Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. CompTIA
  3. SY0-701

CompTIA SY0-701 Exam (page: 4)
CompTIA Security+
Updated on: 31-Mar-2026

Viewing Page 4 of 91
SY0-701 PDF 757 Questions

An administrator at a small business notices an increase in support calls from employees who receive a blocked page message after trying to navigate to a spoofed website.
Which of the following should the administrator do?

  1. Deploy multifactor authentication.
  2. Decrease the level of the web filter settings.
  3. Implement security awareness training.
  4. Update the acceptable use policy.

Answer(s): C

Explanation:

Safeguards that address user behavior reduce phishing and access to malicious sites. Implementing security awareness training (C) educates users to recognize spoofed sites, report incidents, and follow safe browsing practices, lowering risk and helpdesk calls. A) Deploy multifactor authentication helps with credential theft but doesn’t directly reduce exposure to spoofed sites or user-reported blocks. B) Decreasing web filter settings would increase risk and potentially allow more malicious content. D) Updating the acceptable use policy may help governance but does not train users to recognize or avoid spoofed sites; it’s less immediate in reducing calls. C) is the appropriate control.


Reference:



Which of the following teams is best suited to determine whether a company has systems that can be exploited by a potential, identified vulnerability?

  1. Purple team
  2. Blue team
  3. Red team
  4. White team

Answer(s): C

Explanation:

A detailed ethical hacking perspective: Red team simulates real-world attackers to determine exploitable systems and verify the presence of vulnerabilities from an attacker's view.
A) Purple team: coordinates red and blue efforts but does not primarily perform exploitation to prove exploitable vulnerabilities.
B) Blue team: defends and mitigates; detects and responds to incidents, not primarily exploitative assessment.
C) Red team: conducts controlled attacks to identify exploitable systems and validate security controls from an attacker’s perspective.
D) White team: oversight or governance role; not involved in active exploitation.


Reference:



A company is reviewing options to enforce user logins after several account takeovers. The following conditions must be met as part of the solution:

Allow employees to work remotely or from assigned offices around the world.

Provide a seamless login experience.

Limit the amount of equipment required.

Which of the following best meets these conditions?

  1. Trusted devices
  2. Geotagging
  3. Smart cards
  4. Time-based logins

Answer(s): A

Explanation:

A) Enables zero-trust style validation without relying on physical tokens; supports remote/off-site workers and seamless access with device posture and identity checks, reducing login friction while enforcing authentication after takedowns.
B) Geotagging relies on location data, but not robustly on login authentication and can be spoofed; it also doesn’t inherently enforce authentication post-takeover.
C) Smart cards provide strong authentication but require physical tokens and readers, increasing equipment and management needs, reducing seamlessness and scalability for global remote workers.
D) Time-based logins introduce temporal constraints but don’t address device posture or seamless access, and can hinder legitimate remote access.


Reference:



Which of the following methods can be used to detect attackers who have successfully infiltrated a network? (Choose two.)

  1. Tokenization
  2. CI/CD
  3. Honeypots
  4. Threat modeling
  5. DNS sinkhole
  6. Data obfuscation

Answer(s): C,E

Explanation:

A network defense goal is to detect intruders; honeypots and DNS sinkholes facilitate detection of compromised or malicious activity.
A) Tokenization - not used for detecting intruders; data substitution for protection, not monitoring.
B) CI/CD - software delivery practice; not a detection mechanism for intrusions.
C) Honeypots - decoy systems to attract attackers and alert on unauthorized access; suitable for detection.
D) Threat modeling - proactive risk assessment; not active detection of an ongoing intrusion.
E) DNS sinkhole - redirects or logs malicious domain requests, enabling detection of compromised hosts.
F) Data obfuscation - protects data; does not detect intruders.


Reference:



A company wants to ensure that the software it develops will not be tampered with after the final version is completed.
Which of the following should the company most likely use?

  1. Hashing
  2. Encryption
  3. Baselines
  4. Tokenization

Answer(s): A

Explanation:

A) Hashing is correct because it creates a unique digest of the final software version, enabling tamper detection; any modification changes the hash.
B) Encryption protects data confidentiality, not tamper detection of code integrity.
C) Baselines describe standard configurations to detect deviations, but do not provide a tamper-evident mechanism on the final artifact itself.
D) Tokenization replaces data with tokens for privacy, not for verifying software integrity.


Reference:



An organization completed a project to deploy SSO across all business applications last year. Recently, the finance department selected a new cloud-based accounting software vendor.
Which of the following should most likely be configured during the new software deployment?

  1. RADIUS
  2. SAML
  3. EAP
  4. OpenID

Answer(s): B

Explanation:

Implementing SAML enables SSO across the new cloud-based application, leveraging the existing centralized identity provider to federate authentication for the finance software. This aligns with prior SSO deployment and avoids reconfiguring local credentials.
A) RADIUS is a network access authentication protocol, not best for web-based SaaS SSO federation.
C) EAP is an authentication framework for network access, not specifically for web SSO or SaaS federations.
D) OpenID is an authentication protocol (not SAML) and would require different federation mechanisms; SAML is more common for enterprise SaaS SSO.


Reference:



A user, who is waiting for a flight at an airport, logs in to the airline website using the public Wi-Fi, ignores a security warning and purchases an upgraded seat.
When the flight lands, the user finds unauthorized credit card charges.
Which of the following attacks most likely occurred?

  1. Replay attack
  2. Memory leak
  3. Buffer overflow attack
  4. On-path attack

Answer(s): D

Explanation:

A) On-path attack is correct because the user connected over unsecured public Wi-Fi and ignored a security warning, enabling an attacker to perform a man-in-the-middle (on-path) interception of session tokens and payment data, leading to unauthorized charges.
B) Replay attack is incorrect because it involves capturing and reusing valid data to impersonate, not typically triggered by insecure Wi-Fi per se during a live transaction with payment processing.
C) Memory leak is incorrect as it is a software defect causing resource exhaustion, not related to interception or credential compromise over a network.
D) Buffer overflow attack is incorrect since it exploits memory safety to execute arbitrary code, not a standard mechanism for intercepting payment data on a public network.


Reference:



A network engineer deployed a redundant switch stack to increase system availability. However, the budget can only cover the cost of one ISP connection.
Which of the following best describes the potential risk factor?

  1. The equipment MTBF is unknown.
  2. The ISP has no SLA.
  3. An RPO has not been determined.
  4. There is a single point of failure.

Answer(s): D

Explanation:

A) A single point of failure in the redundant switch stack with only one ISP link means all traffic depends on one path; if the stack or link fails, there is no alternative route.
B) An SLA is not directly about risk from redundancy; even with an SLA, a single ISP connection can fail and affect availability.
C) RPO relates to data loss tolerance, not network topology redundancy or availability.
D) The core risk is a single point of failure because despite stacking, the lack of diverse network paths or multiple ISPs creates one vulnerable failure domain.


Reference:



Viewing Page 4 of 91



Share your comments for CompTIA SY0-701 exam with other users:

TTB 8/22/2023 5:30:00 AM

hi, could you please update the latest dump version
Anonymous


T 7/28/2023 9:06:00 PM

this question is keep repeat : you are developing a sales application that will contain several azure cloud services and handle different components of a transaction. different cloud services will process customer orders, billing, payment, inventory, and shipping. you need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using xml messages. what should you include in the recommendation?
NEW ZEALAND


Gurgaon 9/28/2023 4:35:00 AM

great questions
UNITED STATES


wasif 10/11/2023 2:22:00 AM

its realy good
UNITED ARAB EMIRATES


Shubhra Rathi 8/26/2023 1:12:00 PM

oracle 1z0-1059-22 dumps
Anonymous


Leo 7/29/2023 8:48:00 AM

please share me the pdf..
INDIA


AbedRabbou Alaqabna 12/18/2023 3:10:00 AM

q50: which two functions can be used by an end user when pivoting an interactive report? the correct answer is a, c because we do not have rank in the function pivoting you can check in the apex app
GREECE


Rohan Limaye 12/30/2023 8:52:00 AM

best to practice
Anonymous


Aparajeeta 10/13/2023 2:42:00 PM

so far it is good
Anonymous


Vgf 7/20/2023 3:59:00 PM

please provide me the dump
Anonymous


Deno 10/25/2023 1:14:00 AM

i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.
Anonymous


CiscoStudent 11/15/2023 5:29:00 AM

in question 272 the right answer states that an autonomous acces point is "configured and managed by the wlc" but this is not what i have learned in my ccna course. is this a mistake? i understand that lightweight aps are managed by wlc while autonomous work as standalones on the wlan.
Anonymous


pankaj 9/28/2023 4:36:00 AM

it was helpful
Anonymous


User123 10/8/2023 9:59:00 AM

good question
UNITED STATES


vinay 9/4/2023 10:23:00 AM

really nice
Anonymous


Usman 8/28/2023 10:07:00 AM

please i need dumps for isc2 cybersecuity
Anonymous


Q44 7/30/2023 11:50:00 AM

ans is coldline i think
UNITED STATES


Anuj 12/21/2023 1:30:00 PM

very helpful
Anonymous


Giri 9/13/2023 10:31:00 PM

can you please provide dumps so that it helps me more
UNITED STATES


Aaron 2/8/2023 12:10:00 AM

thank you for providing me with the updated question and answers. this version has all the questions from the exam. i just saw them in my exam this morning. i passed my exam today.
SOUTH AFRICA


Sarwar 12/21/2023 4:54:00 PM

how i can see exam questions?
CANADA


Chengchaone 9/11/2023 10:22:00 AM

can you please upload please?
Anonymous


Mouli 9/2/2023 7:02:00 AM

question 75: option c is correct answer
Anonymous


JugHead 9/27/2023 2:40:00 PM

please add this exam
Anonymous


sushant 6/28/2023 4:38:00 AM

please upoad
EUROPEAN UNION


John 8/7/2023 12:09:00 AM

has anyone recently attended safe 6.0 certification? is it the samq question from here.
Anonymous


Blessious Phiri 8/14/2023 3:49:00 PM

expository experience
Anonymous


concerned citizen 12/29/2023 11:31:00 AM

52 should be b&c. controller failure has nothing to do with this type of issue. degraded state tells us its a raid issue, and if the os is missing then the bootable device isnt found. the only other consideration could be data loss but thats somewhat broad whereas b&c show understanding of the specific issues the question is asking about.
UNITED STATES


deedee 12/23/2023 5:10:00 PM

great help!!!
UNITED STATES


Samir 8/1/2023 3:07:00 PM

very useful tools
UNITED STATES


Saeed 11/7/2023 3:14:00 AM

looks a good platform to prepare az-104
Anonymous


Matiullah 6/24/2023 7:37:00 AM

want to pass the exam
Anonymous


SN 9/5/2023 2:25:00 PM

good resource
UNITED STATES


Zoubeyr 9/8/2023 5:56:00 AM

question 11 : d
FRANCE