Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

SY0-701Free trialFree trial

By comptia
Aug, 2025

Verified

25Q per page

Question 26

After a recent ransomware attack on a company's system, an administrator reviewed the log files. Which of the following control types did the administrator use?

  • A: Compensating
  • B: Detective
  • C: Preventive
  • D: Corrective

Question 27

Which of the following exercises should an organization use to improve its incident response process?

  • A: Tabletop
  • B: Replication
  • C: Failover
  • D: Recovery

Question 28

Which of the following best ensures minimal downtime and data loss for organizations with critical computing equipment located in earthquake-prone areas?

  • A: Generators and UPS
  • B: Off-site replication
  • C: Redundant cold sites
  • D: High availability networking

Question 29

A newly identified network access vulnerability has been found in the OS of legacy IoT devices. Which of the following would best mitigate this vulnerability quickly?

  • A: Insurance
  • B: Patching
  • C: Segmentation
  • D: Replacement

Question 30

After an audit, an administrator discovers all users have access to confidential data on a file server. Which of the following should the administrator use to restrict access to the data quickly?

  • A: Group Policy
  • B: Content filtering
  • C: Data loss prevention
  • D: Access control lists

Question 31

A client demands at least 99.99% uptime from a service provider's hosted security services. Which of the following documents includes the information the service provider should return to the client?

  • A: MOA
  • B: SOW
  • C: MOU
  • D: SLA

Question 32

A company is discarding a classified storage array and hires an outside vendor to complete the disposal. Which of the following should the company request from the vendor?

  • A: Certification
  • B: Inventory list
  • C: Classification
  • D: Proof of ownership

Question 33

A company is planning a disaster recovery site and needs to ensure that a single natural disaster would not result in the complete loss of regulated backup data. Which of the following should the company consider?

  • A: Geographic dispersion
  • B: Platform diversity
  • C: Hot site
  • D: Load balancing

Question 34

Which of the following provides the details about the terms of a test with a third-party penetration tester?

  • A: Rules of engagement
  • B: Supply chain analysis
  • C: Right to audit clause
  • D: Due diligence

Question 35

A security analyst locates a potentially malicious video file on a server and needs to identify both the creation date and the file's creator. Which of the following actions would most likely give the security analyst the information required?

  • A: Obtain the file's SHA-256 hash.
  • B: Use hexdump on the file's contents.
  • C: Check endpoint logs.
  • D: Query the file's metadata.

Question 36

Which of the following teams combines both offensive and defensive testing techniques to protect an organization's critical systems?

  • A: Red
  • B: Blue
  • C: Purple
  • D: Yellow

Question 37

A small business uses kiosks on the sales floor to display product information for customers. A security team discovers the kiosks use end-of-life operating systems. Which of the following is the security team most likely to document as a security implication of the current architecture?

  • A: Patch availability
  • B: Product software compatibility
  • C: Ease of recovery
  • D: Cost of replacement

Question 38

Which of the following would help ensure a security analyst is able to accurately measure the overall risk to an organization when a new vulnerability is disclosed?

  • A: A full inventory of all hardware and software
  • B: Documentation of system classifications
  • C: A list of system owners and their departments
  • D: Third-party risk assessment documentation

Question 39

Which of the following best practices gives administrators a set period to perform changes to an operational system to ensure availability and minimize business impacts?

  • A: Impact analysis
  • B: Scheduled downtime
  • C: Backout plan
  • D: Change management boards

Question 40

A company must ensure sensitive data at rest is rendered unreadable. Which of the following will the company most likely use?

  • A: Hashing
  • B: Tokenization
  • C: Encryption
  • D: Segmentation

Question 41

A legacy device is being decommissioned and is no longer receiving updates or patches. Which of the following describes this scenario?

  • A: End of business
  • B: End of testing
  • C: End of support
  • D: End of life

Question 42

A bank insists all of its vendors must prevent data loss on stolen laptops. Which of the following strategies is the bank requiring?

  • A: Encryption at rest
  • B: Masking
  • C: Data classification
  • D: Permission restrictions

Question 43

A company's end users are reporting that they are unable to reach external websites. After reviewing the performance data for the DNS severs, the analyst discovers that the CPU, disk, and memory usage are minimal, but the network interface is flooded with inbound traffic. Network logs show only a small number of DNS queries sent to this server. Which of the following best describes what the security analyst is seeing?

  • A: Concurrent session usage
  • B: Secure DNS cryptographic downgrade
  • C: On-path resource consumption
  • D: Reflected denial of service

Question 44

A systems administrator wants to prevent users from being able to access data based on their responsibilities. The administrator also wants to apply the required access structure via a simplified format. Which of the following should the administrator apply to the site recovery resource group?

  • A: RBAC
  • B: ACL
  • C: SAML
  • D: GPO

Question 45

A penetration tester begins an engagement by performing port and service scans against the client environment according to the rules of engagement. Which of the following reconnaissance types is the tester performing?

  • A: Active
  • B: Passive
  • C: Defensive
  • D: Offensive

Question 46

During the onboarding process, an employee needs to create a password for an intranet account. The password must include ten characters, numbers, and letters, and two special characters. Once the password is created, the company will grant the employee access to other company-owned websites based on the intranet profile. Which of the following access management concepts is the company most likely using to safeguard intranet accounts and grant access to multiple sites based on a user's intranet account? (Choose two.)

  • A: Federation
  • B: Identity proofing
  • C: Password complexity
  • D: Default password changes
  • E: Password manager
  • F: Open authentication

Question 47

Which of the following describes a security alerting and monitoring tool that collects system, application, and network logs from multiple sources in a centralized system?

  • A: SIEM
  • B: DLP
  • C: IDS
  • D: SNMP

Question 48

A network manager wants to protect the company's VPN by implementing multifactor authentication that uses:

Something you know -

Something you have -

Something you are -
Which of the following would accomplish the manager's goal?

  • A: Domain name, PKI, GeoIP lookup
  • B: VPN IP address, company ID, facial structure
  • C: Password, authentication token, thumbprint
  • D: Company URL, TLS certificate, home address

Question 49

Which of the following would be the best way to handle a critical business application that is running on a legacy server?

  • A: Segmentation
  • B: Isolation
  • C: Hardening
  • D: Decommissioning

Question 50

Which of the following vulnerabilities is exploited when an attacker overwrites a register with a malicious address?

  • A: VM escape
  • B: SQL injection
  • C: Buffer overflow
  • D: Race condition
Page 2 of 25 • Questions 26-50 of 609
12345

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!