Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. CompTIA
  3. SY0-701

CompTIA SY0-701 Exam (page: 12)
CompTIA Security+
Updated on: 31-Mar-2026

Viewing Page 12 of 91
SY0-701 PDF 757 Questions

A security team is addressing a risk associated with the attack surface of the organization's web application over port 443. Currently, no advanced network security capabilities are in place.
Which of the following would be best to set up? (Choose two.)

  1. NIDS
  2. Honeypot
  3. Certificate revocation list
  4. HIPS
  5. WAF
  6. SIEM

Answer(s): A,E

Explanation:

The best pair is A) NIDS and E) WAF because a Web application on port 443 requires protection at the network and application layers: a Network Intrusion Detection System monitors traffic for malicious activity across the network border, while a Web Application Firewall filters and monitors HTTP traffic to protect the web app from exploits (SQLi, XSS, etc.) and enforces security policies. B) Honeypot is not practical for standard risk reduction and adds deceptive traffic rather than real protection. C) Certificate revocation list is for PKI invalidation, not active threat mitigation. D) HIPS focuses on host-level policy but lacks comprehensive web-application visibility. F) SIEM is valuable but does not by itself provide direct threat prevention at the web edge.



A systems administrator would like to create a point-in-time backup of a virtual machine.
Which of the following should the administrator use?

  1. Replication
  2. Simulation
  3. Snapshot
  4. Containerization

Answer(s): C

Explanation:

A) Snapshot is the correct choice because it captures the VM’s state at a specific point in time, including memory, disk, and configuration, enabling a consistent restore point for backups.
B) Replication would continuously copy data to a separate site or system, not a point-in-time backup, and is used for high availability rather than a one-time snapshot.
C) Simulation would model or emulate functionality, not create a real backup point of the VM.
D) Containerization packages applications into containers, not individual VM backups, and does not create a VM point-in-time backup.


Reference:



A security administrator notices numerous unused, non-compliant desktops are connected to the network.
Which of the following actions would the administrator most likely recommend to the management team?

  1. Monitoring
  2. Decommissioning
  3. Patching
  4. Isolating

Answer(s): B

Explanation:

A) Decommissioning is correct because unused, non-compliant desktops pose risk without value; removing them from the network reduces attack surface and regulatory exposure.
B) Monitoring is less effective here since the issue is disposition of assets, not ongoing visibility or detection of activity.
C) Patching targets non-compliant systems that are in use; it does not address the problem of unnecessary devices already present.
D) Isolating could be appropriate in some cases but may be excessive for clearly unused assets and does not remove the risk by asset disposal.


Reference:



Which of the following is a common data removal option for companies that want to wipe sensitive data from hard drives in a repeatable manner but allow the hard drives to be reused?

  1. Sanitization
  2. Formatting
  3. Degaussing
  4. Defragmentation

Answer(s): A

Explanation:

A) Sanitization is the correct choice because it describes a data-removal method that securely erases data to meet specific standards (e.g., NIST SP 800-88) while preserving the drive for reuse. B) Formatting simply marks data areas as available but often leaves residual data that can be recovered; it does not guarantee data destruction. C) Degaussing destroys data by altering magnetic domains, rendering drives unusable for reuse. D) Defragmentation reorganizes data to improve performance and does not remove data.


Reference:



An organization wants to improve the company's security authentication method for remote employees. Given the following requirements:

Must work across SaaS and internal network applications

Must be device manufacturer agnostic

Must have offline capabilities

Which of the following would be the most appropriate authentication method?

  1. Username and password
  2. Biometrics
  3. SMS verification
  4. Time-based tokens

Answer(s): D

Explanation:

A) Time-based tokens provide one-time codes that work across SaaS and internal apps, are device-agnostic, and can operate with offline capabilities via precomputed or cached tokens, meeting the requirements.
B) Biometrics is device-specific and may not work offline reliably; not inherently cross-platform or offline-friendly for authentication without a trusted platform.
C) SMS verification relies on mobile network reach and fetching codes online, making it neither offline-capable nor guaranteed across all devices or SaaS/internal apps.
D) Username and password is basic knowledge-based and not offline-capable or device-agnostic, failing the offline and cross-application criteria.


Reference:



A security officer is implementing a security awareness program and has placed security-themed posters around the building and assigned online user training.
Which of the following will the security officer most likely implement?

  1. Password policy
  2. Access badges
  3. Phishing campaign
  4. Risk assessment

Answer(s): C

Explanation:

Implementing a phishing campaign aligns with security awareness as a practical training exercise to recognize social engineering and phishing attempts.
A) Password policy is a preventive control for credential management, not directly a awareness campaign activity.
B) Access badges are a physical security measure, not a training exercise.
D) Risk assessment is a governance activity to identify threats, not a training method.


Reference:



A malicious update was distributed to a common software platform and disabled services at many organizations.
Which of the following best describes this type of vulnerability?

  1. DDoS attack
  2. Rogue employee
  3. Insider threat
  4. Supply chain

Answer(s): D

Explanation:

A supply chain vulnerability describes a malicious update injected into a widely used software platform, leading to widespread compromise and service disruption, such as disabled services across many organizations.
A) DDoS attack fails to describe credentialed software update manipulation; it targets availability by overwhelming resources, not a compromised update.
B) Rogue employee involves insider wrongdoing, not an external malicious update altering software distribution.
C) Insider threat covers authorized individuals causing harm, but the scenario centers on a compromised update from the supply chain, not an internal actor.
D) Supply chain is correct, as it involves tampering with a software update distributed through trusted vendors, affecting multiple organizations.


Reference:



A company web server is initiating outbound traffic to a low-reputation, public IP on non-standard pat. The web server is used to present an unauthenticated page to clients who upload images the company. An analyst notices a suspicious process running on the server hat was not created by the company development team.
Which of the following is the most likely explanation for his security incident?

  1. A web shell has been deployed to the server through the page.
  2. A vulnerability has been exploited to deploy a worm to the server.
  3. Malicious insiders are using the server to mine cryptocurrency.
  4. Attackers have deployed a rootkit Trojan to the server over an exposed RDP port.

Answer(s): A

Explanation:

A) A web shell has been deployed to the server through the page.
- A web shell provides remote command execution and control, commonly uploaded via an unauthenticated or poorly validated upload page, enabling outbound connections to low-reputation hosts and untrusted paths.
B) A vulnerability has been exploited to deploy a worm to the server.
- A worm self-replicates across systems; the scenario describes a single server with a suspicious process, not propagation behavior typical of worms.
C) Malicious insiders are using the server to mine cryptocurrency.
- Mining requires sustained, high CPU/GPU usage and a business case; evidence points to remote control via web shell rather than legitimate or insider-driven activity.
D) Attackers have deployed a rootkit Trojan to the server over an exposed RDP port.
- Rootkits/Trojans via RDP would not specifically explain outbound traffic to a low-reputation IP from a web server hosting an upload page; web shell is a more direct explanation here.


Reference:



Viewing Page 12 of 91



Share your comments for CompTIA SY0-701 exam with other users:

Su 11/23/2023 4:34:00 AM

i need questions/dumps for this exam.
Anonymous


LuvSN 7/16/2023 11:19:00 AM

i need this exam, when will it be uploaded
ROMANIA


Mihai 7/19/2023 12:03:00 PM

i need the dumps !
Anonymous


Wafa 11/13/2023 3:06:00 AM

very helpful
Anonymous


Alokit 7/3/2023 2:13:00 PM

good source
Anonymous


Show-Stopper 7/27/2022 11:19:00 PM

my 3rd test and passed on first try. hats off to this brain dumps site.
UNITED STATES


Michelle 6/23/2023 4:06:00 AM

please upload it
Anonymous


Lele 11/20/2023 11:55:00 AM

does anybody know if are these real exam questions?
EUROPEAN UNION


Girish Jain 10/9/2023 12:01:00 PM

are these questions similar to actual questions in the exam? because they seem to be too easy
Anonymous


Phil 12/8/2022 11:16:00 PM

i have a lot of experience but what comes in the exam is totally different from the practical day to day tasks. so i thought i would rather rely on these brain dumps rather failing the exam.
GERMANY


BV 6/8/2023 4:35:00 AM

good questions
NETHERLANDS


krishna 12/19/2023 2:05:00 AM

valied exam dumps. they were very helpful and i got a pretty good score. i am very grateful for this service and exam questions
Anonymous


Pie 9/3/2023 4:56:00 AM

will it help?
INDIA


Lucio 10/6/2023 1:45:00 PM

very useful to verify knowledge before exam
POLAND


Ajay 5/17/2023 4:54:00 AM

good stuffs
Anonymous


TestPD1 8/10/2023 12:19:00 PM

question 17 : responses arent b and c ?
EUROPEAN UNION


Nhlanhla 12/13/2023 5:26:00 AM

just passed the exam on my first try using these dumps.
Anonymous


Rizwan 1/6/2024 2:18:00 AM

very helpful
INDIA


Yady 5/24/2023 10:40:00 PM

these questions look good.
SINGAPORE


Kettie 10/12/2023 1:18:00 AM

this is very helpful content
Anonymous


SB 7/21/2023 3:18:00 AM

please provide the dumps
UNITED STATES


David 8/2/2023 8:20:00 AM

it is amazing
Anonymous


User 8/3/2023 3:32:00 AM

quesion 178 about "a banking system that predicts whether a loan will be repaid is an example of the" the answer is classification. not regresion, you should fix it.
EUROPEAN UNION


quen 7/26/2023 10:39:00 AM

please upload apache spark dumps
Anonymous


Erineo 11/2/2023 5:34:00 PM

q14 is b&c to reduce you will switch off mail for every single alert and you will switch on daily digest to get a mail once per day, you might even skip the empty digest mail but i see this as a part of the daily digest adjustment
Anonymous


Paul 10/21/2023 8:25:00 AM

i think it is good question
Anonymous


Unknown 8/15/2023 5:09:00 AM

good for students who wish to give certification.
INDIA


Ch 11/20/2023 10:56:00 PM

is there a google drive link to the images? the links in questions are not working.
AUSTRALIA


Joey 5/16/2023 5:25:00 AM

very promising, looks great, so much wow!
Anonymous


alaska 10/24/2023 5:48:00 AM

i scored 87% on the az-204 exam. thanks! i always trust
GERMANY


nnn 7/9/2023 11:09:00 PM

good need more
Anonymous


User-sfdc 12/29/2023 7:21:00 AM

sample questions seems good
Anonymous


Tamer dam 8/4/2023 10:21:00 AM

huawei is ok
UNITED STATES


YK 12/11/2023 1:10:00 AM

good one nice
JAPAN