Pass CompTIA Security+ SY0-701 in Just 3 Days – Stress-Free!
Get your Security+ SY0-701 certification with 100% pass guarantee. Pay only after passing!
Click here to secure your guaranteed certification now!
Have questions? Contact us directly on WhatsApp for quick support!
A company needs to keep the fewest records possible, meet compliance needs, and ensure destruction of records that are no longer needed. Which of the following best describes the policy that meets these requirements?
- A. Security policy
- B. Classification policy
- C. Retention policy
- D. Access control policy
Which of the following is a common source of unintentional corporate credential leakage in cloud environments?
- A. Code repositories
- B. Dark web
- C. Threat feeds
- D. State actors
- E. Vulnerability databases
Which of the following is the best reason an organization should enforce a data classification policy to help protect its most sensitive information?
- A. End users will be required to consider the classification of data that can be used in documents.
- B. The policy will result in the creation of access levels for each level of classification.
- C. The organization will have the ability to create security requirements based on classification levels.
- D. Security analysts will be able to see the classification of data within a document before opening it.
An analyst is performing a vulnerability scan against the web servers exposed to the internet without a system account. Which of the following is most likely being performed?
- A. Non-credentialed scan
- B. Packet capture
- C. Privilege escalation
- D. System enumeration
- E. Passive scan
A security administrator is hardening corporate systems and applying appropriate mitigations by consulting a real-world knowledge base for adversary behavior. Which of the following would be best for the administrator to reference?
- A. MITRE ATT&CK
- B. CSIRT
- C. CVSS
- D. SOAR
An architect has a request to increase the speed of data transfer using JSON requests externally. Currently, the organization uses SFTP to transfer data files. Which of the following will most likely meet the requirements?
- A. A website-hosted solution
- B. Cloud shared storage
- C. A secure email solution
- D. Microservices using API
Which of the following addresses individual rights such as the right to be informed, the right of access, and the right to be forgotten?
- A. GDPR
- B. PCI DSS
- C. NIST
- D. ISO
An administrator is installing an LDAP browser tool in order to view objects in the corporate LDAP directory. Secure connections to the LDAP server are required. When the browser connects to the server, certificate errors are being displayed, and then the connection is terminated. Which of the following is the most likely solution?
- A. The administrator should allow SAN certificates in the browser configuration.
- B. The administrator needs to install the server certificate into the local truststore.
- C. The administrator should request that the secure LDAP port be opened to the server.
- D. The administrator needs to increase the TLS version on the organization’s RA.
Which of the following is the most important security concern when using legacy systems to provide production service?
- A. Instability
- B. Lack of vendor support
- C. Loss of availability
- D. Use of insecure protocols
A security investigation revealed that malicious software was installed on a server using a server administrator’s credentials. During the investigation, the server administrator explained that Telnet was regularly used to log in. Which of the following most likely occurred?
- A. A spraying attack was used to determine which credentials to use.
- B. A packet capture tool was used to steal the password.
- C. A remote-access Trojan was used to install the malware.
- D. A dictionary attack was used to log in as the server administrator.