Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. CompTIA
  3. SY0-701

CompTIA SY0-701 Exam (page: 9)
CompTIA Security+
Updated on: 31-Mar-2026

Viewing Page 9 of 91
SY0-701 PDF 757 Questions

A security administrator is working to find a cost-effective solution to implement certificates for a large number of domains and subdomains owned by the company.
Which of the following types of certificates should the administrator implement?

  1. Wildcard
  2. Client certificate
  3. Self-signed
  4. Code signing

Answer(s): A

Explanation:

A) A wildcard certificate is cost-effective for many domains and subdomains because it covers all current and future subdomains under a single base domain, reducing management and renewal workload.
B) Client certificates authenticate end-users or devices, not domains, and are not intended to cover multiple subdomains.
C) Self-signed certificates are not trusted by clients by default and do not scale well for a large number of domains, increasing trust and management issues.
D) Code signing certs validate software publishers, not web domains or subdomains, and do not secure TLS for multiple domains.



An auditor discovered multiple insecure ports on some servers. Other servers were found to have legacy protocols enabled.
Which of the following tools did the auditor use to discover these issues?

  1. Nessus
  2. curl
  3. Wireshark
  4. netcat

Answer(s): A

Explanation:

The auditor used a vulnerability scanner to identify insecure ports and legacy protocols, which aligns with Nessus’s capability to perform port and protocol discovery and vulnerability assessment.
A) Nessus - Correct: Vulnerability scanner that detects open ports, misconfigurations, and legacy service findings across hosts.
B) curl - Incorrect: Client-side tool for transferring data; does not enumerate ports or detect vulnerabilities.
C) Wireshark - Incorrect: Network analyzer that captures traffic; it can reveal protocols in use but not efficiently identify insecure ports or legacy services across many servers.
D) netcat - Incorrect: Utility for reading/writing data across network connections; can probe ports but not a comprehensive vulnerability assessment.


Reference:



A security analyst received a tip that sensitive proprietary information was leaked to the public. The analyst is reviewing the PCAP and notices traffic between an internal server and an external host that includes the following:

...
12:47:22.327233 PPPoE [ses 0x8122] IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto IPv6 (41), length 331) 10.5.1.1 > 52.165.16.154: IP6 (hlim E3, next- header TCP (6) paylcad length: 271) 2001:67c:2158:a019::ace.53104 > 2001:0:5ef5:79fd:380c:dddd:a601:24fa.13788: Flags [P.], cksum 0xd7ee (correct), seq 97:348, ack 102, win 16444, length 251
...

Which of the following was most likely used to exfiltrate the data?

  1. Encapsulation
  2. MAC address spoofing
  3. Steganography
  4. Broken encryption
  5. Sniffing via on-path position

Answer(s): A

Explanation:

The data exfiltration used encapsulation, as indicated by the PPPoE tunnel carrying IPv6 payloads between internal and external hosts, which is a classic encapsulation method to hide traffic inside another protocol and reach a remote destination.
A) Encapsulation
B) MAC address spoofing
C) Steganography
D) Broken encryption
E) Sniffing via on-path position
Note: MAC spoofing is unrelated to tunneling; steganography hides data inside other files, not network headers. Broken encryption implies plaintext exposure, not observed. Sniffing on-path would require the attacker to passively capture traffic, not conceal it via a tunnel. The PPPoE/IP6 encapsulated session suggests exfiltration through an encapsulated tunnel.



A company wants to reduce the time and expense associated with code deployment.
Which of the following technologies should the company utilize?

  1. Serverless architecture
  2. Thin clients
  3. Private cloud
  4. Virtual machines

Answer(s): A

Explanation:

A) Serverless architecture reduces deployment time and administrative overhead by abstracting server management and scaling automatically, leading to faster code delivery and lower operational costs.
B) Thin clients minimize endpoint hardware but do not directly impact deployment speed or code delivery processes.
C) Private cloud focuses on resource pooling and security within an organization, not specifically on deployment speed or expense reduction for code updates.
D) Virtual machines introduce OS provisioning and heavier maintenance, increasing deployment time and costs compared to serverless options.



A security administrator is performing an audit on a stand-alone UNIX server, and the following message is immediately displayed:

(Error 13): /etc/shadow: Permission denied.

Which of the following best describes the type of tool that is being used?

  1. Pass-the-hash monitor
  2. File integrity monitor
  3. Forensic analysis
  4. Password cracker

Answer(s): D

Explanation:

A) A password cracker is used to attempt to recover or crack password hashes, and a “Permission denied” reading of /etc/shadow during an audit indicates an attempt to access password data, which aligns with password-cracking activity on a UNIX system.
B) File integrity monitor verifies unchanged files or detects tampering; it would not issue a direct password-hash access error in this context.
C) Forensic analysis is broader evidence gathering; the specific error points to an active credential-targeted attempt, not general data collection.
D) Pass-the-hash monitor detects credential abuse at login; not typically shown by a direct /etc/shadow access denial during an audit.



A security administrator needs to create firewall rules for the following protocols: RTP, SIP, H.323. and SRTP.
Which of the following does this rule set support?

  1. RTOS
  2. VoIP
  3. SoC
  4. HVAC

Answer(s): B

Explanation:

A VoIP rule set supports firewall controls for RTP, SIP, H.323, and SRTP, which are signaling and media protocols used in Voice over IP communications.
A) RTOS — Not related to VoIP traffic; RTOS refers to real-time operating systems, not network protocols.
B) VoIP — Correct; encompasses SIP, RTP, H.323, and SRTP traffic used for voice communication over IP.
C) SoC — System on a Chip; hardware architecture, not a protocol or traffic type.
D) HVAC — Heating, Ventilation, and Air Conditioning; unrelated to network firewall rules or VoIP traffic.



Which of the following best describes a social engineering attack that uses a targeted electronic messaging campaign aimed at a Chief Executive Officer?

  1. Whaling
  2. Spear phishing
  3. Impersonation
  4. Identity fraud

Answer(s): A

Explanation:

A) Whaling is a targeted form of phishing aimed at high-profile individuals such as a CEO, utilizing electronic messaging to exploit trust and access. B) Spear phishing targets specific individuals but not necessarily high-profile executives; whaling is a subset focused on executives. C) Impersonation refers to posing as someone else, but the term is broader and not specifically the executive-targeted messaging campaign. D) Identity fraud involves stealing someone’s identity, not specifically corporate executive-focused phishing.



During a penetration test, a flaw in the internal PKI was exploited to gain domain administrator rights using specially crafted certificates.
Which of the following remediation tasks should be completed as part of the cleanup phase?

  1. Updating the CRL
  2. Patching the CA
  3. Changing passwords
  4. Implementing SOAR

Answer(s): B

Explanation:

The correct remediation is to patch the CA to fix the flaw exploited via certificates and prevent further domain admin compromises.
A) Updating the CRL is insufficient because revocation lists do not fix the root CA vulnerability or certificate issuance flaws; they only indicate certs are no longer trusted.
B) Patching the CA addresses the underlying vulnerability in the PKI infrastructure, preventing similar certificate abuse.
C) Changing passwords protects accounts but does not remediate PKI weaknesses or compromised CA functionality.
D) Implementing SOAR relates to security orchestration and response automation, not directly to remediating CA PKI flaws.



Viewing Page 9 of 91



Share your comments for CompTIA SY0-701 exam with other users:

Moussa 12/12/2023 5:52:00 AM

intéressant
BURKINA FASO


Madan 6/22/2023 9:22:00 AM

thank you for making the interactive questions
Anonymous


Vavz 11/2/2023 6:51:00 AM

questions are accurate
Anonymous


Su 11/23/2023 4:34:00 AM

i need questions/dumps for this exam.
Anonymous


LuvSN 7/16/2023 11:19:00 AM

i need this exam, when will it be uploaded
ROMANIA


Mihai 7/19/2023 12:03:00 PM

i need the dumps !
Anonymous


Wafa 11/13/2023 3:06:00 AM

very helpful
Anonymous


Alokit 7/3/2023 2:13:00 PM

good source
Anonymous


Show-Stopper 7/27/2022 11:19:00 PM

my 3rd test and passed on first try. hats off to this brain dumps site.
UNITED STATES


Michelle 6/23/2023 4:06:00 AM

please upload it
Anonymous


Lele 11/20/2023 11:55:00 AM

does anybody know if are these real exam questions?
EUROPEAN UNION


Girish Jain 10/9/2023 12:01:00 PM

are these questions similar to actual questions in the exam? because they seem to be too easy
Anonymous


Phil 12/8/2022 11:16:00 PM

i have a lot of experience but what comes in the exam is totally different from the practical day to day tasks. so i thought i would rather rely on these brain dumps rather failing the exam.
GERMANY


BV 6/8/2023 4:35:00 AM

good questions
NETHERLANDS


krishna 12/19/2023 2:05:00 AM

valied exam dumps. they were very helpful and i got a pretty good score. i am very grateful for this service and exam questions
Anonymous


Pie 9/3/2023 4:56:00 AM

will it help?
INDIA


Lucio 10/6/2023 1:45:00 PM

very useful to verify knowledge before exam
POLAND


Ajay 5/17/2023 4:54:00 AM

good stuffs
Anonymous


TestPD1 8/10/2023 12:19:00 PM

question 17 : responses arent b and c ?
EUROPEAN UNION


Nhlanhla 12/13/2023 5:26:00 AM

just passed the exam on my first try using these dumps.
Anonymous


Rizwan 1/6/2024 2:18:00 AM

very helpful
INDIA


Yady 5/24/2023 10:40:00 PM

these questions look good.
SINGAPORE


Kettie 10/12/2023 1:18:00 AM

this is very helpful content
Anonymous


SB 7/21/2023 3:18:00 AM

please provide the dumps
UNITED STATES


David 8/2/2023 8:20:00 AM

it is amazing
Anonymous


User 8/3/2023 3:32:00 AM

quesion 178 about "a banking system that predicts whether a loan will be repaid is an example of the" the answer is classification. not regresion, you should fix it.
EUROPEAN UNION


quen 7/26/2023 10:39:00 AM

please upload apache spark dumps
Anonymous


Erineo 11/2/2023 5:34:00 PM

q14 is b&c to reduce you will switch off mail for every single alert and you will switch on daily digest to get a mail once per day, you might even skip the empty digest mail but i see this as a part of the daily digest adjustment
Anonymous


Paul 10/21/2023 8:25:00 AM

i think it is good question
Anonymous


Unknown 8/15/2023 5:09:00 AM

good for students who wish to give certification.
INDIA


Ch 11/20/2023 10:56:00 PM

is there a google drive link to the images? the links in questions are not working.
AUSTRALIA


Joey 5/16/2023 5:25:00 AM

very promising, looks great, so much wow!
Anonymous


alaska 10/24/2023 5:48:00 AM

i scored 87% on the az-204 exam. thanks! i always trust
GERMANY


nnn 7/9/2023 11:09:00 PM

good need more
Anonymous