A security administrator is working to find a cost-effective solution to implement certificates for a large number of domains and subdomains owned by the company. Which of the following types of certificates should the administrator implement?
Answer(s): A
Option A is correct because a wildcard certificate covers multiple subdomains under a single domain (e.g., *.example.com), reducing cost and management effort for many domains/subdomains. B is incorrect because client certificates authenticate users/devices, not domain protection. C is incorrect because self-signed certificates are not trusted by default and don’t scale well for large deployments. D is incorrect because code signing certificates validate software integrity, not web domain/subdomain TLS authentication.
An auditor discovered multiple insecure ports on some servers. Other servers were found to have legacy protocols enabled. Which of the following tools did the auditor use to discover these issues?
Option A is correct because Nessus is a vulnerability scanner used to identify insecure ports and misconfigurations, including legacy protocols, across hosts. Option B is incorrect since curl is a transfer tool for HTTP/S requests, not a port or protocol audit tool. Option C is incorrect because Wireshark captures network traffic for analysis but does not systematically discover insecure ports or legacy protocols across multiple servers. Option D is incorrect as netcat is a network utility for manual connections and data transfer, not a full asset/port-scanning vulnerability assessment.
A security analyst received a tip that sensitive proprietary information was leaked to the public. The analyst is reviewing the PCAP and notices traffic between an internal server and an external host that includes the following:...12:47:22.327233 PPPoE [ses 0x8122] IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto IPv6 (41), length 331) 10.5.1.1 > 52.165.16.154: IP6 (hlim E3, next- header TCP (6) paylcad length: 271) 2001:67c:2158:a019::ace.53104 > 2001:0:5ef5:79fd:380c:dddd:a601:24fa.13788: Flags [P.], cksum 0xd7ee (correct), seq 97:348, ack 102, win 16444, length 251...Which of the following was most likely used to exfiltrate the data?
Option A is correct because encapsulation over PPPoE with IPv6/TCP payload suggests tunneling data via a protocol wrapper, enabling covert exfiltration within legitimate traffic. Incorrect –B: MAC spoofing operates at Layer 2, not indicated by the observed IPv6/TCP payload exfiltration pattern. C: Steganography hides data within non-obvious media; the dump shows network protocol headers, not embedded payload steganography. D: Broken encryption implies ciphertext leakage, but the trace shows standard TCP payload without clues of attempted decryption or weak cipher. E: Sniffing via on-path position requires attacker placement; the data flow is outbound to an external host, not evidence of passive interception.
A company wants to reduce the time and expense associated with code deployment. Which of the following technologies should the company utilize?
Option A is correct because serverless architecture reduces deployment time and operational costs by removing server provisioning and management, enabling faster code deployment and automatic scaling.B) Incorrect — Thin clients are end-user devices with minimal processing; they do not directly reduce deployment time or costs for code deployment.C) Incorrect — Private cloud focuses on ownership and control of infrastructure but does not inherently speed up deployment processes compared to serverless.D) Incorrect — Virtual machines involve provisioning and managing runtime environments, which can increase deployment time and maintenance costs versus serverless.
A security administrator is performing an audit on a stand-alone UNIX server, and the following message is immediately displayed:(Error 13): /etc/shadow: Permission denied.Which of the following best describes the type of tool that is being used?
Answer(s): D
Option D is correct because a password cracker attempts to read /etc/shadow to crack password hashes, and “Permission denied” on /etc/shadow indicates restricted access typical of password-cracking activities on UNIX. A) Pass-the-hash monitor is used to reuse captured hashes for authentication, not to access /etc/shadow directly. B) File integrity monitor checks for unauthorized changes to files, not for attempting password cracking. C) Forensic analysis is broad but does not specifically imply active credential cracking; it’s an investigative, not a live cracking tool. Correct — D. Incorrect — A, B, C.
A security administrator needs to create firewall rules for the following protocols: RTP, SIP, H.323. and SRTP.Which of the following does this rule set support?
Answer(s): B
Option B is correct because RTP, SIP, H.323, and SRTP are protocols commonly used in Voice over IP (VoIP) communications; firewall rules targeting these protocols support VoIP traffic. Incorrect — A (RTOS) refers to real-time operating systems, not related to these network protocols. Incorrect — C (SoC) stands for System on Chip, unrelated to protocol filtering. Incorrect — D (HVAC) is heating, ventilation, and air conditioning infrastructure and not a networking protocol family.
Which of the following best describes a social engineering attack that uses a targeted electronic messaging campaign aimed at a Chief Executive Officer?
Option A is correct because whaling specifically targets high-profile individuals like a Chief Executive Officer using tailored electronic messaging to steal credentials or information. A) Correct — Whaling is a targeted phishing (social engineering) aimed at executives. B) Incorrect — Spear phishing is targeted at individuals or roles but not necessarily the CEO; whaling is the CEO-specific subset. C) Incorrect — Impersonation involves pretending to be someone else but not necessarily the messaging campaign aimed at a CEO. D) Incorrect — Identity fraud involves stealing someone's identity generally, not the targeted executive phishing campaign.
During a penetration test, a flaw in the internal PKI was exploited to gain domain administrator rights using specially crafted certificates. Which of the following remediation tasks should be completed as part of the cleanup phase?
Option B is correct because patching the CA addresses internal PKI vulnerabilities exploited by forged certificates, removing trust issues and preventing repeat compromises. A) Updating the CRL alone may help revoke certificates but does not fix underlying CA weaknesses exploited. C) Changing passwords is a general control, not addressing PKI/domain admin compromise via certificates. D) Implementing SOAR relates to incident response automation but does not remediate CA core weaknesses. Therefore patching the CA mitigates the root cause of the PKI exploit and hardens PKI trust infrastructure.
Share your comments for CompTIA SY0-701 exam with other users:
please upload
great question with explanation thanks!!
does this exam have lab sections?
please upload the braindump for .net
i need this exam 1z0-1107-2. please.
very useful!
for this question - "which three type of basic patient or member information is displayed on the patient info component? (choose three.)", list of conditions is not displayed (it is displayed in patient card, not patient info). so should be thumbnail of chatter photo
q52 should be d. vm storage controller bandwidth represents the amount of data (in terms of bandwidth) that a vms storage controller is using to read and write data to the storage fabric.
nice questions
very useful
question # 208: failure logs is not an example of operational metadata.
good questions
thank you for the test materials!
its very helpful
good questons
i need the dumb of the hcip security v4.0 exam
upload the dump please
yes, iam looking this
please upload cima e2 managing performance dumps
wonderful questions
i used this site since 2000, still great to support my career
why is the answer to "which of the following is required by scrum?" all of the following stated below since most of them are not mandatory? sprint retrospective. members must be stand up at the daily scrum. sprint burndown chart. release planning.
great job. hope this helps out.
upload please. many thanks!
this is so interesting
great material thanks
anyone who wrote this exam recently
ok they re good
relevant questions
please post
q:42 there has to be a image in the question to choose what does it mean from the options
looking for cphq dumps, where can i find these for free? please and thank you.