CompTIA SY0-701 - CompTIA Security+ Exam 2026
An organization is developing a security program that conveys the responsibilities associated with the general operation of systems and software within the organization. Which of the following documents would most likely communicate these expectations?
A security analyst collects IOCs from a cybersecurity bulletin. Which of the following should the analyst do next to assess if an environment is compromised?
Which of the following solutions would most likely be used in the financial industry to mask sensitive data?
Sine© a recent upgrade (o a WLAN infrastructure, several mobile users have been unable to access the internet from the lobby. The networking team performs a heat map survey of the building and finds several WAPs in the area. The WAPs are using similar frequencies with high power settings. Which of the following installation considerations should the security team evaluate next?
Which of the following would most likely prevent exploitation of an end-of-life, business-critical system?
In order to cut costs, a company decides to implement a bring-your-own-device policy. The security team wants a solution that will reduce risk to company data, especially in cases in which devices are lost or stolen. Which of the following tools is best to address this concern?
Which of the following is the best mitigation for a zero-day vulnerability found in mission-critical production servers that must be highly available?
Which of the following provides the details about the terms of a test with a third-party penetration tester?
A company is redesigning its infrastructure and wants to reduce the number of physical servers in use. Which of the following architectures is best suited for this goal?
A newly appointed board member with cybersecurity knowledge wants the board of directors to receive a quarterly report detailing the number of incidents that impacted the organization. The systems administrator is creating a way to present the data to the board of directors. Which of the following should the systems administrator use?
A company discovers suspicious transactions that were entered into the company ' s database and attached to a user account that was created as a trap for malicious activity. Which of the following is the user account an example of?
Which of the following would a security administrator use to comply with a secure baseline during a patch update?
A security team must help secure a company site after attackers defaced it. The site must be available to a wide range of countries over a secure protocol, but access from known malicious networks should be blocked. Which of the following will best secure the site?
Which of the following tools is best for logging and monitoring in a cloud environment?
An IT team rolls out a new management application that uses a randomly generated MFA token sent to the administrator’s phone. Despite this new MFA precaution, there is a security breach of the same software. Which of the following describes this kind of attack?
An unknown source has attacked an organization’s network multiple times. The organization has a firewall but no other source of protection against these attacks. Which of the following is the best security item to add?
A systems administrator needs to ensure the secure communication of sensitive data within the organization ' s private cloud. Which of the following is the best choice for the administrator to implement?
An accounting employee recently used software that was not approved by the company. Which of the following risks does this most likely represent?
Which of the following describes an executive team that is meeting in a board room and testing the company ' s incident response plan?
A vendor salesperson is a personal friend of a company’s Chief Financial Officer (CFO). The company recently made a large purchase from the vendor, which was directly approved by the CFO. Which of the following best describes this situation?
