Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. CompTIA
  3. SY0-701

CompTIA SY0-701 Exam (page: 14)
CompTIA Security+
Updated on: 31-Mar-2026

Viewing Page 14 of 91
SY0-701 PDF 757 Questions

Which of the following topics would most likely be included within an organization's SDLC?

  1. Service-level agreements
  2. Information security policy
  3. Penetration testing methodology
  4. Branch protection requirements

Answer(s): D

Explanation:

An SDLC (Software Development Life Cycle) includes security requirements and controls such as branch protection to safeguard code repositories and CI/CD pipelines.
A) Service-level agreements relate to operational performance of services, not specifically to SDLC security controls.
B) Information security policy governs overarching security rules, not the lifecycle processes for software development.
C) Penetration testing methodology is typically part of security testing phases, not core SDLC control measures like branch protection.
D) Branch protection requirements directly secure source code repositories during development, aligning with SDLC risk management and secure coding practices.



Which of the following control types is AUP an example of?

  1. Physical
  2. Managerial
  3. Technical
  4. Operational

Answer(s): D

Explanation:

A) AUP is an operational control because it governs day-to-day user behavior and procedures in the organization.
B) Managerial is incorrect because AUP does not involve policy-level governance or strategic oversight, but rather guidelines for operations.
C) Technical is incorrect because AUP does not rely on technical implementations, system configurations, or automated controls.
D) Correct: AUP (acceptable use policy) directly guides user actions and operational practices, aligning with operational controls.



An organization is adopting cloud services at a rapid pace and now has multiple SaaS applications in use. Each application has a separate log-in, so the security team wants to reduce the number of credentials each employee must maintain.
Which of the following is the first step the security team should take?

  1. Enable SAML.
  2. Create OAuth tokens.
  3. Use password vaulting.
  4. Select an IdP.

Answer(s): D

Explanation:

Adopt a central identity provider (IdP) first to enable single sign-on across multiple SaaS apps, reducing credential management for users. A) Enable SAML is a specific SSO protocol, but requires an IdP as the source; the first step is selecting the IdP. B) Create OAuth tokens are for delegated access, not initial SSO consolidation. C) Use password vaulting helps credential management for admins, not end-user SSO across apps. D) Select an IdP provides centralized authentication, enabling SSO and federated access across cloud apps, aligning with rapid SaaS adoption and reduced login counts.



A company's online shopping website became unusable shortly after midnight on January 30, 2023.
When a security analyst reviewed the database server, the analyst noticed the following code used for backing up data:



Which of the following should the analyst do next?

  1. Check for recently terminated DBAs.
  2. Review WAF logs for evidence of command injection.
  3. Scan the database server for malware.
  4. Search the web server for ransomware notes.

Answer(s): B

Explanation:

A) Review WAF logs for evidence of command injection.
B) is correct because the scenario implies a potential web-based exploit leading to abnormal database activity; examining Web Application Firewall logs helps detect command injection attempts that could compromise the database.
A) Check for recently terminated DBAs is not directly related to an active exploit; insider threats are possible but less immediate than web-based injection indicators.
C) Scan the database server for malware may be relevant post-compromise but does not address the initial intrusion vector evidenced by the code snippet suggesting command execution from web requests.
D) Search the web server for ransomware notes focuses on ransom indicators after encryption, not the likely cause of the outage.



Which of the following would be the best way to test resiliency in the event of a primary power failure?

  1. Parallel processing
  2. Tabletop exercise
  3. Simulation testing
  4. Production failover

Answer(s): D

Explanation:

A) D) Production failover is the best method to test resiliency during a primary power failure because it validates real-world recovery procedures, failover automation, and continuity of operations by switching to backup systems or sites under actual conditions. B) Tabletop exercises simulate scenarios but lack hands-on validation of systems and failover tooling. C) Simulation testing models behavior but may not reproduce full failover dynamics or confirm performance in production. A) Parallel processing is not focused on resiliency testing or failover capabilities.



Which of the following would be the most appropriate way to protect data in transit?

  1. SHA-256
  2. SSL3.0
  3. TLS 1.3
  4. AES-256

Answer(s): C

Explanation:

A secure data-in-transit protection is best achieved with modern TLS protocols.
A) SHA-256 is a hashing algorithm, not used to protect data in transit.
B) SSL 3.0 is deprecated due to vulnerabilities; not recommended for protecting data in transit.
C) TLS 1.3 provides strong encryption, integrity, and forward secrecy for data in transit.
D) AES-256 is a symmetric cipher used for encryption at rest or in session, but TLS 1.3 is the protocol that governs secure transit protections.



Which of the following is a common, passive reconnaissance technique employed by penetration testers in the early phases of an engagement?

  1. Open-source intelligence
  2. Port scanning
  3. Pivoting
  4. Exploit validation

Answer(s): A

Explanation:

A) Open-source intelligence is a common passive reconnaissance technique used in early engagement to gather publicly available information without directly interacting with target systems. B) Port scanning is active and intrusive, revealing open ports on a host. C) Pivoting is a post-exploitation technique used to access other networks after compromise. D) Exploit validation involves confirming exploit effectiveness, a hands-on activity after gaining access.



Which of the following threat actors is the most likely to seek financial gain through the use of ransomware attacks?

  1. Organized crime
  2. Insider threat
  3. Nation-state
  4. Hacktivists

Answer(s): A

Explanation:

Organized crime groups are primarily motivated by financial gain. Ransomware attacks are a popular tool for these groups because they can encrypt a victim's data and demand a ransom payment (often in cryptocurrency) to restore access. This form of attack can yield a high financial return if victims choose to pay.



Viewing Page 14 of 91



Share your comments for CompTIA SY0-701 exam with other users:

Rasha 6/29/2023 8:23:00 PM

yes .. i need the dump if you can help me
Anonymous


Anonymous 7/25/2023 8:05:00 AM

good morning, could you please upload this exam again?
SPAIN


AJ 9/24/2023 9:32:00 AM

hi please upload sre foundation and practitioner exam questions
Anonymous


peter parker 8/10/2023 10:59:00 AM

the exam is listed as 80 questions with a pass mark of 70%, how is your 50 questions related?
Anonymous


Berihun 7/13/2023 7:29:00 AM

all questions are so important and covers all ccna modules
Anonymous


nspk 1/19/2024 12:53:00 AM

q 44. ans:- b (goto setup > order settings > select enable optional price books for orders) reference link --> https://resources.docs.salesforce.com/latest/latest/en-us/sfdc/pdf/sfom_impl_b2b_b2b2c.pdf(decide whether you want to enable the optional price books feature. if so, select enable optional price books for orders. you can use orders in salesforce while managing price books in an external platform. if you’re using d2c commerce, you must select enable optional price books for orders.)
Anonymous


Muhammad Rawish Siddiqui 12/2/2023 5:28:00 AM

"cost of replacing data if it were lost" is also correct.
SAUDI ARABIA


Anonymous 7/14/2023 3:17:00 AM

pls upload the questions
UNITED STATES


Mukesh 7/10/2023 4:14:00 PM

good questions
UNITED KINGDOM


Elie Abou Chrouch 12/11/2023 3:38:00 AM

question 182 - correct answer is d. ethernet frame length is 64 - 1518b. length of user data containing is that frame: 46 - 1500b.
Anonymous


Damien 9/23/2023 8:37:00 AM

i need this exam pls
Anonymous


Nani 9/10/2023 12:02:00 PM

its required for me, please make it enable to access. thanks
UNITED STATES


ethiopia 8/2/2023 2:18:00 AM

seems good..
ETHIOPIA


whoAreWeReally 12/19/2023 8:29:00 PM

took the test last week, i did have about 15 - 20 word for word from this site on the test. (only was able to cram 600 of the questions from this site so maybe more were there i didnt review) had 4 labs, bgp, lacp, vrf with tunnels and actually had to skip a lab due to time. lots of automation syntax questions.
EUROPEAN UNION


vs 9/2/2023 12:19:00 PM

no comments
Anonymous


john adenu 11/14/2023 11:02:00 AM

nice questions bring out the best in you.
Anonymous


Osman 11/21/2023 2:27:00 PM

really helpful
Anonymous


Edward 9/13/2023 5:27:00 PM

question #50 and question #81 are exactly the same questions, azure site recovery provides________for virtual machines. the first says that it is fault tolerance is the answer and second says disater recovery. from my research, it says it should be disaster recovery. can anybody explain to me why? thank you
CANADA


Monti 5/24/2023 11:14:00 PM

iam thankful for these exam dumps questions, i would not have passed without this exam dumps.
UNITED STATES


Anon 10/25/2023 10:48:00 PM

some of the answers seem to be inaccurate. q10 for example shouldnt it be an m custom column?
MALAYSIA


PeterPan 10/18/2023 10:22:00 AM

are the question real or fake?
Anonymous


CW 7/11/2023 3:19:00 PM

thank you for providing such assistance.
UNITED STATES


Mn8300 11/9/2023 8:53:00 AM

nice questions
Anonymous


Nico 4/23/2023 11:41:00 PM

my 3rd purcahse from this site. these exam dumps are helpful. very helpful.
ITALY


Chere 9/15/2023 4:21:00 AM

found it good
Anonymous


Thembelani 5/30/2023 2:47:00 AM

excellent material
Anonymous


vinesh phale 9/11/2023 2:51:00 AM

very helpfull
UNITED STATES


Bhagiii 11/4/2023 7:04:00 AM

well explained.
Anonymous


Rahul 8/8/2023 9:40:00 PM

i need the pdf, please.
CANADA


CW 7/11/2023 2:51:00 PM

a good source for exam preparation
UNITED STATES


Anchal 10/23/2023 4:01:00 PM

nice questions
INDIA


J Nunes 9/29/2023 8:19:00 AM

i need ielts general training audio guide questions
BRAZIL


Ananya 9/14/2023 5:16:00 AM

please make this content available
UNITED STATES


Swathi 6/4/2023 2:18:00 PM

content is good
Anonymous