Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

CompTIA SY0-701 - CompTIA Security+ Exam 2026

Page: 7 / 14
Total 887 questions

Which of the following best describes the concept of information being stored outside of its country of origin while still being subject to the laws and requirements of the country of origin?

A.

Data sovereignty

B.

Geolocation

C.

Intellectual property

D.

Geographic restrictions

A systems administrator is redesigning now devices will perform network authentication. The following requirements need to be met:

• An existing Internal certificate must be used.

• Wired and wireless networks must be supported

• Any unapproved device should be Isolated in a quarantine subnet

• Approved devices should be updated before accessing resources

Which of the following would best meet the requirements?

A.

802.IX

B.

EAP

C.

RADIUS

D.

WPA2

An engineer has ensured that the switches are using the latest OS, the servers have the latest patches, and the endpoints ' definitions are up to date. Which of the following will these actions most effectively prevent?

A.

Zero-day attacks

B.

Insider threats

C.

End-of-life support

D.

Known exploits

Which of the following is a compensating control for providing user access to a high-risk website?

A.

Enabling threat prevention features on the firewall

B.

Configuring a SIEM tool to capture all web traffic

C.

Setting firewall rules to allow traffic from any port to that destination

D.

Blocking that website on the endpoint protection software

Which of the following describes the process of concealing code or text inside a graphical image?

A.

Symmetric encryption

B.

Hashing

C.

Data masking

D.

Steganography

Which of the following security measures is required when using a cloud-based platform for loT management?

A.

Encrypted connection

B.

Federated identity

C.

Firewall

D.

Single sign-on

Which of the following control types involves restricting IP connectivity to a router ' s web management interface to protect it from being exploited by a vulnerability?

A.

Corrective

B.

Physical

C.

Preventive

D.

Managerial

The analyst wants to move data from production to the UAT server for testing the latest release. Which of the following strategies to protect data should the analyst use?

A.

Data masking

B.

Data tokenization

C.

Data obfuscation

D.

Data encryption

Which of the following security controls are a company implementing by deploying HIPS? (Select two).

A.

Directive

B.

Preventive

C.

Physical

D.

Corrective

E.

Compensating

F.

Detective

An administrator is creating a secure method for a contractor to access a test environment. Which of the following would provide the contractor with the best access to the test environment?

A.

Application server

B.

Jump server

C.

RDP server

D.

Proxy server

Which of the following is the most common data loss path for an air-gapped network?

A.

Bastion host

B.

Unsecured Bluetooth

C.

Unpatched OS

D.

Removable devices

Which of the following is a reason an organization should use different CSPs for a critical financial application?

A.

Application overhead can be better load balanced across multiple providers.

B.

Platform diversity reduces the likelihood of losing access to resources.

C.

Parallel processing allows continued operations while deploying time-critical security updates.

D.

Selection of a hot site minimizes downtime and helps the organization meet its RTO.

Which of the following techniques can be used to sanitize the data contained on a hard drive while allowing for the hard drive to be repurposed?

A.

Degaussing

B.

Drive shredder

C.

Retention platform

D.

Wipe tool

A security administrator would like to protect data on employees’ laptops. Which of the following encryption techniques should the security administrator use?

A.

Partition

B.

Asymmetric

C.

Full disk

D.

Database

An administrator investigating an incident is concerned about the downtime of a critical server due to a failed drive. Which of the following would the administrator use to estimate the time needed to fix the issue?

A.

MTTR

B.

MTBF

C.

RTO

D.

RPO

Employees in the research and development business unit receive extensive training to ensure they understand how to best protect company data. Which of the following is the type of data these employees are most likely to use in day-to-day work activities?

A.

Encrypted

B.

Intellectual property

C.

Critical

D.

Data in transit

A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?

A.

Accept

B.

Transfer

C.

Mitigate

D.

Avoid

Which of the following is the most likely benefit of conducting an internal audit?

A.

Findings are reported to shareholders.

B.

Reports are not formal and can be reassigned.

C.

Control gaps are identified for remediation.

D.

The need for external audits is eliminated.

A security company informs its customers of a new vulnerability that affects web applications. The vulnerability does not have an available patch at the moment. Which of the following best describes this vulnerability?

A.

Zero-day

B.

XSS

C.

SQLi

D.

Buffer overflow

Executives at a company are concerned about employees accessing systems and information about sensitive company projects unrelated to the employees ' normal job duties. Which of the following enterprise security capabilities will the security team most likely deploy to detect that activity?

A.

UBA

B.

EDR

C.

NAC

D.

DLP