Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. CompTIA
  3. SY0-701

CompTIA Security+ SY0-701 Exam Questions in PDF

Free CompTIA SY0-701 Dumps Questions (page: 7)

SY0-701 PDF — 804 Questions

A city municipality lost its primary data center when a tornado hit the facility. Which of the following should the city staff use immediately after the disaster to handle essential public services?

  1. BCP
  2. Communication plan
  3. DRP
  4. IRP

Answer(s): C

Explanation:

Option C is correct because a Disaster Recovery Plan (DRP) guides recovery of critical IT systems and data after a catastrophic event to restore essential public services.
A) Incorrect — BCP (Business Continuity Plan) focuses on sustaining operations during an event, not the post-disaster restoration of IT infrastructure.
B) Incorrect — Communication plan outlines stakeholder and public communications, not the technical recovery of systems.
D) Incorrect — IRP (Incident Response Plan) handles detecting, responding to, and recovering from cybersecurity incidents, not broad disaster recovery of data center services.



Which of the following is considered a preventive control?

  1. Configuration auditing
  2. Log correlation
  3. Incident alerts
  4. Segregation of duties

Answer(s): D

Explanation:

Option D is correct because segregation of duties prevents fraud and error by ensuring no single user has conflicting responsibilities, a preventive control implemented to stop improper actions before they occur. A) Incorrect — configuration auditing is detective, not preventive, as it reviews changes after the fact. B) Incorrect — log correlation analyzes and detects patterns; it’s a detective/control rather than preventive. C) Incorrect — incident alerts notify when an event has occurred, serving as a detection/response mechanism, not a preventive control.



A systems administrator notices that a testing system is down. While investigating, the systems administrator finds that the servers are online and accessible from any device on the server network. The administrator reviews the following information from the monitoring system:



Which of the following is the most likely cause of the outage?

  1. Denial of service
  2. ARP poisoning
  3. Jamming
  4. Kerberoasting

Answer(s): A

Explanation:

Option A is correct because a Denial of Service (DoS) causes services to be unavailable to legitimate users, consistent with servers being online but inaccessible on the network from clients. Incorrect — B (ARP poisoning) disrupts local network by spoofing MAC addresses, not fully making servers unreachable from all devices. Incorrect — C (Jamming) typically affects wireless networks; the scenario mentions server network access rather than RF interference. Incorrect — D (Kerberoasting) is an authentication attack against Kerberos; it does not explain a total outage or widespread access from the server network.



A security team has been alerted to a flood of incoming emails that have various subject lines and are addressed to multiple email inboxes. Each email contains a URL shortener link that is redirecting to a dead domain. Which of the following is the best step for the security team to take?

  1. Create a blocklist for all subject lines.
  2. Send the dead domain to a DNS sinkhole.
  3. Quarantine all emails received and notify all employees.
  4. Block the URL shortener domain in the web proxy.

Answer(s): D

Explanation:

Option D is correct because blocking the URL shortener domain at the web proxy directly prevents users from reaching the malicious redirect, mitigating phishing delivery at the gateway. A) Blocklisting all subject lines is impractical and prone to false positives; attackers can vary subjects. B) DNS sinkhole for the dead domain would only affect DNS lookups, not the actual URL redirection once the link is clicked. C) Quarantining all emails and notifying users is reactive and disruptive; it does not stop the immediate malicious payloads from reaching employees.



A security administrator is working to secure company data on corporate laptops in case the laptops are stolen. Which of the following solutions should the administrator consider?

  1. Disk encryption
  2. Data loss prevention
  3. Operating system hardening
  4. Boot security

Answer(s): A

Explanation:

Option A is correct because disk encryption protects data at rest on laptops, making stolen devices unreadable without the decryption key. B is incorrect since DLP focuses on preventing data loss or exfiltration, not protecting data on a stolen device. C is incorrect because OS hardening reduces vulnerabilities but does not by itself render data unreadable if the device is stolen. D is incorrect since boot security guards startup integrity but does not ensure existing data is inaccessible if the disk is encrypted. Correct — disk encryption ensures confidentiality of stored data on lost or stolen laptops.
A) reason
B) reason
C) reason
D) reason



A company needs to keep the fewest records possible, meet compliance needs, and ensure destruction of records that are no longer needed. Which of the following best describes the policy that meets these requirements?

  1. Security policy
  2. Classification policy
  3. Retention policy
  4. Access control policy

Answer(s): C

Explanation:

Option C is correct because a retention policy specifies how long records are kept to meet compliance and ensure timely destruction of data no longer needed, supporting data lifecycle management.
A) Incorrect — A security policy outlines acceptable use, risk management, and controls, not data retention timelines or destruction requirements.
B) Incorrect — A classification policy defines data sensitivity levels and handling rules, but not retention durations or destruction schedules.
D) Incorrect — An access control policy governs who can access resources, not retention periods or deletion requirements.



Which of the following is a common source of unintentional corporate credential leakage in cloud environments?

  1. Code repositories
  2. Dark web
  3. Threat feeds
  4. State actors
  5. Vulnerability databases

Answer(s): A

Explanation:

Option A is correct because code repositories often contain hard-coded credentials, API keys, or secrets that admins inadvertently commit, leading to credential leakage in cloud environments.
A) correct — Credentials or secrets may be committed in source code or configuration files, leaking access to cloud services.
B) incorrect — Dark web exposure is a potential risk but not a common source of inadvertent leakage from internal workflows.
C) incorrect — Threat feeds provide intel on threats, not typically a source of leaked credentials.
D) incorrect — State actors are potential adversaries, not a common inadvertent leakage source.
E) incorrect — Vulnerability databases document flaws, not credentials.



Which of the following is the best reason an organization should enforce a data classification policy to help protect its most sensitive information?

  1. End users will be required to consider the classification of data that can be used in documents.
  2. The policy will result in the creation of access levels for each level of classification.
  3. The organization will have the ability to create security requirements based on classification levels.
  4. Security analysts will be able to see the classification of data within a document before opening it.

Answer(s): C

Explanation:

Option C is correct because a data classification policy enables security controls to be defined and enforced based on classification levels, aligning protections with data value and risk. Incorrect — A: While awareness may improve, requiring end users to consider classification does not directly establish security controls. Incorrect — B: Access levels can be derived from classification, but the core purpose is to enforce security requirements; B describes a consequence, not the primary rationale. Incorrect — D: Visibility to analysts before opening a document is not the fundamental reason for policy; access control and protection based on classification is the key.



Viewing page 7 of 102

Share your comments for CompTIA SY0-701 exam with other users:

V
Vani
8/10/2023 8:11:00 PM

good questions

NEW ZEALAND
F
Fares
9/11/2023 5:00:00 AM

good one nice revision

Anonymous
L
Lingaraj
10/26/2023 1:27:00 AM

i love this thank you i need

Anonymous
M
Muhammad Rawish Siddiqui
12/5/2023 12:38:00 PM

question # 142: data governance is not one of the deliverables in the document and content management context diagram.

SAUDI ARABIA
A
al
6/7/2023 10:25:00 AM

most answers not correct here

Anonymous
B
Bano
1/19/2024 2:29:00 AM

what % of questions do we get in the real exam?

UNITED STATES
O
Oliviajames
10/25/2023 5:31:00 AM

i just want to tell you. i took my microsoft az-104 exam and passed it. your program was awesome. i especially liked your detailed questions and answers and practice tests that made me well-prepared for the exam. thanks to this website!!!

UNITED STATES
D
Divya
8/27/2023 12:31:00 PM

all the best

UNITED STATES
K
KY
1/1/2024 11:01:00 PM

very usefull document

Anonymous
A
Arun
9/20/2023 4:52:00 PM

nice and helpful questions

INDIA
J
Joseph J
7/11/2023 2:53:00 PM

i found the questions helpful

UNITED STATES
M
Meg
10/12/2023 8:02:00 AM

q 105 . ans is d

INDIA
N
Navaneeth S
7/14/2023 7:57:00 AM

i have interest to get a sybase iq dba certification

UNITED STATES
A
Aish
10/11/2023 5:27:00 AM

want to pass exm.

INDIA
A
Anonymous
6/12/2023 7:23:00 AM

are the answers correct?

INDIA
K
Kris
7/7/2023 9:43:00 AM

good morning, could you please upload this exam again, i need it to test my knowledge in sd-wan with version 7.0.

Anonymous
M
Meghraj mali
10/7/2023 1:47:00 PM

very nice question

CANADA
N
Noel
11/1/2022 9:14:00 PM

i have learning disability and this exam dumps allowed me to focus on the actual questions and not worry about notes and the those other study materials.

SOUTH AFRICA
J
Jas
10/25/2023 6:01:00 PM

165 should be apt

UNITED STATES
N
Neetu
6/22/2023 8:41:00 AM

please upload the dumps, real need of them

Anonymous
M
Mark
10/24/2023 1:34:00 AM

any recent feeedback?

UNITED STATES
G
Gopinadh
8/9/2023 4:05:00 AM

question number 2 is indicating you are giving proper questions. observe and change properly.

Anonymous
S
Santhi
1/1/2024 8:23:00 AM

passed today.40% questions were new.litwere case study,lots of new questions on afd,ratelimit,tm,lb,app gatway.got 2 set series of questions which are not present here.questions on azure cyclecloud, no.of vnet/vms required for implimentation,blueprints assignment/management group etc

INDIA
R
Raviraj Magadum
1/12/2024 11:39:00 AM

practice test

INDIA
S
sivaramakrishnan
7/27/2023 8:12:00 AM

want the dumps for emc content management server programming(cmsp)

Anonymous
A
Aderonke
10/23/2023 1:52:00 PM

brilliant and helpful

UNITED KINGDOM
A
Az
9/16/2023 2:43:00 PM

q75. azure files is pass

SWITZERLAND
K
ketty
11/9/2023 8:10:00 AM

very helpful

Anonymous
S
Sonail
5/2/2022 1:36:00 PM

thank you for these questions. it helped a lot.

UNITED STATES
S
Shariq
7/28/2023 8:00:00 AM

how do i get the h12-724 dumps

Anonymous
A
adi
10/30/2023 11:51:00 PM

nice data dumps

Anonymous
E
EDITH NCUBE
7/25/2023 7:28:00 AM

answers are correct

SOUTH AFRICA
R
Raja
6/20/2023 4:38:00 AM

good explanation

UNITED STATES
B
BigMouthDog
1/22/2022 8:17:00 PM

hi team just want to know if there is any update version of the exam 350-401

AUSTRALIA
AI Tutor 👋 I’m here to help!