SY0-701 Actual Exam Questions

Last updated on Dec. 5, 2024.
Vendor:CompTIA
Exam Code:SY0-701
Exam Name:CompTIA Security+ 2023
Exam Questions:509
 

Topic 1 - Exam A

Question #1 Topic 1

Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?

  • A. Hacktivist
  • B. Whistleblower
  • C. Organized crime
  • D. Unskilled attacker
Reveal Solution Hide Solution   Discussion   12

Correct Answer: C 🗳️

Question #2 Topic 1

Which of the following is used to add extra complexity before using a one-way data transformation algorithm?

  • A. Key stretching
  • B. Data masking
  • C. Steganography
  • D. Salting
Reveal Solution Hide Solution   Discussion   12

Correct Answer: D 🗳️

Question #3 Topic 1

An employee clicked a link in an email from a payment website that asked the employee to update contact information. The employee entered the log-in information but received a “page not found” error message. Which of the following types of social engineering attacks occurred?

  • A. Brand impersonation
  • B. Pretexting
  • C. Typosquatting
  • D. Phishing
Reveal Solution Hide Solution   Discussion   10

Correct Answer: D 🗳️

Question #4 Topic 1

An enterprise is trying to limit outbound DNS traffic originating from its internal network. Outbound DNS requests will only be allowed from one device with the IP address 10.50.10.25. Which of the following firewall ACLs will accomplish this goal?

  • A. Access list outbound permit 0.0.0.0/0 0.0.0.0/0 port 53
    Access list outbound deny 10.50.10.25/32 0.0.0.0/0 port 53
  • B. Access list outbound permit 0.0.0.0/0 10.50.10.25/32 port 53
    Access list outbound deny 0.0.0.0/0 0.0.0.0/0 port 53
  • C. Access list outbound permit 0.0.0.0/0 0.0.0.0/0 port 53
    Access list outbound deny 0.0.0.0/0 10.50.10.25/32 port 53
  • D. Access list outbound permit 10.50.10.25/32 0.0.0.0/0 port 53
    Access list outbound deny 0.0.0.0/0 0.0.0.0/0 port 53
Reveal Solution Hide Solution   Discussion   26

Correct Answer: D 🗳️

Question #5 Topic 1

A data administrator is configuring authentication for a SaaS application and would like to reduce the number of credentials employees need to maintain. The company prefers to use domain credentials to access new SaaS applications. Which of the following methods would allow this functionality?

  • A. SSO
  • B. LEAP
  • C. MFA
  • D. PEAP
Reveal Solution Hide Solution   Discussion   12

Correct Answer: A 🗳️

Question #6 Topic 1

Which of the following scenarios describes a possible business email compromise attack?

  • A. An employee receives a gift card request in an email that has an executive’s name in the display field of the email.
  • B. Employees who open an email attachment receive messages demanding payment in order to access files.
  • C. A service desk employee receives an email from the HR director asking for log-in credentials to a cloud administrator account.
  • D. An employee receives an email with a link to a phishing site that is designed to look like the company’s email portal.
Reveal Solution Hide Solution   Discussion   47

Correct Answer: C 🗳️

Question #7 Topic 1

A company prevented direct access from the database administrators’ workstations to the network segment that contains database servers. Which of the following should a database administrator use to access the database servers?

  • A. Jump server
  • B. RADIUS
  • C. HSM
  • D. Load balancer
Reveal Solution Hide Solution   Discussion   11

Correct Answer: A 🗳️

Question #8 Topic 1

An organization’s internet-facing website was compromised when an attacker exploited a buffer overflow. Which of the following should the organization deploy to best protect against similar attacks in the future?

  • A. NGFW
  • B. WAF
  • C. TLS
  • D. SD-WAN
Reveal Solution Hide Solution   Discussion   10

Correct Answer: B 🗳️

Question #9 Topic 1

An administrator notices that several users are logging in from suspicious IP addresses. After speaking with the users, the administrator determines that the employees were not logging in from those IP addresses and resets the affected users’ passwords. Which of the following should the administrator implement to prevent this type of attack from succeeding in the future?

  • A. Multifactor authentication
  • B. Permissions assignment
  • C. Access management
  • D. Password complexity
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Question #10 Topic 1

An employee receives a text message that appears to have been sent by the payroll department and is asking for credential verification. Which of the following social engineering techniques are being attempted? (Choose two.)

  • A. Typosquatting
  • B. Phishing
  • C. Impersonation
  • D. Vishing
  • E. Smishing
  • F. Misinformation
Reveal Solution Hide Solution   Discussion   17

Correct Answer: CE 🗳️

file Viewing page 1 out of 51 pages.
Viewing questions 1-10 out of 509 questions
Next Questions
Browse atleast 50% to increase passing rate cup
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago