Cert-Pass
Log in Sign up
CompTIA

Security+ SY0-701 Practice Questions

1100 exam-accurate questions with explanations

info

Free Sample Questions

Showing 10 of 1100 questions. Get full access to all questions, detailed explanations, and study materials.

1
Threats, Vulnerabilities, and Mitigations

While reviewing the clinical application at a media company, several public servers must remain reachable from the internet, but they should not have unrestricted access to internal databases. Which choice BEST explains the situation?

A Disable logging on the public servers
B Put all servers and databases on one flat VLAN
C Use the same administrator credentials on all hosts
D Place the public servers in a segmented DMZ with narrowly allowed flows check_circle
lightbulb

Explanation

The scenario points to Place the public servers in a segmented DMZ with narrowly allowed flows. The best wrong answer misses the requirement because a flat VLAN increases lateral-movement risk; segmentation limits the blast radius.

2
Security Operations

A security analyst working with a cloud consulting firm learns that the team restores a service after repeated compromise but has not identified how attackers regain access. Which answer best matches the scenario?

A Close the case because uptime returned
B Disable logging to reduce noise
C Rotate only one unrelated user password
D Perform root cause analysis and remediate the persistence mechanism check_circle
lightbulb

Explanation

Perform root cause analysis and remediate the persistence mechanism addresses the specific issue described. The best wrong answer misses the requirement because restoring availability without addressing persistence leaves the organization vulnerable to recurrence.

3
Threats, Vulnerabilities, and Mitigations

During an assessment of an online retailer, a consultant observes that a malicious document is suspected, and analysts need to observe behavior without risking production systems. What should the team implement?

A Open the document in an isolated sandbox check_circle
B Email it to more users for comparison
C Disable endpoint protection before testing
D Open it on an administrator workstation
lightbulb

Explanation

Open the document in an isolated sandbox is correct because it directly matches the requirement. The closest alternative is weaker because opening a suspicious file on an administrator workstation risks compromise; a sandbox isolates execution.

4
Threats, Vulnerabilities, and Mitigations

A security analyst supporting a managed service provider learns that a staff member deploys an unsanctioned file-sharing application to finish work faster, bypassing company review. An analyst is asked to recommend the most defensible next step. What is the best recommendation?

A Watering-hole attack
B Nation-state activity
C Cryptographic downgrade
D Shadow IT check_circle
lightbulb

Explanation

Shadow IT addresses the specific issue described. The competing option is less appropriate because shadow IT is the use of technology without organizational approval; it is not an external cryptographic attack.

5
General Security Concepts

At a construction contractor, a team needs to protect confidentiality while exchanging a symmetric session key with a remote party that has a trusted certificate. Which response is most appropriate?

A Encrypt the session key with the recipient public key check_circle
B Store the session key in a DNS TXT record
C Publish the session key hash as the key
D Encrypt the session key with the sender public key
lightbulb

Explanation

Encrypt the session key with the recipient public key is the best fit for the stated need. The best wrong answer misses the requirement because using the sender public key would not restrict decryption to the intended recipient.

6
Security Architecture

A security analyst working with a research laboratory learns that monitoring systems need authenticated and encrypted management polling for network devices. The organization wants the option that most directly addresses the stated requirement. Which choice BEST explains the situation?

A Use Telnet
B Use SNMPv3 check_circle
C Use SNMPv1 with a default community string
D Use unauthenticated syslog only
lightbulb

Explanation

The scenario points to Use SNMPv3. A tempting wrong answer fails because sNMPv1 community strings do not provide the authentication and encryption available in SNMPv3.

7
Threats, Vulnerabilities, and Mitigations

During an assessment of a construction contractor, a consultant observes that an attacker compromises a website frequently visited by a targeted group and adds malicious code to infect visitors. Which response is most appropriate?

A Credential stuffing
B Smishing
C Pass-the-hash
D Watering-hole attack check_circle
lightbulb

Explanation

Watering-hole attack is correct because it directly matches the requirement. The best wrong answer misses the requirement because smishing uses SMS lures; a watering-hole attack compromises a site the target group already visits.

8
Threats, Vulnerabilities, and Mitigations

At a managed service provider, researchers find two different inputs that produce the same hash output and exploit that weakness. The organization wants the option that most directly addresses the stated requirement. Which option most directly solves the problem?

A Session fixation
B Collision attack check_circle
C Downgrade attack
D Password spraying
lightbulb

Explanation

The scenario points to Collision attack. A tempting wrong answer fails because password spraying targets authentication; a collision attack targets hash uniqueness.

9
Security Program Management and Oversight

The administrator for the payment service reports that employees need step-by-step instructions for securely onboarding a new vendor account. An analyst is asked to recommend the most defensible next step. Which option best addresses the requirement?

A Use a network diagram with no instructions
B Create only a general policy
C Rely on memory
D Create a documented procedure check_circle
lightbulb

Explanation

The most direct answer is Create a documented procedure. The competing option is less appropriate because a policy states intent; a procedure supplies repeatable step-by-step actions.

10
Threats, Vulnerabilities, and Mitigations

An administrator responsible for the public website reports that a trusted software update server distributes a malicious package after the vendor build environment is compromised. Which answer best matches the scenario?

A Physical tailgating
B On-path attack
C Supply-chain attack check_circle
D SQL injection
lightbulb

Explanation

Supply-chain attack is the best fit for the stated need. The main distractor is not sufficient because an on-path attack intercepts communications; the compromise here enters through a trusted supplier process.

Get all 1100 questions

Full access includes all questions, detailed explanations, PDF downloads, and timed mock exams.