Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

CompTIA SY0-701 - CompTIA Security+ Exam 2026

Page: 2 / 14
Total 887 questions

While a user reviews their email, a host gets infected by malware from an external hard drive plugged into the host. The malware steals all the user ' s credentials stored in the browser. Which of the following training topics should the user review to prevent this situation from reoccurring?

A.

Operational security

B.

Removable media and cables

C.

Password management

D.

Social engineering

A security engineer is working to address the growing risks that shadow IT services are introducing to the organization. The organization has taken a cloud-first approach end does not have an on-premises IT infrastructure. Which of the following would best secure the organization?

A.

Upgrading to a next-generation firewall

B.

Deploying an appropriate in-line CASB solution

C.

Conducting user training on software policies

D.

Configuring double key encryption in SaaS platforms

Which of the following is a benefit of launching a bug bounty program? (Select two)

A.

Transference of risk to a third party

B.

Reduction in the number of zero-day vulnerabilities

C.

Increased security awareness for the workforce

D.

Reduced cost of managing the program

E.

Quicker discovery of vulnerabilities

F.

Improved patch management process

A security team purchases a tool for cloud security posture management. The team is quickly overwhelmed by the number of misconfigurations that the tool detects. Which of the following should the security team configure to establish workflows for cloud resource security?

A.

CASB

B.

IAM

C.

SOAR

D.

XDR

At the start of a penetration test, the tester checks OSINT resources for information about the client environment. Which of the following types of reconnaissance is the tester performing?

A.

Active

B.

Passive

C.

Offensive

D.

Defensive

An organization issued new laptops to all employees and wants to provide web filtering both in and out of the office without configuring additional access to the network. Which of the following types of web filtering should a systems administrator configure?

A.

Agent-based

B.

Centralized proxy

C.

URL scanning

D.

Content categorization

Which of the following are the best for hardening end-user devices? (Selecttwo)

A.

Full disk encryption

B.

Group-level permissions

C.

Account lockout

D.

Endpoint protection

E.

Proxy server

F.

Segmentation

A new security regulation was announced that will take effect in the coming year. A company must comply with it to remain in business. Which of the following activities should the company perform next?

A.

Gap analysis

B.

Policy review

C.

Security procedure evaluation

D.

Threat scope reduction

An IT manager is increasing the security capabilities of an organization after a data classification initiative determined that sensitive data could be exfiltrated from the environment. Which of the following solutions would mitigate the risk?

A.

XDR

B.

SPF

C.

DLP

D.

DMARC

An organization would like to store customer data on a separate part of the network that is not accessible to users on the main corporate network. Which of the following should the administrator use to accomplish this goal?

A.

Segmentation

B.

Isolation

C.

Patching

D.

Encryption

A systems administrator notices that one of the systems critical for processing customer transactions is running an end-of-life operating system. Which of the following techniques would increase enterprise security?

A.

Installing HIDS on the system

B.

Placing the system in an isolated VLAN

C.

Decommissioning the system

D.

Encrypting the system ' s hard drive

A company wants to reduce the time and expense associated with code deployment. Which of the following technologies should the company utilize?

A.

Serverless architecture

B.

Thin clients

C.

Private cloud

D.

Virtual machines

Which of the following activities is the first stage in the incident response process?

A.

Detection

B.

Declaration

C.

Containment

D.

Vacation

Which of the following is a reason environmental variables are a concern when reviewing potential system vulnerabilities?

A.

The contents of environmental variables could affect the scope and impact of an exploited vulnerability.

B.

In-memory environmental variable values can be overwritten and used by attackers to insert malicious code.

C.

Environmental variables define cryptographic standards for the system and could create vulnerabilities if deprecated algorithms are used.

D.

Environmental variables will determine when updates are run and could mitigate the likelihood of vulnerability exploitation.

Which of the following is the best way to remove personal data from a social media account that is no longer being used?

A.

Exercise the right to be forgotten

B.

Uninstall the social media application

C.

Perform a factory reset

D.

Terminate the social media account

Which of the following describes effective change management procedures?

A.

Approving the change after a successful deployment

B.

Having a backout plan when a patch fails

C.

Using a spreadsheet for tracking changes

D.

Using an automatic change control bypass for security updates

Which of the following would most likely be used by attackers to perform credential harvesting?

A.

Social engineering

B.

Supply chain compromise

C.

Third-party software

D.

Rainbow table

A certificate authority needs to post information about expired certificates. Which of the following would accomplish this task?

A.

TPM

B.

CRL

C.

PKI

D.

CSR

A marketing team launches a new AI solution that trains on sensitive customer data to help provide recommendations on its next possible marketing campaign. This team requires granular access to the tool for different levels of sensitive data. Which of the following should a systems administrator prioritize when provisioning access?

A.

Emergency access

B.

Least-privilege accounts

C.

Just-in-time (JIT) access

D.

Group managed service accounts

A wireless administrator sets up a new network in a small office using a password. The network must reduce the impact of brute-force attacks if the password is subjected to over-the-air interception. Which of the following security settings will help achieve this goal?

A.

WIPS

B.

SSO

C.

WPS

D.

SAE