Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. CompTIA
  3. SY0-701

CompTIA SY0-701 Exam (page: 2)
CompTIA Security+
Updated on: 31-Mar-2026

Viewing Page 2 of 91
SY0-701 PDF 757 Questions

Which of the following examples would be best mitigated by input sanitization?

  1. <script>alert("Warning!");</script>
  2. nmap - 10.11.1.130
  3. Email message: "Click this link to get your free gift card."
  4. Browser message: "Your connection is not private."

Answer(s): A

Explanation:

Input sanitization mitigates injection and script-based attacks, making A the correct choice.
A) A script tag input would be executed if not sanitized, enabling cross-site scripting (XSS) and client-side code execution. Sanitization strips or neutralizes HTML/JS to prevent these payloads.
B) nmap command is a network scanner; sanitization does not affect command-line tools or network reconnaissance outputs.
C) Phishing-like email link relies on user interaction; sanitization on input fields prevents script execution but not user deception via links in messages.
D) Browser warning about privacy is informational; sanitization does not address certificate or privacy warnings.


Reference:



An attacker posing as the Chief Executive Officer calls an employee and instructs the employee to buy gift cards.
Which of the following techniques is the attacker using?

  1. Smishing
  2. Disinformation
  3. Impersonating
  4. Whaling

Answer(s): C

Explanation:

The attacker is using impersonation to assume a high-ranking executive identity to manipulate an employee into purchasing gift cards.
A) Smishing is SMS phishing, not relevant here since the medium is a phone call.
B) Disinformation involves false information to mislead, not specifically impersonating a person.
C) Impersonating is correct because the attacker feigns executive authority to coerce action.
D) Whaling is a variant of phishing targeting executives, which is broader; but the technique described is specifically impersonation during the call rather than a broader targeted phishing scenario.


Reference:



After conducting a vulnerability scan, a systems administrator notices that one of the identified vulnerabilities is not present on the systems that were scanned.
Which of the following describes this example?

  1. False positive
  2. False negative
  3. True positive
  4. True negative

Answer(s): A

Explanation:

A) False positive indicates a vulnerability reported but not actually present on the system, matching the scenario where the scan identified an issue that isn’t real. B) False negative would be a vulnerability present but not detected by the scan. C) True positive would mean the vulnerability is correctly detected as present. D) True negative would mean no vulnerability is correctly identified as absent; in this case, the issue is misreported as present when it isn’t.


Reference:



A recent penetration test identified that an attacker could flood the MAC address table of network switches.
Which of the following would best mitigate this type of attack?

  1. Load balancer
  2. Port security
  3. IPS
  4. NGFW

Answer(s): B

Explanation:

A) Port security prevents MAC flooding by restricting the number of dynamically learned MAC addresses on a switch port, potentially restricting or discarding excess frames from unknown devices and forcing a secure port state.
B) Port security reason
C) IPS is an intrusion prevention system that monitors traffic for exploits, not specifically intended to cap MAC address table growth on switches.
D) NGFW (Next-Generation Firewall) focuses on application-aware filtering and threat prevention at the network edge, not on MAC address table protection.


Reference:



A user would like to install software and features that are not available with a smartphone's default software.
Which of the following would allow the user to install unauthorized software and enable new features?

  1. SQLi
  2. Cross-site scripting
  3. Jailbreaking
  4. Side loading

Answer(s): C

Explanation:

Jailbreaking allows bypassing the device’s built-in restrictions to install unauthorized software and enable new features.
A) SQLi is an input-based web application vulnerability, not a device modification method.
B) Cross-site scripting exploits web pages to execute scripts in a user’s browser, not a device feature upgrade.
C) Jailbreaking removes OS restrictions and grants administrative control to install non-approved apps.
D) Sideloading refers to installing apps from outside the official store, but on many devices requires enabling a setting; jailbreaking is the broader, more definitive method to unlock system-level capabilities.


Reference:



Which of the following phases of an incident response involves generating reports?

  1. Recovery
  2. Preparation
  3. Lessons learned
  4. Containment

Answer(s): C

Explanation:

The Lessons learned phase involves documenting the incident response, including findings, impact, and recommendations, which generates formal reports for stakeholders and future improvements.
A) Recovery focuses on restoring systems and data, not reporting.
B) Preparation is proactive planning and controls, not reporting after action.
D) Containment aims to limit spread, not produce final incident reports.


Reference:



Which of the following methods would most likely be used to identify legacy systems?

  1. Bug bounty program
  2. Vulnerability scan
  3. Package monitoring
  4. Dynamic analysis

Answer(s): B

Explanation:

A vulnerability scan is used to identify weaknesses and outdated components in systems, including legacy systems, by scanning for known CVEs and inventorying asset versions.
A) Bug bounty program focuses on discovering security flaws in live systems by external researchers, not specifically identifying legacy assets.
B) Vulnerability scan correctly targets asset inventories and vulnerability fingerprints, aiding detection of outdated platforms.
C) Package monitoring tracks software packages for updates, not primarily identification of legacy systems.
D) Dynamic analysis analyzes behavior during execution, not for initial identification of legacy hardware/software.


Reference:



Employees located off-site must have access to company resources in order to complete their assigned tasks. These employees utilize a solution that allows remote access without interception concerns.
Which of the following best describes this solution?

  1. Proxy server
  2. NGFW
  3. VPN
  4. Security zone

Answer(s): C

Explanation:

A VPN provides secure, encrypted remote access to the corporate network, eliminating interception concerns for off-site employees. It creates a trusted tunnel between the user and network, preserving confidentiality and integrity.
A) Proxy server does not inherently encrypt end-to-end traffic between the user and target resources; it forwards requests and may cache content, offering little protection against interception.
B) NGFW (next‑generation firewall) enhances inspection and control at the network edge but does not by itself establish remote access for off-site users.
D) Security zone is a network segmentation concept, not a remote access solution.


Reference:



Viewing Page 2 of 91



Share your comments for CompTIA SY0-701 exam with other users:

Krishneel 3/17/2023 10:34:00 AM

i just passed. this exam dumps is the same one from prepaway and examcollection. it has all the real test questions.
INDIA


Regor 12/4/2023 2:01:00 PM

is this a valid prince2 practitioner dumps?
UNITED KINGDOM


asl 9/14/2023 3:59:00 PM

all are relatable questions
CANADA


Siyya 1/19/2024 8:30:00 PM

might help me to prepare for the exam
Anonymous


Ted 6/21/2023 11:11:00 PM

just paid and downlaod the 2 exams using the 50% sale discount. so far i was able to download the pdf and the test engine. all looks good.
GERMANY


Paul K 11/27/2023 2:28:00 AM

i think it should be a,c. option d goes against the principle of building anything custom unless there are no work arounds available
INDIA


ph 6/16/2023 12:41:00 AM

very legible
Anonymous


sephs2001 7/31/2023 10:42:00 PM

is this exam accurate or helpful?
Anonymous


ash 7/11/2023 3:00:00 AM

please upload dump, i have exam in 2 days
INDIA


Sneha 8/17/2023 6:29:00 PM

this is useful
CANADA


sachin 12/27/2023 2:45:00 PM

question 232 answer should be perimeter not netowrk layer. wrong answer selected
Anonymous


tomAws 7/18/2023 5:05:00 AM

nice questions
BRAZIL


Rahul 6/11/2023 2:07:00 AM

hi team, could you please provide this dump ?
INDIA


TeamOraTech 12/5/2023 9:49:00 AM

very helpful to clear the exam and understand the concept.
Anonymous


Curtis 7/12/2023 8:20:00 PM

i think it is great that you are helping people when they need it. thanks.
UNITED STATES


sam 7/17/2023 6:22:00 PM

cannot evaluate yet
Anonymous


nutz 7/20/2023 1:54:00 AM

a laptops wireless antenna is most likely located in the bezel of the lid
UNITED STATES


rajesh soni 1/17/2024 6:53:00 AM

good examplae to learn basic
INDIA


Tanya 10/25/2023 7:07:00 AM

this is useful information
Anonymous


Nasir Mahmood 12/11/2023 7:32:00 AM

looks usefull
Anonymous


Jason 9/30/2023 1:07:00 PM

question 81 should be c.
CANADA


TestPD1 8/10/2023 12:22:00 PM

question 18 : response isnt a ?
EUROPEAN UNION


ally 8/19/2023 5:31:00 PM

plaese add questions
TURKEY


DIA 10/7/2023 5:59:00 AM

is dumps still valid ?
FRANCE


Annie 7/7/2023 8:33:00 AM

thanks for this
EUROPEAN UNION


arnie 9/17/2023 6:38:00 AM

please upload questions
Anonymous


Tanuj Rana 7/22/2023 2:33:00 AM

please upload the question dump for professional machinelearning
Anonymous


Future practitioner 8/10/2023 1:26:00 PM

question 4 answer is c. this site shows the correct answer as b. "adopt a consumption model" is clearly a cost optimization design principle. looks like im done using this site to study!!!
Anonymous


Ace 8/3/2023 10:37:00 AM

number 52 answer is d
UNITED STATES


Nathan 12/17/2023 12:04:00 PM

just started preparing for my exam , and this site is so much help
Anonymous


Corey 12/29/2023 5:06:00 PM

question 35 is incorrect, the correct answer is c, it even states so: explanation: when a vm is infected with ransomware, you should not restore the vm to the infected vm. this is because the ransomware will still be present on the vm, and it will encrypt the files again. you should also not restore the vm to any vm within the companys subscription. this is because the ransomware could spread to other vms in the subscription. the best way to restore a vm that is infected with ransomware is to restore it to a new azure vm. this will ensure that the ransomware is not present on the new vm.
Anonymous


Rajender 10/18/2023 3:54:00 AM

i would like to take psm1 exam.
Anonymous


Blessious Phiri 8/14/2023 9:53:00 AM

cbd and pdb are key to the database
SOUTH AFRICA


Alkaed 10/19/2022 10:41:00 AM

the purchase and download process is very much streamlined. the xengine application is very nice and user-friendly but there is always room for improvement.
NETHERLANDS