Pass CompTIA Security+ SY0-701 in Just 3 Days – Stress-Free!
Get your Security+ SY0-701 certification with 100% pass guarantee. Pay only after passing!
Click here to secure your guaranteed certification now!
Have questions? Contact us directly on WhatsApp for quick support!
An organization wants a third-party vendor to do a penetration test that targets a specific device. The organization has provided basic information about the device. Which of the following best describes this kind of penetration test?
- A. Partially known environment
- B. Unknown environment
- C. Integrated
- D. Known environment
Which of the following should a security team do first before a new web server goes live?
- A. Harden the virtual host.
- B. Create WAF rules.
- C. Enable network intrusion detection.
- D. Apply patch management.
Which of the following techniques can be used to sanitize the data contained on a hard drive while allowing for the hard drive to be repurposed?
- A. Degaussing
- B. Drive shredder
- C. Retention platform
- D. Wipe tool
An attacker submits a request containing unexpected characters in an attempt to gain unauthorized access to information within the underlying systems. Which of the following best describes this attack?
- A. Side loading
- B. Target of evaluation
- C. Resource reuse
- D. SQL injection
A security analyst has determined that a security breach would have a financial impact of $15,000 and is expected to occur twice within a three-year period. Which of the following is the ALE for this risk?
- A. $7,500
- B. $10,000
- C. $15,000
- D. $30,000
A systems administrator discovers a system that is no longer receiving support from the vendor. However, this system and its environment are critical to running the business, cannot be modified, and must stay online. Which of the following risk treatments is the most appropriate in this situation?
- A. Reject
- B. Accept
- C. Transfer
- D. Avoid
A company discovered its data was advertised for sale on the dark web. During the initial investigation, the company determined the data was proprietary data. Which of the following is the next step the company should take?
- A. Identify the attacker’s entry methods.
- B. Report the breach to the local authorities.
- C. Notify the applicable parties of the breach.
- D. Implement vulnerability scanning of the company’s systems.
Which of the following would be the best solution to deploy a low-cost standby site that includes hardware and internet access?
A. Recovery site.
B. Cold Site
C. Hot Site
An organization needs to determine how many employees are accessing the building each day in order to configure the proper access controls. Which of the following control types best meets this requirement?
- A. Detective
- B. Preventive
- C. Corrective
- D. Directive
An organization wants to implement a secure solution for remote users. The users handle sensitive PHI on a regular basis and need to access an internally developed corporate application. Which of the following best meet the organization’s security requirements? (Choose two.)
- A. Local administrative password
- B. Perimeter network
- C. Jump server
- D. WAF
- E. MFA
- F. VPN