Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

CompTIA SY0-701 - CompTIA Security+ Exam 2026

Page: 6 / 14
Total 887 questions

A company implemented an MDM policy 10 mitigate risks after repealed instances of employees losing company-provided mobile phones. In several cases. The lost phones were used maliciously to perform social engineering attacks against other employees. Which of the following MDM features should be configured to best address this issue? (Select two).

A.

Screen locks

B.

Remote wipe

C.

Full device encryption

D.

Push notifications

E.

Application management

F.

Geolocation

A user downloads a patch from an unknown repository… FIM alerts indicate OS file hashes have changed. Which attack most likely occurred?

A.

Logic bomb

B.

Keylogger

C.

Ransomware

D.

Rootkit

A company processes personal data from customers in multiple countries. Which of the following actions is most critical for maintaining legal compliance with global privacy regulations?

A.

Storing all customer data on encrypted local servers

B.

Hiring a data privacy officer to review contracts

C.

Ensuring DPAs are in place with third-party vendors

D.

Using strong passwords and firewalls on all endpoints

The Chief Information Security Officer (CISO) has determined the company is non-compliant with local data privacy regulations. The CISO needs to justify the budget request for more resources. Which of the following should the CISO present to the board as the direct consequence of non-compliance?

A.

Fines

B.

Reputational damage

C.

Sanctions

D.

Contractual implications

Which of the following should a security team do first before a new web server goes live?

A.

Harden the virtual host.

B.

Create WAF rules.

C.

Enable network intrusion detection.

D.

Apply patch management

Which of the following actors attacking an organization is the most likely to be motivated by personal beliefs?

A.

Nation-state

B.

Organized crime

C.

Hacktvist

D.

Insider threat

Which of the following principles ensures data is only accessible to authorized users?

A.

Integrity

B.

Confidentiality

C.

Non-repudiation

D.

Availability

A company is using a legacy FTP server to transfer financial data to a third party. The legacy system does not support SFTP, so a compensating control is needed to protect the sensitive, financial data in transit. Which of the following would be the most appropriate for the company to use?

A.

Telnet connection

B.

SSH tunneling

C.

Patch installation

D.

Full disk encryption

A visitor plugs a laptop into a network jack in the lobby and is able to connect to the company ' s network. Which of the following should be configured on the existing network infrastructure to best prevent this activity?

A.

Port security

B.

Web application firewall

C.

Transport layer security

D.

Virtual private network

The Chief Information Security Officer wants to discuss options for a disaster recovery site that allows the business to resume operations as quickly as possible. Which of the following solutions meets this requirement?

A.

Hot site

B.

Cold site

C.

Geographic dispersion

D.

Warm site

A company has yearly engagements with a service provider. The general terms and conditions are the same for all engagements. The company wants to simplify the process and revisit the general terms every three years. Which of the following documents would provide the best way to set the general terms?

A.

MSA

B.

NDA

C.

MOU

D.

SLA

In order to strengthen a password and prevent a hacker from cracking it, a random string of 36 characters was added to the password. Which of the following best describes this technique?

A.

Key stretching

B.

Tokenization

C.

Data masking

D.

Salting

An administrator is estimating the cost associated with an attack that could result in the replacement of a physical server. Which of the following processes is the administrator performing?

A.

Quantitative risk analysis

B.

Disaster recovery test

C.

Physical security controls review

D.

Threat modeling

A newly identified network access vulnerability has been found in the OS of legacy loT devices. Which of the following would best mitigate this vulnerability quickly?

A.

Insurance

B.

Patching

C.

Segmentation

D.

Replacement

The Chief Information Security Officer wants to put security measures in place to protect PlI. The organization needs to use its existing labeling and classification system to accomplish this goal. Which of the following would most likely be configured to meet the requirements?

A.

Tokenization

B.

S/MIME

C.

DLP

D.

MFA

A network administrator wants to ensure that network traffic is highly secure while in transit. Which of the following actions best describes the actions the network administrator should take?

A.

Ensure that NAC is enforced on all network segments, and confirm that firewalls have updated policies to block unauthorized traffic.

B.

Ensure only TLS and other encrypted protocols are selected for use on the network, and only permit authorized traffic via secure protocols.

C.

Configure the perimeter IPS to block inbound HTTPS directory traversal traffic, and verify that signatures are updated on a daily basis.

D.

Ensure the EDR software monitors for unauthorized applications that could be used by threat actors, and configure alerts for the security team.

During the onboarding process, an employee needs to create a password for an intranet account. The password must include ten characters, numbers, and letters, and two special characters. Oncethe password is created, the company will grant the employee access to other company-owned websites based on the intranet profile. Which of the following access management concepts is the company most likely using to safeguard intranet accounts and grant access to multiple sites based on a user ' s intranet account? (Select two).

A.

Federation

B.

Identity proofing

C.

Password complexity

D.

Default password changes

E.

Password manager

F.

Open authentication

Which of the following activities would involve members of the incident response team and other stakeholders simul-ating an event?

A.

Lessons learned

B.

Digital forensics

C.

Tabletop exercise

D.

Root cause analysis

A security team created a document that details the order in which critical systems should be through back online after a major outage. Which of the following documents did the team create?

A.

Communication plan

B.

Incident response plan

C.

Data retention policy

D.

Disaster recovery plan

Which of the following would best allow a company to prevent access to systems from the Internet?

A.

Containerization

B.

Virtualization

C.

SD-WAN

D.

Air-gapped