Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

SY0-701 by CompTIA - Page 1 | ExamCademy

Mode Selection

Question 1

Question 2

Question 3

After reviewing the following vulnerability scanning report:

Question 4

An organization disabled unneeded services and placed a firewall in front of a business-critical legacy system. Which of the following best describes the actions taken by the organization?

A Exception
B Segmentation
C Risk transfer
D Compensating controls

Question 5

A security consultant needs secure, remote access to a client environment. Which of the following should the security consultant most likely use to gain access?

A EAP
B DHCP
C IPSec
D NAT

Question 6

Which of the following should a systems administrator use to ensure an easy deployment of resources within the cloud provider?

A Software as a service
B Infrastructure as code
C Internet of Things
D Software-defined networking

Question 7

After a security awareness training session, a user called the IT help desk and reported a suspicious call. The suspicious caller stated that the Chief Financial Officer wanted credit card information in order to close an invoice. Which of the following topics did the user recognize from the training?

A Insider threat
B Email phishing
C Social engineering
D Executive whaling

Question 8

A security administrator is deploying a DLP solution to prevent the exfiltration of sensitive customer data. Which of the following should the administrator do first?

A Block access to cloud storage websites.
B Create a rule to block outgoing email attachments.
C Apply classifications to the data.
D Remove all user permissions from shares on the file server.

Question 9

An administrator assists the legal and compliance team with ensuring information about customer transactions is archived for the proper time period. Which of the following data policies is the administrator carrying out?

A Compromise
B Retention
C Analysis
D Transfer
E Inventory

Question 10

A company is working with a vendor to perform a penetration test. Which of the following includes an estimate about the number of hours required to complete the engagement?

A SOW
B BPA
C SLA
D NDA

Question 11

A Chief Information Security Officer (CISO) wants to explicitly raise awareness about the increase of ransomware-as-a-service in a report to the management team. Which of the following best describes the threat actor in the CISO’s report?

A Insider threat
B Hacktivist
C Nation-state
D Organized crime

Question 12

Several employees received a fraudulent text message from someone claiming to be the Chief Executive Officer (CEO). The message stated:
“I’m in an airport right now with no access to email. I need you to buy gift cards for employee recognition awards. Please send the gift cards to following email address.”
Which of the following are the best responses to this situation? (Choose two).

A Cancel current employee recognition gift cards.
B Add a smishing exercise to the annual company training.
C Issue a general email warning to the company.
D Have the CEO change phone numbers.
E Conduct a forensic investigation on the CEO’s phone.
F Implement mobile device management.

Question 13

Which of the following practices would be best to prevent an insider from introducing malicious code into a company's development process?

A Code scanning for vulnerabilities
B Open-source component usage
C Quality assurance testing
D Peer review and approval

Question 14

Which of the following can best protect against an employee inadvertently installing malware on a company system?

A Host-based firewall
B System isolation
C Least privilege
D Application allow list

Question 15

A company is adding a clause to its AUP that states employees are not allowed to modify the operating system on mobile devices. Which of the following vulnerabilities is the organization addressing?

A Cross-site scripting
B Buffer overflow
C Jailbreaking
D Side loading

Question 16

Which of the following would be the best ways to ensure only authorized personnel can access a secure facility? (Choose two.)

A Fencing
B Video surveillance
C Badge access
D Access control vestibule
E Sign-in sheet
F Sensor

Question 17

An organization would like to store customer data on a separate part of the network that is not accessible to users on the main corporate network. Which of the following should the administrator use to accomplish this goal?

A Segmentation
B Isolation
C Patching
D Encryption

Question 18

Which of the following is the most common data loss path for an air-gapped network?

A Bastion host
B Unsecured Bluetooth
C Unpatched OS
D Removable devices

Question 19

Malware spread across a company's network after an employee visited a compromised industry blog. Which of the following best describes this type of attack?

A Impersonation
B Disinformation
C Watering-hole
D Smishing

Question 20

An organization is struggling with scaling issues on its VPN concentrator and internet circuit due to remote work. The organization is looking for a software solution that will allow it to reduce traffic on the VPN and internet circuit, while still providing encrypted tunnel access to the data center and monitoring of remote employee internet traffic. Which of the following will help achieve these objectives?

A Deploying a SASE solution to remote employees
B Building a load-balanced VPN solution with redundant internet
C Purchasing a low-cost SD-WAN solution for VPN traffic
D Using a cloud provider to create additional VPN concentrators

Question 21

Which of the following is the best reason to complete an audit in a banking environment?

A Regulatory requirement
B Organizational change
C Self-assessment requirement
D Service-level requirement

Question 22

Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?

A Integrity
B Availability
C Confidentiality
D Non-repudiation

Question 23

A company is required to use certified hardware when building networks. Which of the following best addresses the risks associated with procuring counterfeit hardware?

A A thorough analysis of the supply chain
B A legally enforceable corporate acquisition policy
C A right to audit clause in vendor contracts and SOWs
D An in-depth penetration test of all suppliers and vendors

Question 24

Which of the following are cases in which an engineer should recommend the decommissioning of a network device? (Choose two.)

A The device has been moved from a production environment to a test environment.
B The device is configured to use cleartext passwords.
C The device is moved to an isolated segment on the enterprise network.
D The device is moved to a different location in the enterprise.
E The device's encryption level cannot meet organizational standards.
F The device is unable to receive authorized updates.

Question 25

A company is required to perform a risk assessment on an annual basis. Which of the following types of risk assessments does this requirement describe?

A Continuous
B Ad hoc
C Recurring
D One time

Page 1 of 25 • Questions 1-25 of 609

1 2 3 4 5

→

Know a question that should be here? Contribute to this exam

Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?

A Hacktivist
B Whistleblower
C Organized crime
D Unskilled attacker

An organization is leveraging a VPN between its headquarters and a branch location. Which of the following is the VPN protecting?

A Data in use
B Data in transit
C Geographic restrictions
D Data sovereignty

A security analyst performs the following test:

Which of the following would the security analyst conclude for this reported vulnerability?

A It is a false positive.
B A rescan is required.
C It is considered noise.
D Compensating controls exist.

SY0-701Preview