CompTIA SY0-701 - CompTIA Security+ Exam 2026
The marketing department set up its own project management software without telling the appropriate departments. Which of the following describes this scenario?
Which of the following threat actors would most likely deface the website of a high-profile music group?
Employees located off-site must have access to company resources in order to complete their assigned tasks These employees utilize a solution that allows remote access without interception concerns. Which of the following best describes this solution?
During a SQL update of a database, a temporary field that was created was replaced by an attacker in order to allow access to the system. Which of the following best describes this type of vulnerability?
A company suffered a critical incident where 30GB of data was exfiltrated from the corporate network. Which of the following actions is the most efficient way to identify where the system data was exfiltrated from and where it was sent?
Which of the following best describes the practice of researching laws and regulations related to information security operations within a specific industry?
After a recent ransomware attack on a company ' s system, an administrator reviewed the log files. Which of the following control types did the administrator use?
A company is experiencing issues with employees leaving the company for a competitor and taking customer contact information with them. Which of the following tools will help prevent this from reoccurring?
A business is expanding to a new country and must protect customers from accidental disclosure of specific national identity information. Which of the following should the security engineer update to best meet business requirements?
An IT security team is concerned about the confidentiality of documents left unattended in MFPs. Which of the following should the security team do to mitigate the situation?
Which of the following control types describes an alert from a SIEM tool?
A company wants to ensure secure remote access to its internal network. The company has only one public IP and would like to avoid making any changes to the current network setup. Which of the following solutions would best accomplish this goal?
Which of the following is a possible consequence of a VM escape?
Which of the following concepts protects sensitive information from unauthorized disclosure?
A security analyst sees an increase of vulnerabilities on workstations after a deployment of a company group policy. Which of the following vulnerability types will the analyst most likely find on the workstations?
A business received a small grant to migrate its infrastructure to an off-premises solution. Which of the following should be considered first?
An administrator is installing an SSL certificate on a new system. During testing, errors indicate that the certificate is not trusted. The administrator has verified with the issuing CA and has validated the private key. Which of the following should the administrator check for next?
Which of the following security controls is a company implementing by deploying HIPS? (Select two)
Which of the following best describes a method for ongoing vendor monitoring in third-party risk management?
An employee used a company ' s billing system to issue fraudulent checks. The administrator is looking for evidence of other occurrences of this activity. Which of the following should the administrator examine?
