Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

CompTIA SY0-701 - CompTIA Security+ Exam 2026

Page: 3 / 14
Total 887 questions

The marketing department set up its own project management software without telling the appropriate departments. Which of the following describes this scenario?

A.

Shadow IT

B.

Insider threat

C.

Data exfiltration

D.

Service disruption

Which of the following threat actors would most likely deface the website of a high-profile music group?

A.

Unskilled attacker

B.

Organized crime

C.

Nation-state

D.

Insider threat

Employees located off-site must have access to company resources in order to complete their assigned tasks These employees utilize a solution that allows remote access without interception concerns. Which of the following best describes this solution?

A.

Proxy server

B.

NGFW

C.

VPN

D.

Security zone

During a SQL update of a database, a temporary field that was created was replaced by an attacker in order to allow access to the system. Which of the following best describes this type of vulnerability?

A.

Race condition

B.

Memory injection

C.

Malicious update

D.

Side loading

A company suffered a critical incident where 30GB of data was exfiltrated from the corporate network. Which of the following actions is the most efficient way to identify where the system data was exfiltrated from and where it was sent?

A.

Analyze firewall and network logs for large amounts of outbound traffic to external IP addresses or domains.

B.

Analyze IPS and IDS logs to find the IP addresses used by the attacker for reconnaissance scans.

C.

Analyze endpoint and application logs to see whether file-sharing programs were running.

D.

Analyze external vulnerability scans to identify exploitable systems.

Which of the following best describes the practice of researching laws and regulations related to information security operations within a specific industry?

A.

Compliance reporting

B.

GDPR

C.

Due diligence

D.

Attestation

After a recent ransomware attack on a company ' s system, an administrator reviewed the log files. Which of the following control types did the administrator use?

A.

Compensating

B.

Detective

C.

Preventive

D.

Corrective

A company is experiencing issues with employees leaving the company for a competitor and taking customer contact information with them. Which of the following tools will help prevent this from reoccurring?

A.

FIM

B.

NAC

C.

IDS

D.

UBA

A business is expanding to a new country and must protect customers from accidental disclosure of specific national identity information. Which of the following should the security engineer update to best meet business requirements?

A.

SIEM

B.

SCAP

C.

DLP

D.

WAF

An IT security team is concerned about the confidentiality of documents left unattended in MFPs. Which of the following should the security team do to mitigate the situation?

A.

Educate users about the importance of paper shredder devices.

B.

Deploy an authentication factor that requires ln-person action before printing.

C.

Install a software client m every computer authorized to use the MFPs.

D.

Update the management software to utilize encryption.

Which of the following control types describes an alert from a SIEM tool?

A.

Preventive

B.

Corrective

C.

Compensating

D.

Detective

A company wants to ensure secure remote access to its internal network. The company has only one public IP and would like to avoid making any changes to the current network setup. Which of the following solutions would best accomplish this goal?

A.

PAT

B.

IPSec VPN

C.

Perimeter network

D.

Reverse proxy

Which of the following is a possible consequence of a VM escape?

A.

Malicious instructions can be inserted into memory and give the attacker elevated permissions.

B.

An attacker can access the hypervisor and compromise other VMs.

C.

Unencrypted data can be read by a user in a separate environment.

D.

Users can install software that is not on the manufacturer ' s approved list.

Which of the following concepts protects sensitive information from unauthorized disclosure?

A.

Integrity

B.

Availability

C.

Authentication

D.

Confidentiality

A security analyst sees an increase of vulnerabilities on workstations after a deployment of a company group policy. Which of the following vulnerability types will the analyst most likely find on the workstations?

A.

Misconfiguration

B.

Zero-day

C.

Malicious update

D.

Supply chain

A business received a small grant to migrate its infrastructure to an off-premises solution. Which of the following should be considered first?

A.

Security of cloud providers

B.

Cost of implementation

C.

Ability of engineers

D.

Security of architecture

An administrator is installing an SSL certificate on a new system. During testing, errors indicate that the certificate is not trusted. The administrator has verified with the issuing CA and has validated the private key. Which of the following should the administrator check for next?

A.

If the wildcard certificate is configured

B.

If the certificate signing request is valid

C.

If the root certificate is installed

D.

If the public key is configured

Which of the following security controls is a company implementing by deploying HIPS? (Select two)

A.

Directive

B.

Preventive

C.

Physical

D.

Corrective

E.

Compensating

F.

Detective

Which of the following best describes a method for ongoing vendor monitoring in third-party risk management?

A.

Requiring a new MSA for each project

B.

Accepting vendor self-attestation without further verification

C.

Conducting assessments to verify compliance with security requirements

D.

Reviewing SLAs at the start of the contract

An employee used a company ' s billing system to issue fraudulent checks. The administrator is looking for evidence of other occurrences of this activity. Which of the following should the administrator examine?

A.

Application logs

B.

Vulnerability scanner logs

C.

IDS/IPS logs

D.

Firewall logs