Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

CompTIA SY0-701 - CompTIA Security+ Exam 2026

Page: 11 / 14
Total 887 questions

Which of the following best practices gives administrators a set period to perform changes to an operational system to ensure availability and minimize business impacts?

A.

Impact analysis

B.

Scheduled downtime

C.

Backout plan

D.

Change management boards

While investigating a recent security breach an analyst finds that an attacker gained access by SOL infection through a company website. Which of the following should the analyst recommend to the website developers to prevent this from reoccurring?

A.

Secure cookies

B.

Input sanitization

C.

Code signing

D.

Blocklist

After multiple phishing simulations, the Chief Security Officer announces a new program that incentivizes employees to not click phishing links in the upcoming quarter. Which of the following security awareness execution techniques does this represent?

A company wants to ensure that only authorized devices can enter an environment. Which of the following will the company most likely use to implement the control?

A.

Access lists

B.

Remote connection

C.

Screened subnets

D.

Centralized proxy

Which of the following alert types is the most likely to be ignored over time?

A.

True positive

B.

True negative

C.

False positive

D.

False negative

A security analyst is reviewing the following logs:

Which of the following attacks is most likely occurring?

A.

Password spraying

B.

Account forgery

C.

Pass-t he-hash

D.

Brute-force

A penetration test has demonstrated that domain administrator accounts were vulnerable to pass-the-hash attacks. Which of the following would have been the best strategy to prevent the threat actor from using domain administrator accounts?

A.

Audit each domain administrator account weekly for password compliance.

B.

Implement a privileged access management solution.

C.

Create IDS policies to monitor domain controller access.

D.

Use Group Policy to enforce password expiration.

A security analyst is creating the first draft of a network diagram for the company ' s new customer-facing payment application that will be hosted by a third-party cloud service

provider.

Which of the following security control types does an acceptable use policy best represent?

A.

Detective

B.

Compensating

C.

Corrective

D.

Preventive

Alerts from email protection systems and MSSPs must be entered into an IT service management system and assigned to the security team. Which of the following should an organization implement to enable this functionality?

A.

Automated compliance monitoring

B.

Automated ticket creation

C.

Automated vulnerability scans

D.

Automated indicator sharing

A vendor needs to remotely and securely transfer files from one server to another using the command line. Which of the following protocols should be Implemented to allow for this type of access? (Select two).

A.

SSH

B.

SNMP

C.

RDP

D.

S/MIME

E.

SMTP

F.

SFTP

Which of the following techniques would identify whether data has been modified in transit?

A.

Hashing

B.

Tokenization

C.

Masking

D.

Encryption

As part of new compliance audit requirements, multiple servers need to be segmented on different networks and should be reachable only from authorized internal systems. Which of the following would meet the requirements?

A.

Configure firewall rules to block external access to Internal resources.

B.

Set up a WAP to allow internal access from public networks.

C.

Implement a new IPSec tunnel from internal resources.

D.

Deploy an Internal Jump server to access resources.

An organization discovers that its cold site does not have enough storage and computers available. Which of the following was most likely the cause of this failure?

A.

Capacity planning

B.

Load balancing

C.

Backups

D.

Platform diversity

Which of the following automation use cases would best enhance the security posture of an organization by rapidly updating permissions when employees leave a company?

A.

Provisioning resources

B.

Disabling access

C.

Reviewing change approvals

D.

Escalating permission requests

Which of the following best describes the importance of implementing filesystem journaling?

A.

Replication to a secondary form of media reduces the risk of failure when the secondary media is remote.

B.

The recovery time always exceeds the RTO and RPO requirements during system downtime.

C.

A point-in-time backup provides faster data recovery if data on a disk is corrupted.

D.

A log of changes can enable recovery to a desired state after a failure.

Which of the following environments utilizes a subset of customer data and is most likely to be used to assess the impacts of major system upgrades and demonstrate system features?

A.

Development

B.

Test

C.

Production

D.

Staging

Which of the following is most likely associated with introducing vulnerabilities on a corporate network by the deployment of unapproved software?

A.

Hacktivists

B.

Script kiddies

C.

Competitors

D.

Shadow IT

A customer of a large company receives a phone call from someone claiming to work for the company and asking for the customer ' s credit card information. The customer sees the caller ID is the same as the company ' s main phone number. Which of the following attacks is the customer most likely a target of?

A.

Phishing

B.

Whaling

C.

Smishing

D.

Vishing

After reviewing the following vulnerability scanning report:

Server:192.168.14.6

Service: Telnet

Port: 23 Protocol: TCP

Status: Open Severity: High

Vulnerability: Use of an insecure network protocol

A security analyst performs the following test:

nmap -p 23 192.168.14.6 —script telnet-encryption

PORT STATE SERVICE REASON

23/tcp open telnet syn-ack

I telnet encryption:

| _ Telnet server supports encryption

Which of the following would the security analyst conclude for this reported vulnerability?

A.

It is a false positive.

B.

A rescan is required.

C.

It is considered noise.

D.

Compensating controls exist.