Which of the following examples would be best mitigated by input sanitization?
Answer(s): A
Option A is correct because input sanitization mitigates injection and XSS by removing or neutralizing unsafe input that could be executed by a browser or server. A) Correct — the string contains an inline script tag that, if rendered, could execute JavaScript (XSS). Sanitization strips or encodes tags to prevent script execution. B) Incorrect — nmap is a network scanner; input sanitization does not apply to command-line tool usage or to the data being sent, which is not an injection point in this context. C) Incorrect — while phishing-like content can be mitigated by user education and filtering, input sanitization alone does not specifically prevent link clicking or credential phishing beyond URL handling. D) Incorrect — a browser security warning about TLS/HTTPS; sanitization does not address certificate warnings or TLS-related issues.
An attacker posing as the Chief Executive Officer calls an employee and instructs the employee to buy gift cards. Which of the following techniques is the attacker using?
Answer(s): C
Option C is correct because impersonating the CEO to compel an action is a form of social engineering known as impersonation or pretexting, targeting associations of authority to bypass controls.A) Incorrect — Smishing is phishing via SMS, not CEO impersonation calls.B) Incorrect — Disinformation involves spreading false information, not a direct leadership impersonation tactic.D) Incorrect — Whaling specifically refers to phishing aimed at high-status individuals like executives; while related, the technique described is impersonation, not the general whaling category.
After conducting a vulnerability scan, a systems administrator notices that one of the identified vulnerabilities is not present on the systems that were scanned. Which of the following describes this example?
Option A is correct because a false positive occurs when a vulnerability is reported but does not actually exist on the system after verification. Incorrect — B (false negative) would mean a real vulnerability was not detected. C (true positive) would mean a vulnerability was correctly detected and present. D (true negative) would mean no vulnerability is present and correctly reported as absent. The scenario describes over-reporting of a non-existent vulnerability, not an actual missing detection or a confirmed vulnerability.
A recent penetration test identified that an attacker could flood the MAC address table of network switches. Which of the following would best mitigate this type of attack?
Answer(s): B
Option B is correct because port security on switches limits the number of MAC addresses learned on a port, preventing MAC flooding from overwhelming the MAC address table. Incorrect — A) Load balancer operates at Layer 4-7 and does not prevent MAC learning table floods. Incorrect — C) IPS detects and prevents known threats at network/transport layers but not proactively cap MAC table growth. Incorrect — D) NGFW provides next-gen firewall features but does not specifically mitigate MAC flooding on switch ports.
A user would like to install software and features that are not available with a smartphone's default software. Which of the following would allow the user to install unauthorized software and enable new features?
Option C is correct because jailbreaking removes vendor restrictions, enabling installation of unauthorized software and features not provided by the default OS. Incorrect — A) SQLi is a web app vulnerability (SQL injection), not a device modification. Incorrect — B) Cross-site scripting is a web security flaw that injects scripts into pages, not a method to install apps. Incorrect — D) Side loading is the process of installing apps from outside the official store; it does not inherently enable feature unlocks or unauthorized software beyond what the OS restrictions typically allow, and is a consequence of jailbreaking in many ecosystems.
Which of the following phases of an incident response involves generating reports?
Option C is correct because the Lessons learned phase involves post-incident analysis, including documenting findings and generating reports to improve future response and security controls.A) Incorrect — Recovery focuses on restoring systems and operations, not reporting.B) Incorrect — Preparation involves planning, policy creation, and training, not generating incident reports.D) Incorrect — Containment aims to limit the incident’s spread, not reporting outputs.
Which of the following methods would most likely be used to identify legacy systems?
Option B is correct because vulnerability scans identify weaknesses and outdated software on assets, helping to uncover legacy systems that lack current patches or support. Incorrect — A) Bug bounty programs target external researchers for finding vulnerabilities, not specifically identifying legacy systems. Incorrect — C) Package monitoring tracks software bills of materials and changes, not primarily for detecting legacy systems. Incorrect — D) Dynamic analysis tests running applications to observe behavior in real-time, not specifically for locating legacy or unpatched systems.
Employees located off-site must have access to company resources in order to complete their assigned tasks. These employees utilize a solution that allows remote access without interception concerns. Which of the following best describes this solution?
Option C is correct because a VPN provides encrypted tunnel for remote access, protecting data in transit and meeting zero interception concerns when connecting to corporate resources.A) Proxy server: forwards requests but does not inherently secure end-to-end encryption for all traffic or provide full remote access tunneling like a VPN.B) NGFW: next-generation firewall offers advanced threat protection and access control, not primarily a remote access solution.D) Security zone: refers to network segmentation concepts, not a remote access mechanism.
Share your comments for CompTIA SY0-701 exam with other users:
very informative and through explanations
prep for exam
thanks for helping us
i prepared for the eccouncil 350-401 exam. i scored 92% on the test.
aba questions to practice
great content
how do i get the remaining questions?
well formatted pdf and the test engine software is free. well worth the money i sept.
looking for 1z0-116
in question 22, shouldnt be in the data (option a) layer?
the questions are incredibly close to real exam. you people are amazing.
q15. answer is b. simple
great practice
thanks to this exam dumps, i felt confident and passed my exam with ease.
need 1z0-1105-22 exam
this is a beautiful tool. passed after a week of studying.
can you please upload the dumps for 1z0-1096-23 for oracle
its intresting, i would like to learn more abouth this
q252: dns poisoning is the correct answer, not locator redirection. beaconing is detected from a host. this indicates that the system has been infected with malware, which could be the source of local dns poisoning. location redirection works by either embedding the redirection in the original websites code or having a user click on a url that has an embedded redirect. since users at a different office are not getting redirected, it isnt an embedded redirection on the original website and since the user is manually typing in the url and not clicking a link, it isnt a modified link.
helpful dump questions
question 423 eigrp uses metric
hello nice dumps
good resource for learning
very useful
physical tempering techniques
its giving best technical knowledge
please upload
great question with explanation thanks!!
does this exam have lab sections?
please upload the braindump for .net
i need this exam 1z0-1107-2. please.
very useful!
for this question - "which three type of basic patient or member information is displayed on the patient info component? (choose three.)", list of conditions is not displayed (it is displayed in patient card, not patient info). so should be thumbnail of chatter photo