Pass CompTIA Security+ SY0-701 in Just 3 Days – Stress-Free!
Get your Security+ SY0-701 certification with 100% pass guarantee. Pay only after passing!
Click here to secure your guaranteed certification now!
Have questions? Contact us directly on WhatsApp for quick support!
During a security incident, the security operations team identified sustained network traffic from a malicious IP address: 10.1.4.9. A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization’s network. Which of the following fulfills this request?
- A. access-list inbound deny ip source 0.0.0.0/0 destination 10.1.4.9/32
- B. access-list inbound deny ip source 10.1.4.9/32 destination 0.0.0.0/0
- C. access-list inbound permit ip source 10.1.4.9/32 destination 0.0.0.0/0
- D. access-list inbound permit ip source 0.0.0.0/0 destination 10.1.4.9/32
A company needs to provide administrative access to internal resources while minimizing the traffic allowed through the security boundary. Which of the following methods is most secure?
- A. Implementing a bastion host
- B. Deploying a perimeter network
- C. Installing a WAF
- D. Utilizing single sign-on
A security analyst is reviewing alerts in the SIEM related to potential malicious network traffic coming from an employee’s corporate laptop. The security analyst has determined that additional data about the executable running on the machine is necessary to continue the investigation. Which of the following logs should the analyst use as a data source?
- A. Application
- B. IPS/IDS
- C. Network
- D. Endpoint
A cyber operations team informs a security analyst about a new tactic malicious actors are using to compromise networks.
SIEM alerts have not yet been configured. Which of the following best describes what the security analyst should do to identify this behavior?
- A. Digital forensics
- B. E-discovery
- C. Incident response
- D. Threat hunting
A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?
- A. Accept
- B. Transfer
- C. Mitigate
- D. Avoid
A security administrator would like to protect data on employees’ laptops. Which of the following encryption techniques should the security administrator use?
- A. Partition
- B. Asymmetric
- C. Full disk
- D. Database
Which of the following security control types does an acceptable use policy best represent?
- A. Detective
- B. Compensating
- C. Corrective
- D. Preventive
An IT manager informs the entire help desk staff that only the IT manager and the help desk lead will have access to the administrator console of the help desk software. Which of the following security techniques is the IT manager setting up?
- A. Hardening
- B. Employee monitoring
- C. Configuration enforcement
- D. Least privilege
Which of the following is the most likely to be used to document risks, responsible parties, and thresholds?
- A. Risk tolerance
- B. Risk transfer
- C. Risk register
- D. Risk analysis
Which of the following should a security administrator adhere to when setting up a new set of firewall rules?
- A. Disaster recovery plan
- B. Incident response procedure
- C. Business continuity plan
- D. Change management procedure