatting does not guarantee data unrecoverability; remnants may be recoverable with specialized tools, and it often leaves data traces. Incorrect — C: Degaussing destroys data magnetically and typically renders the drive unusable, not reusable. Incorrect — D: Defragmentation reorganizes data for efficiency and does not remove sensitive data.



An organization wants to improve the company's security authentication method for remote employees. Given the following requirements:

Must work across SaaS and internal network applications
Must be device manufacturer agnostic
Must have offline capabilities
Which of the following would be the most appropriate authentication method?

  1. Username and password
  2. Biometrics
  3. SMS verification
  4. Time-based tokens

Answer(s): D

Explanation:

Option D is correct because time-based tokens (e.g., TOTP) provide device-agnostic, offline-capable, multi-factor-like authentication that works with SaaS and internal apps without reliance on a specific device or constant network access. They support offline use via generated codes and are vendor-neutral.
A) Incorrect — Username and password is plain credentials-based, not offline-capable, and not device-agnostic nor MFA by default.
B) Incorrect — Biometrics requires hardware sensors and enrollment, and is not inherently offline or universally SaaS/internal compatible.
C) Incorrect — SMS verification relies on network reach and mobile carrier, not offline-capable and less device-agnostic.



Which of the following will a global company doing business in the European Union need to be concerned with to avoid legal privacy implications?

  1. ISO 27001
  2. PCI DSS
  3. GDPR
  4. SOC 2

Answer(s): C

Explanation:

The General Data Protection Regulation governs how organizations collect, process, store, and protect personal data of individuals in the European Union. Any global company doing business in the EU must comply with its privacy and data protection requirements to avoid legal and regulatory penalties.



A malicious update was distributed to a common software platform and disabled services at many organizations. Which of the following best describes this type of vulnerability?

  1. DDoS attack
  2. Rogue employee
  3. Insider threat
  4. Supply chain

Answer(s): D

Explanation:

Option D is correct because a malicious update compromising a common software platform represents a supply chain vulnerability, where trusted software or updates are tampered with before reaching end users, causing widespread impact.
A) Incorrect — DDoS involves overwhelming a target with traffic, not delivering compromised updates.
B) Incorrect — Rogue employee describes insider actions from within, not external update manipulation.
C) Incorrect — Insider threat implies an internal actor causing harm, which is not specified here as the update is distributed via the supply chain.



A company web server is initiating outbound traffic to a low-reputation, public IP on non-standard pat. The web server is used to present an unauthenticated page to clients who upload images the company. An analyst notices a suspicious process running on the server hat was not created by the company development team. Which of the following is the most likely explanation for his security incident?

  1. A web shell has been deployed to the server through the page.
  2. A vulnerability has been exploited to deploy a worm to the server.
  3. Malicious insiders are using the server to mine cryptocurrency.
  4. Attackers have deployed a rootkit Trojan to the server over an exposed RDP port.

Answer(s): A

Explanation:

Option A is correct because a web shell provides remote code execution on the web server via an unauthenticated page, enabling outbound connections to a low-reputation IP for data exfiltration or C2. Incorrect B: a worm would generally require a vulnerability, but the scenario emphasizes a web shell presence linked to the unauthenticated page. Incorrect C: cryptocurrency mining by insiders would not typically involve a suspicious process not created by the development team. Incorrect D: a rootkit Trojan over RDP implies remote access; however, the scenario centers on web server compromise via the web page, not RDP.



Share your comments for CompTIA SY0-701 exam with other users:

D
Deepika Narayanan
7/13/2023 11:05:00 PM

yes need this exam dumps

B
Blessious Phiri
8/15/2023 3:31:00 PM

these questions are a great eye opener

J
Jagdesh
9/8/2023 8:17:00 AM

thank you for providing these questions and answers. they helped me pass my exam. you guys are great.

T
TS
7/18/2023 3:32:00 PM

good knowledge

A
Asad Khan
11/1/2023 2:44:00 AM

answer 10 should be a because only a new project will be created & the organization is the same.

R
Raj
9/12/2023 3:49:00 PM

can you please upload the dump again

C
Christian Klein
6/23/2023 1:32:00 PM

is it legit questions from sap certifications ?

A
anonymous
1/12/2024 3:34:00 PM

question 16 should be b (changing the connector settings on the monitor) pc and monitor were powered on. the lights on the pc are on indicating power. the monitor is showing an error text indicating that it is receiving power too. this is a clear sign of having the wrong input selected on the monitor. thus, the "connector setting" needs to be switched from hdmi to display port on the monitor so it receives the signal from the pc, or the other way around (display port to hdmi).

N
NSPK
1/18/2024 10:26:00 AM

q 10. ans is d (in the target org: open deployment settings, click edit next to the source org. select allow inbound changes and save

M
mohamed abdo
9/1/2023 4:59:00 AM

very useful

T
Tom
3/18/2022 8:00:00 PM

i purchased this exam dumps from another website with way more questions but they were all invalid and outdate. this exam dumps was right to the point and all from recent exam. it was a hard pass.

E
Edrick GOP
10/24/2023 6:00:00 AM

it was a good experience and i got 90% in the 200-901 exam.

A
anonymous
8/10/2023 2:28:00 AM

hi please upload this

B
Bakir
7/6/2023 7:24:00 AM

please upload it

A
Aman
6/18/2023 1:27:00 PM

really need this dump. can you please help.

N
Neela Para
1/8/2024 6:39:00 PM

really good and covers many areas explaining the answer.

K
Karan Patel
8/15/2023 12:51:00 AM

yes, can you please upload the exam?

N
NISHAD
11/7/2023 11:28:00 AM

how many questions are there in these dumps?

P
Pankaj
7/3/2023 3:57:00 AM

hi team, please upload this , i need it.

D
DN
9/4/2023 11:19:00 PM

question 14 - run terraform import: this is the recommended best practice for bringing manually created or destroyed resources under terraform management. you use terraform import to associate an existing resource with a terraform resource configuration. this ensures that terraform is aware of the resource, and you can subsequently manage it with terraform.

Z
Zhiguang
8/19/2023 11:37:00 PM

please upload dump. thanks in advance.

D
deedee
12/23/2023 5:51:00 PM

great great

A
Asad Khan
11/1/2023 3:10:00 AM

answer 16 should be b your organizational policies require you to use virtual machines directly

S
Sale Danasabe
10/24/2023 5:21:00 PM

the question are kind of tricky of you didnt get the hnag on it.

L
Luis
11/16/2023 1:39:00 PM

can anyone tell me if this is for rhel8 or rhel9?

H
hik
1/19/2024 1:47:00 PM

good content

B
Blessious Phiri
8/15/2023 2:18:00 PM

pdb and cdb are critical to the database

Z
Zuned
10/22/2023 4:39:00 AM

till 104 questions are free, lets see how it helps me in my exam today.

M
Muhammad Rawish Siddiqui
12/3/2023 12:11:00 PM

question # 56, answer is true not false.

A
Amaresh Vashishtha
8/27/2023 1:33:00 AM

i would be requiring dumps to prepare for certification exam

A
Asad
9/8/2023 1:01:00 AM

very helpful

B
Blessious Phiri
8/13/2023 3:10:00 PM

control file is the heart of rman backup

S
Senthil
9/19/2023 5:47:00 AM

hi could you please upload the ibm c2090-543 dumps

H
Harry
6/27/2023 7:20:00 AM

appriciate if you could upload this again

AI Tutor 👋 I’m here to help!