A network team segmented a critical, end-of-life server to a VLAN that can only be reached by specific devices but cannot be reached by the perimeter network. Which of the following best describe the controls the team implemented? (Choose two.)
Answer(s): E,F
Option E and F are correct because:Correct — Compensating controls (E) substitute for an unavailable or out-of-date control, providing equivalent protection by isolating the server on a restricted VLAN to limit exposure. Correct — Technical controls (F) use technology (VLAN segmentation, ACLs) to enforce access restrictions rather than relying on people or processes alone.A) Incorrect — Managerial controls pertain to governance and policy, not the technical network segmentation described. B) Incorrect — Physical controls relate to tangible protections (locks, guards), not network isolation. C) Incorrect — Corrective controls restore systems after incidents; not about preventing access. D) Incorrect — Detective controls identify events; not the implemented preventive segmentation. G) Incorrect — Deterrent controls discourage actions but do not enforce the VLAN-implemented access restrictions.
A threat actor was able to use a username and password to log in to a stolen company mobile device. Which of the following provides the best solution to increase mobile data security on all employees' company mobile devices?
Answer(s): C
Option C is correct because remote wipe ensures data on a lost or stolen device can be erased to prevent unauthorized access, addressing the scenario where credentials were used on a stolen device. A) Application management controls app deployment but does not guarantee data removal after loss. B) Full disk encryption protects data at rest but does not mitigate ongoing risk if device is compromised and accessible. D) Containerization isolates corporate data, but remote wipe is the more urgent control for a stolen device scenario to immediately purge data.
Which of the following best describes the risk present after controls and mitigating factors have been applied?
Answer(s): A
Option A is correct because residual risk remains after controls and mitigations are applied. A) Residual risk describes the portion of risk still present despite safeguards. B) Avoided risk refers to risk eliminated by decision or control, not remaining. C) Inherent risk is the baseline risk before controls. D) Operational risk involves day-to-day risks from business processes, not the post-control risk level.
A software development team asked a security administrator to recommend techniques that should be used to reduce the chances of the software being reverse engineered. Which of the following should the security administrator recommend?
Answer(s): B
Option B is correct because code obfuscation makes reverse engineering harder by transforming the code to a less readable form without changing functionality, increasing the effort required to analyze. A) Incorrect — Digitally signing ensures integrity and authenticity, not obfuscation or reverse-engineering resistance.C) Incorrect — Limiting third-party libraries reduces dependency risk but does not directly impede reverse engineering of the compiled code.D) Incorrect — Compile flags optimize or alter build behavior but do not inherently protect against reverse engineering after compilation.
Which of the following is a possible factor for MFA?
Option B is correct because "Something you have" is a classic factor used in multi-factor authentication (MFA), representing possession-based credentials like a token, smart card, or mobile device. Incorrect — A) "Something you exhibit" is not a standard MFA factor; it might imply behavioral traits or biometrics but the canonical three factors are something you know, have, or are. C) "Somewhere you are" aligns with location-based access control, not a primary MFA factor. D) "Someone you know" is not a recognized MFA factor; it would imply social or acquaintance-based data, not a verifiable authentication factor.
Easy-to-guess passwords led to an account compromise. The current password policy requires at least 12 alphanumeric characters, one uppercase character, one lowercase character, a password history of two passwords, a minimum password age of one day, and a maximum password age of 90 days. Which of the following would reduce the risk of this incident from happening again? (Choose two.)
Answer(s): A,F
Option A is correct because increasing minimum length to 14 characters strengthens brute-force and credential-stuffing resilience, aligning with best practices for password entropy. Option F is correct because requiring a special character increases complexity, reducing guessability.A) Incorrect explanations: Not chosen? Actually A is correct; must explain why it helps.B) Incorrect — Hash algorithm choice protects stored passwords, not the likelihood of guessing during entry; MD5 is insecure but changing to SHA-512 mitigates offline attacks, not online guessing risk in this scenario.C) Incorrect — Increasing max age lengthens exposure; harms security by allowing longer-use passwords.D) Incorrect — Reducing length weakens entropy, increasing risk.E) Incorrect — Reducing min age to zero encourages immediate changes or none; not a direct effect on guessing risk.
A user downloaded software from an online forum. After the user installed the software, the security team observed external network traffic connecting to the user's computer on an uncommon port. Which of the following is the most likely explanation of this unauthorized connection?
Answer(s): D
Option D is correct because a backdoor provides unauthorized remote access, enabling external connections on nonstandard ports after software is installed from an untrusted source. A) Hidden keylogger is a credential-theft feature, not specifically about external connections on an uncommon port. B) Ransomware encrypts files and demands payment, typically not just external connections. C) Fileless malware resides in memory or uses legitimate tools; it can communicate externally but the scenario most directly indicates deliberate backdoor access. Incorrect options lack the clear backdoor mechanism to explain persistent anomalous outbound traffic on an uncommon port.
A utility company is designing a new platform that will host all the virtual machines used by business applications. The requirements include:A starting baseline of 50% memory utilizationStorage scalabilitySingle circuit failure resilienceWhich of the following best meets all of these requirements?
Option B is correct because moving to an IaaS provider offers scalable storage, VM hosting, and elasticity to meet growth (storage scalability) and utilization needs, with inherent resilience through service-level designs. Option A is incorrect because dual PDUs and redundant power address power reliability, not memory utilization or VM hosting scalability. Option C is incorrect because network load balancing focuses on distributing traffic, not providing scalable storage or baseline memory utilization for a VM platform. Option D is incorrect because deploying multiple large NAS devices increases storage capacity but does not inherently provide baseline memory utilization management or single circuit failure resilience for all VMs.
Share your comments for CompTIA SY0-701 exam with other users:
questions are accurate
i need questions/dumps for this exam.
i need this exam, when will it be uploaded
i need the dumps !
very helpful
good source
my 3rd test and passed on first try. hats off to this brain dumps site.
please upload it
does anybody know if are these real exam questions?
are these questions similar to actual questions in the exam? because they seem to be too easy
i have a lot of experience but what comes in the exam is totally different from the practical day to day tasks. so i thought i would rather rely on these brain dumps rather failing the exam.
good questions
valied exam dumps. they were very helpful and i got a pretty good score. i am very grateful for this service and exam questions
will it help?
very useful to verify knowledge before exam
good stuffs
question 17 : responses arent b and c ?
just passed the exam on my first try using these dumps.
these questions look good.
this is very helpful content
please provide the dumps
it is amazing
quesion 178 about "a banking system that predicts whether a loan will be repaid is an example of the" the answer is classification. not regresion, you should fix it.
please upload apache spark dumps
q14 is b&c to reduce you will switch off mail for every single alert and you will switch on daily digest to get a mail once per day, you might even skip the empty digest mail but i see this as a part of the daily digest adjustment
i think it is good question
good for students who wish to give certification.
is there a google drive link to the images? the links in questions are not working.
very promising, looks great, so much wow!
i scored 87% on the az-204 exam. thanks! i always trust
good need more
sample questions seems good
huawei is ok