Pass CompTIA Security+ SY0-701 in Just 3 Days – Stress-Free!
Get your Security+ SY0-701 certification with 100% pass guarantee. Pay only after passing!
Click here to secure your guaranteed certification now!
Have questions? Contact us directly on WhatsApp for quick support!
Which of the following is a type of vulnerability that involves inserting scripts into web-based applications in order to take control of the client’s web browser?
- A. SQL injection
- B. Cross-site scripting
- C. Zero-day exploit
- D. On-path attack
While investigating a possible incident, a security analyst discovers the following:
Which of the following should the analyst do first?
- A. Implement a WAF.
- B. Disable the query.php script.
- C. Block brute-force attempts on temporary users.
- D. Check the users table for new accounts.
Due to a cyberattack, a company’s IT systems were not operational for an extended period of time. The company wants to measure how quickly the systems must be restored in order to minimize business disruption. Which of the following would the company most likely use?
- A. Recovery point objective
- B. Risk appetite
- C. Risk tolerance
- D. Recovery time objective
- E. Mean time between failure
Which of the following actors attacking an organization is the most likely to be motivated by personal beliefs?
- A. Nation-state
- B. Organized crime
- C. Hacktivist
- D. Insider threat
Which of the following should a security team use to document persistent vulnerabilities with related recommendations?
- A. Audit report
- B. Risk register
- C. Compliance report
- D. Penetration test
An organization purchased a critical business application containing sensitive data. The organization would like to ensure that the application is not exploited by common data exfiltration attacks. Which of the following approaches would best help to fulfill this requirement?
- A. URL scanning
- B. WAF
- C. Reverse proxy
- D. NAC
A company wants to improve the availability of its application with a solution that requires minimal effort in the event a server needs to be replaced or added. Which of the following would be the best solution to meet these objectives?
- A. Load balancing
- B. Fault tolerance
- C. Proxy servers
- D. Replication
A company is performing a risk assessment on new software the company plans to use. Which of the following should the company assess during this process?
- A. Software vulnerabilities
- B. Cost-benefit analysis
- C. Ongoing monitoring strategies
- D. Network infrastructure compatibility
A malicious actor is trying to access sensitive financial information from a company’s database by intercepting and reusing log-in credentials. Which of the following attacks is the malicious actor attempting?
- A. SQL injection
- B. On-path
- C. Brute-force
- D. Password spraying
A new employee accessed an unauthorized website. An investigation found that the employee violated the company’s rules. Which of the following did the employee violate?
- A. MOU
- B. AUP
- C. NDA
- D. MOA