CompTIA Security+ SY0-701 Dumps in PDF

Free CompTIA SY0-701 Real Questions (page: 7)

A city municipality lost its primary data center when a tornado hit the facility. Which of the following should the city staff use immediately after the disaster to handle essential public services?

  1. BCP
  2. Communication plan
  3. DRP
  4. IRP

Answer(s): C

Explanation:

Option C is correct because a Disaster Recovery Plan (DRP) guides recovery of critical IT systems and data after a catastrophic event to restore essential public services.
A) Incorrect — BCP (Business Continuity Plan) focuses on sustaining operations during an event, not the post-disaster restoration of IT infrastructure.
B) Incorrect — Communication plan outlines stakeholder and public communications, not the technical recovery of systems.
D) Incorrect — IRP (Incident Response Plan) handles detecting, responding to, and recovering from cybersecurity incidents, not broad disaster recovery of data center services.



Which of the following is considered a preventive control?

  1. Configuration auditing
  2. Log correlation
  3. Incident alerts
  4. Segregation of duties

Answer(s): D

Explanation:

Option D is correct because segregation of duties prevents fraud and error by ensuring no single user has conflicting responsibilities, a preventive control implemented to stop improper actions before they occur. A) Incorrect — configuration auditing is detective, not preventive, as it reviews changes after the fact. B) Incorrect — log correlation analyzes and detects patterns; it’s a detective/control rather than preventive. C) Incorrect — incident alerts notify when an event has occurred, serving as a detection/response mechanism, not a preventive control.



A systems administrator notices that a testing system is down. While investigating, the systems administrator finds that the servers are online and accessible from any device on the server network. The administrator reviews the following information from the monitoring system:



Which of the following is the most likely cause of the outage?

  1. Denial of service
  2. ARP poisoning
  3. Jamming
  4. Kerberoasting

Answer(s): A

Explanation:

Option A is correct because a Denial of Service (DoS) causes services to be unavailable to legitimate users, consistent with servers being online but inaccessible on the network from clients. Incorrect — B (ARP poisoning) disrupts local network by spoofing MAC addresses, not fully making servers unreachable from all devices. Incorrect — C (Jamming) typically affects wireless networks; the scenario mentions server network access rather than RF interference. Incorrect — D (Kerberoasting) is an authentication attack against Kerberos; it does not explain a total outage or widespread access from the server network.



A security team has been alerted to a flood of incoming emails that have various subject lines and are addressed to multiple email inboxes. Each email contains a URL shortener link that is redirecting to a dead domain. Which of the following is the best step for the security team to take?

  1. Create a blocklist for all subject lines.
  2. Send the dead domain to a DNS sinkhole.
  3. Quarantine all emails received and notify all employees.
  4. Block the URL shortener domain in the web proxy.

Answer(s): D

Explanation:

Option D is correct because blocking the URL shortener domain at the web proxy directly prevents users from reaching the malicious redirect, mitigating phishing delivery at the gateway. A) Blocklisting all subject lines is impractical and prone to false positives; attackers can vary subjects. B) DNS sinkhole for the dead domain would only affect DNS lookups, not the actual URL redirection once the link is clicked. C) Quarantining all emails and notifying users is reactive and disruptive; it does not stop the immediate malicious payloads from reaching employees.



A security administrator is working to secure company data on corporate laptops in case the laptops are stolen. Which of the following solutions should the administrator consider?

  1. Disk encryption
  2. Data loss prevention
  3. Operating system hardening
  4. Boot security

Answer(s): A

Explanation:

Option A is correct because disk encryption protects data at rest on laptops, making stolen devices unreadable without the decryption key. B is incorrect since DLP focuses on preventing data loss or exfiltration, not protecting data on a stolen device. C is incorrect because OS hardening reduces vulnerabilities but does not by itself render data unreadable if the device is stolen. D is incorrect since boot security guards startup integrity but does not ensure existing data is inaccessible if the disk is encrypted. Correct — disk encryption ensures confidentiality of stored data on lost or stolen laptops.
A) reason
B) reason
C) reason
D) reason



A company needs to keep the fewest records possible, meet compliance needs, and ensure destruction of records that are no longer needed. Which of the following best describes the policy that meets these requirements?

  1. Security policy
  2. Classification policy
  3. Retention policy
  4. Access control policy

Answer(s): C

Explanation:

Option C is correct because a retention policy specifies how long records are kept to meet compliance and ensure timely destruction of data no longer needed, supporting data lifecycle management.
A) Incorrect — A security policy outlines acceptable use, risk management, and controls, not data retention timelines or destruction requirements.
B) Incorrect — A classification policy defines data sensitivity levels and handling rules, but not retention durations or destruction schedules.
D) Incorrect — An access control policy governs who can access resources, not retention periods or deletion requirements.



Which of the following is a common source of unintentional corporate credential leakage in cloud environments?

  1. Code repositories
  2. Dark web
  3. Threat feeds
  4. State actors
  5. Vulnerability databases

Answer(s): A

Explanation:

Option A is correct because code repositories often contain hard-coded credentials, API keys, or secrets that admins inadvertently commit, leading to credential leakage in cloud environments.
A) correct — Credentials or secrets may be committed in source code or configuration files, leaking access to cloud services.
B) incorrect — Dark web exposure is a potential risk but not a common source of inadvertent leakage from internal workflows.
C) incorrect — Threat feeds provide intel on threats, not typically a source of leaked credentials.
D) incorrect — State actors are potential adversaries, not a common inadvertent leakage source.
E) incorrect — Vulnerability databases document flaws, not credentials.



Which of the following is the best reason an organization should enforce a data classification policy to help protect its most sensitive information?

  1. End users will be required to consider the classification of data that can be used in documents.
  2. The policy will result in the creation of access levels for each level of classification.
  3. The organization will have the ability to create security requirements based on classification levels.
  4. Security analysts will be able to see the classification of data within a document before opening it.

Answer(s): C

Explanation:

Option C is correct because a data classification policy enables security controls to be defined and enforced based on classification levels, aligning protections with data value and risk. Incorrect — A: While awareness may improve, requiring end users to consider classification does not directly establish security controls. Incorrect — B: Access levels can be derived from classification, but the core purpose is to enforce security requirements; B describes a consequence, not the primary rationale. Incorrect — D: Visibility to analysts before opening a document is not the fundamental reason for policy; access control and protection based on classification is the key.



Share your comments for CompTIA SY0-701 exam with other users:

S
s_123
8/12/2023 4:28:00 PM

do we need c# coding to be az204 certified

B
Blessious Phiri
8/15/2023 3:38:00 PM

excellent topics covered

M
Manasa
12/5/2023 3:15:00 AM

are these really financial cloud questions and answers, seems these are basic admin question and answers

N
Not Robot
5/14/2023 5:33:00 PM

are these comments real

K
kriah
9/4/2023 10:44:00 PM

please upload the latest dumps

E
ed
12/17/2023 1:41:00 PM

a company runs its workloads on premises. the company wants to forecast the cost of running a large application on aws. which aws service or tool can the company use to obtain this information? pricing calculator ... the aws pricing calculator is primarily used for estimating future costs

M
Muru
12/29/2023 10:23:00 AM

looks interesting

T
Tech Lady
10/17/2023 12:36:00 PM

thanks! that’s amazing

M
Mike
8/20/2023 5:12:00 PM

the exam dumps are helping me get a solid foundation on the practical techniques and practices needed to be successful in the auditing world.

N
Nobody
9/18/2023 6:35:00 PM

q 14 should be dmz sever1 and notepad.exe why does note pad have a 443 connection

M
Muhammad Rawish Siddiqui
12/4/2023 12:17:00 PM

question # 108, correct answers are business growth and risk reduction.

E
Emmah
7/29/2023 9:59:00 AM

are these valid chfi questions

M
Mort
10/19/2023 7:09:00 PM

question: 162 should be dlp (b)

E
Eknath
10/4/2023 1:21:00 AM

good exam questions

N
Nizam
6/16/2023 7:29:00 AM

I have to say this is really close to real exam. Passed my exam with this.

P
poran
11/20/2023 4:43:00 AM

good analytics question

A
Antony
11/23/2023 11:36:00 AM

this looks accurate

E
Ethan
8/23/2023 12:52:00 AM

question 46, the answer should be data "virtualization" (not visualization).

N
nSiva
9/22/2023 5:58:00 AM

its useful.

R
Ranveer
7/26/2023 7:26:00 PM

Pass this exam 3 days ago. The PDF version and the Xengine App is quite useful.

S
Sanjay
8/15/2023 10:22:00 AM

informative for me.

T
Tom
12/12/2023 8:53:00 PM

question 134s answer shoule be "dlp"

A
Alex
11/7/2023 11:02:00 AM

in 72 the answer must be [sys_user_has_role] table.

F
Finn
5/4/2023 10:21:00 PM

i appreciated the mix of multiple-choice and short answer questions. i passed my exam this morning.

A
AJ
7/13/2023 8:33:00 AM

great to find this website, thanks

C
Curtis Nakawaki
6/29/2023 9:11:00 PM

examination questions seem to be relevant.

U
Umashankar Sharma
10/22/2023 9:39:00 AM

planning to take psm test

E
ED SHAW
7/31/2023 10:34:00 AM

please allow to download

A
AD
7/22/2023 11:29:00 AM

please provide dumps

A
Ayyjayy
11/6/2023 7:29:00 AM

is the answer to question 15 correct ? i feel like the answer should be b

B
Blessious Phiri
8/12/2023 11:56:00 AM

its getting more technical

J
Jeanine J
7/11/2023 3:04:00 PM

i think these questions are what i need.

A
Aderonke
10/23/2023 2:13:00 PM

helpful assessment

T
Tom
1/5/2024 2:32:00 AM

i am confused about the answers to the questions. do you know if the answers are correct?

AI Tutor 👋 I’m here to help!