CompTIA Security+ Certification - SY0-701 FREE EXAM DUMPS QUESTIONS & ANSWERS]

Question 1

An administrator needs to perform server hardening before deployment. Which of the following steps should the administrator take? (Select two).

A. Disable default accounts. B. Remove unnecessary services. C. Add the server to the asset inventory. D. Send server logs to the SIEM. E. Join the server to the corporate domain. F. Document default passwords.

Discussion 0

Correct Answer: A,B Vote an answer

Question 2

For which of the following reasons would a systems administrator leverage a 3DES hash from an installer file that is posted on a vendor ' s website?

A. To calculate the checksum of the file B. To validate the authenticity of the file C. To test the integrity of the file D. To activate the license for the file

Discussion 0

Correct Answer: C Vote an answer

Question 3

A security manager needs an automated solution that will take immediate action to protect an organization against inbound malicious traffic. Which of the following is the best solution?

A. IPS B. UEM C. WAF D. VPN

Discussion 0

Correct Answer: A Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 4

Which of the following describes the process of concealing code or text inside a graphical image?

A. Hashing B. Symmetric encryption C. Data masking D. Steganography

Discussion 0

Correct Answer: D Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 5

Which of the following best explains a core principle of a Zero Trust security model?

A. Access to resources is granted only after strict identity verification and continuous monitoring. B. Security policies require multifactor authentication for remote access to sensitive data. C. Devices connected to the internal network are automatically trusted after initial authentication. D. Network access is limited by role, and access controls are reviewed on a regular schedule.

Discussion 0

Correct Answer: A Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 6

Which of the following is the greatest advantage that network segmentation provides?

A. Security zones B. Configuration enforcement C. Enhanced endpoint protection D. Decreased resource utilization E. End-to-end encryption

Discussion 0

Correct Answer: A Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 7

A Chief Information Security Officer would like to conduct frequent, detailed reviews of systems and procedures to track compliance objectives. Which of the following is the best method to achieve this objective?

A. Penetration testing B. Internal auditing C. Third-party attestation D. Vulnerability scans

Discussion 0

Correct Answer: B Vote an answer

Question 8

Which of the following describes a situation where a user is authorized before being authenticated?

A. Tailgating B. Privilege escalation C. Race condition D. Impersonation

Discussion 0

Correct Answer: D Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 9

An employee from the accounting department logs in to a website. A desktop application automatically downloads on the employee ' s computer. Which of the following has occurred?

A. XSS B. Buffer overflow C. Watering hole D. Typosquatting

Discussion 0

Correct Answer: C Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 10

Which of the following is the most likely outcome if a large bank fails an internal PCI DSS compliance assessment?

A. Audit findings B. Fines C. Reputation damage D. Sanctions

Discussion 0

Correct Answer: B Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 11

When trying to access an internal website, an employee reports that a prompt displays, stating that the site is insecure. Which of the following certificate types is the site most likely using?

A. Self-signed B. Root of trust C. Wildcard D. Third-party

Discussion 0

Correct Answer: A Vote an answer

Question 12

During a recent company safety stand-down, the cyber-awareness team gave a presentation on the importance of cyber hygiene. One topic the team covered was best practices for printing centers. Which of the following describes an attack method that relates to printing centers?

A. Prepending B. Whaling C. Dumpster diving D. Credential harvesting

Discussion 0

Correct Answer: C Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 13

Which of the following is the most likely motivation for a hacktivist?

A. Philosophical beliefs B. Corporate espionage C. Financial gain D. Service disruption

Discussion 0

Correct Answer: A Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 14

Which of the following activities are associated with vulnerability management? (Select two).

A. Reporting B. Prioritization C. Tabletop exercise D. Exploiting E. Containment F. Correlation

Discussion 0

Correct Answer: A,B Vote an answer