Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. CompTIA
  3. SY0-701

CompTIA SY0-701 Exam (page: 5)
CompTIA Security+
Updated on: 31-Mar-2026

Viewing Page 5 of 91
SY0-701 PDF 757 Questions

A network team segmented a critical, end-of-life server to a VLAN that can only be reached by specific devices but cannot be reached by the perimeter network.
Which of the following best describe the controls the team implemented? (Choose two.)

  1. Managerial
  2. Physical
  3. Corrective
  4. Detective
  5. Compensating
  6. Technical
  7. Deterrent

Answer(s): E,F

Explanation:

End-to-end access control and network segmentation are implemented through compensating and technical controls.
A) Managerial – incorrect: relates to policies, procedures, and governance, not the technical segmentation described.
B) Physical – incorrect: excludes physical security, which is not the focus of VLAN access restrictions.
C) Corrective – incorrect: remedies after an incident; not about preventing access via segmentation.
D) Detective – incorrect: focuses on identifying incidents, not preventing access.
E) Compensating – correct: provides alternative control when primary controls are impracticable; VLAN segmentation serves as a compensating measure for old server exposure.
F) Technical – correct: uses technology (VLANs, ACLs) to enforce access restrictions.
G) Deterrent – incorrect: aims to discourage attacks, not enforce access control.


Reference:



A threat actor was able to use a username and password to log in to a stolen company mobile device.
Which of the following provides the best solution to increase mobile data security on all employees' company mobile devices?

  1. Application management
  2. Full disk encryption
  3. Remote wipe
  4. Containerization

Answer(s): C

Explanation:

A) Remote wipe provides the best solution to protect data after loss or theft by erasing data on all affected devices, reducing risk of unauthorized access.
B) Full disk encryption protects data at rest but does not prevent access if device is compromised or stolen and credentials are known.
C) Remote wipe is correct because it enables enterprise-wide data removal on lost/stolen devices, mitigating exposure from stolen credentials.
D) Containerization isolates corporate data but does not guarantee data removal or enforcement across all devices after loss; it’s a control but not as comprehensive as remote wipe.



Which of the following best describes the risk present after controls and mitigating factors have been applied?

  1. Residual
  2. Avoided
  3. Inherent
  4. Operational

Answer(s): A

Explanation:

A) Residual
Residual risk is the remaining risk after controls and mitigations have been applied. Inherent risk is the risk before controls. Avoided risk refers to risk eliminated by a decision (e.g., avoidance). Operational risk pertains to day-to-day risk from processes, people, or systems, not the post-control risk level.


Reference:



A software development team asked a security administrator to recommend techniques that should be used to reduce the chances of the software being reverse engineered.
Which of the following should the security administrator recommend?

  1. Digitally signing the software
  2. Performing code obfuscation
  3. Limiting the use of third-party libraries
  4. Using compile flags

Answer(s): B

Explanation:

Code obfuscation makes reverse engineering more difficult by transforming readable code into hard-to-understand constructs without altering functionality.
A) Digitally signing ensures integrity and provenance of the software, not obscurity or reverse-engineering resistance.
C) Limiting third-party libraries reduces dependencies but does not impede reverse engineering of the delivered binary.
D) Compile flags influence optimization or debug info, not a systematic method to prevent reverse engineering.
A concise defense of B: it raises the technical barrier for static analysis and decompilation, aligning with anti-reverse-engineering techniques. Obfuscation should be complemented by other controls (protective coding, tamper detection) for stronger security.


Reference:



Which of the following is a possible factor for MFA?

  1. Something you exhibit
  2. Something you have
  3. Somewhere you are
  4. Someone you know

Answer(s): B

Explanation:

A short factor for MFA is what you have, such as a hardware token or mobile authenticator.
A) Something you exhibit — incorrect; relates to behavioral biometrics, not a primary MFA factor.
B) Something you have — correct; corresponds to possession factor in MFA.
C) Somewhere you are — incorrect; location is not one of the core three factors, though it can be used as contextual data.
D) Someone you know — incorrect; relates to social engineering risk, not a factor.


Reference:



Easy-to-guess passwords led to an account compromise. The current password policy requires at least 12 alphanumeric characters, one uppercase character, one lowercase character, a password history of two passwords, a minimum password age of one day, and a maximum password age of 90 days.
Which of the following would reduce the risk of this incident from happening again? (Choose two.)

  1. Increasing the minimum password length to 14 characters.
  2. Upgrading the password hashing algorithm from MD5 to SHA-512.
  3. Increasing the maximum password age to 120 days.
  4. Reducing the minimum password length to ten characters.
  5. Reducing the minimum password age to zero days.
  6. Including a requirement for at least one special character.

Answer(s): A,F

Explanation:

Increasing the minimum length to 14 characters (A) directly strengthens password entropy, reducing guessability. Requiring a special character (F) further increases complexity, improving resistance to brute force and dictionary attacks.
B is incorrect because upgrading hash algorithms protects stored passwords but does not affect user-created password strength; the breach stemmed from weak user credentials, not hash cracking. C is incorrect since longer max age would increase exposure time; 120 days is not safer. D is incorrect as reducing length weakens entropy. E is incorrect because lowering minimum age to zero enables more frequent changes but does not improve strength and may encourage churn without improving complexity.


Reference:



A user downloaded software from an online forum. After the user installed the software, the security team observed external network traffic connecting to the user's computer on an uncommon port.
Which of the following is the most likely explanation of this unauthorized connection?

  1. The software had a hidden keylogger.
  2. The software was ransomware.
  3. The user's computer had a fileless virus.
  4. The software contained a backdoor.

Answer(s): D

Explanation:

The software likely introduced a backdoor, enabling unauthorized external connections on an uncommon port.
A) Keylogger would capture input but not necessarily establish an ongoing external connection on an uncommon port.
B) Ransomware typically encrypts data and demands payment, not primarily about outbound connections to uncommon ports.
C) Fileless malware operates in memory and may evade disk detection, but the scenario emphasizes a persistent external channel from a hidden entry point.
D) Backdoor provides unauthorized remote access, explaining unexpected outbound traffic on unusual ports after software from an untrusted source.


Reference:



A utility company is designing a new platform that will host all the virtual machines used by business applications. The requirements include:

A starting baseline of 50% memory utilization

Storage scalability

Single circuit failure resilience

Which of the following best meets all of these requirements?

  1. Connecting dual PDUs to redundant power supplies
  2. Transitioning the platform to an IaaS provider
  3. Configuring network load balancing for multiple paths
  4. Deploying multiple large NAS devices for each host

Answer(s): B

Explanation:

A) Connecting dual PDUs to redundant power supplies: Not addressing memory utilization or storage scalability; focuses on power resilience only.
B) Transitioning the platform to an IaaS provider: Provides scalable infrastructure, dynamic resource allocation for memory and storage, and resilience against single circuit failure via provider redundancy.
C) Configuring network load balancing for multiple paths: Improves network availability but does not inherently meet memory baseline, storage scalability, or single circuit failure resilience for VM hosting.
D) Deploying multiple large NAS devices for each host: Increases storage capacity but adds management complexity and may not ensure memory utilization baseline or single-circuit resilience.


Reference:



Viewing Page 5 of 91



Share your comments for CompTIA SY0-701 exam with other users:

Giri 9/13/2023 10:31:00 PM

can you please provide dumps so that it helps me more
UNITED STATES


Aaron 2/8/2023 12:10:00 AM

thank you for providing me with the updated question and answers. this version has all the questions from the exam. i just saw them in my exam this morning. i passed my exam today.
SOUTH AFRICA


Sarwar 12/21/2023 4:54:00 PM

how i can see exam questions?
CANADA


Chengchaone 9/11/2023 10:22:00 AM

can you please upload please?
Anonymous


Mouli 9/2/2023 7:02:00 AM

question 75: option c is correct answer
Anonymous


JugHead 9/27/2023 2:40:00 PM

please add this exam
Anonymous


sushant 6/28/2023 4:38:00 AM

please upoad
EUROPEAN UNION


John 8/7/2023 12:09:00 AM

has anyone recently attended safe 6.0 certification? is it the samq question from here.
Anonymous


Blessious Phiri 8/14/2023 3:49:00 PM

expository experience
Anonymous


concerned citizen 12/29/2023 11:31:00 AM

52 should be b&c. controller failure has nothing to do with this type of issue. degraded state tells us its a raid issue, and if the os is missing then the bootable device isnt found. the only other consideration could be data loss but thats somewhat broad whereas b&c show understanding of the specific issues the question is asking about.
UNITED STATES


deedee 12/23/2023 5:10:00 PM

great help!!!
UNITED STATES


Samir 8/1/2023 3:07:00 PM

very useful tools
UNITED STATES


Saeed 11/7/2023 3:14:00 AM

looks a good platform to prepare az-104
Anonymous


Matiullah 6/24/2023 7:37:00 AM

want to pass the exam
Anonymous


SN 9/5/2023 2:25:00 PM

good resource
UNITED STATES


Zoubeyr 9/8/2023 5:56:00 AM

question 11 : d
FRANCE


User 8/29/2023 3:24:00 AM

only the free dumps will be enough for pass, or have to purchase the premium one. please suggest.
Anonymous


CW 7/6/2023 7:37:00 PM

good questions. thanks.
Anonymous


Farooqi 11/21/2023 1:37:00 AM

good for practice.
INDIA


Isaac 10/28/2023 2:30:00 PM

great case study
UNITED STATES


Malviya 2/3/2023 9:10:00 AM

the questions in this exam dumps is valid. i passed my test last monday. i only whish they had their pricing in inr instead of usd. but it is still worth it.
INDIA


rsmyth 5/18/2023 12:44:00 PM

q40 the answer is not d, why are you giving incorrect answers? snapshot consolidation is used to merge the snapshot delta disk files to the vm base disk
IRELAND


Keny 6/23/2023 9:00:00 PM

thanks, very relevant
PERU


Muhammad Rawish Siddiqui 11/29/2023 12:14:00 PM

wrong answer. it is true not false.
SAUDI ARABIA


Josh 7/10/2023 1:54:00 PM

please i need the mo-100 questions
Anonymous


VINNY 6/2/2023 11:59:00 AM

very good use full
Anonymous


Andy 12/6/2023 5:56:00 AM

very valid questions
Anonymous


Mamo 8/12/2023 7:46:00 AM

will these question help me to clear pl-300 exam?
UNITED STATES


Marial Manyang 7/26/2023 10:13:00 AM

please provide me with these dumps questions. thanks
Anonymous


Amel Mhamdi 12/16/2022 10:10:00 AM

in the pdf downloaded is write google cloud database engineer i think that it isnt the correct exam
FRANCE


Angel 8/30/2023 10:58:00 PM

i think you have the answers wrong regarding question: "what are three core principles of web content accessibility guidelines (wcag)? answer: robust, operable, understandable
UNITED STATES


SH 5/16/2023 1:43:00 PM

these questions are not valid , they dont come for the exam now
UNITED STATES


sudhagar 9/6/2023 3:02:00 PM

question looks valid
UNITED STATES


Van 11/24/2023 4:02:00 AM

good for practice
Anonymous