Pass CompTIA Security+ SY0-701 in Just 3 Days – Stress-Free!
Get your Security+ SY0-701 certification with 100% pass guarantee. Pay only after passing!
Click here to secure your guaranteed certification now!
Have questions? Contact us directly on WhatsApp for quick support!
The private key for a website was stolen, and a new certificate has been issued. Which of the following needs to be updated next?
- A. SCEP
- B. CRL
- C. OCSP
- D. CSR
Which of the following organizational documents is most often used to establish and communicate expectations associated with integrity and ethical behavior within an organization?
- A. AUP
- B. SLA
- C. EULA
- D. MOA
Which of the following explains how to determine the global regulations that data is subject to regardless of the country where the data is stored?
- A. Geographic dispersion
- B. Data sovereignty
- C. Geographic restrictions
- D. Data segmentation
An organization’s web servers host an online ordering system. The organization discovers that the servers are vulnerable to a malicious JavaScript injection, which could allow attackers to access customer payment information. Which of the following mitigation strategies would be most effective for preventing an attack on the organization’s web servers? (Choose two.)
- A. Regularly updating server software and patches
- B. Implementing strong password policies
- C. Encrypting sensitive data at rest and in transit
- D. Utilizing a web-application firewall
- E. Performing regular vulnerability scans
- F. Removing payment information from the servers
Which of the following tools is best for logging and monitoring in a cloud environment?
- A. IPS
- B. FIM
- C. NAC
- D. SIEM
During a SQL update of a database, a temporary field that was created was replaced by an attacker in order to allow access to the system. Which of the following best describes this type of vulnerability?
- A. Race condition
- B. Memory injection
- C. Malicious update
- D. Side loading
A group of developers has a shared backup account to access the source code repository. Which of the following is best way to secure the backup account if there is an SSO failure?
- A. RAS
- B. EAP
- C. SAML
- D. PAM
Which of the following elements of digital forensics should a company use if it needs to ensure the integrity of evidence?
- A. Preservation
- B. E-discovery
- C. Acquisition
- D. Containment
A company suffered a critical incident where 30GB of data was exfiltrated from the corporate network. Which of the following actions is the most efficient way to identify where the system data was exfiltrated from and what location the attacker sent the data to?
- A. Analyze firewall and network logs for large amounts of outbound traffic to external IP addresses or domains.
- B. Analyze IPS and IDS logs to find the IP addresses used by the attacker for reconnaissance scans.
- C. Analyze endpoint and application logs to see whether file-sharing programs were running on the company systems.
- D. Analyze external vulnerability scans and automated reports to identify the systems the attacker could have exploited a remote code vulnerability.
Which of the following describes the procedures a penetration tester must follow while conducting a test?
- A. Rules of engagement
- B. Rules of acceptance
- C. Rules of understanding
- D. Rules of execution