Pass CompTIA Security+ SY0-701 in Just 3 Days – Stress-Free!
Get your Security+ SY0-701 certification with 100% pass guarantee. Pay only after passing!
Click here to secure your guaranteed certification now!
Have questions? Contact us directly on WhatsApp for quick support!
Which of the following is the fastest and most cost-effective way to confirm a third-party supplier’s compliance with security obligations?
- A. Attestation report
- B. Third-party audit
- C. Vulnerability assessment
- D. Penetration testing
Various company stakeholders meet to discuss roles and responsibilities in the event of a security breach that would affect offshore offices. Which of the following is this an example of?
- A. Tabletop exercise
- B. Penetration test
- C. Geographic dispersion
- D. Incident response
Which of the following is an example of a data protection strategy that uses tokenization?
- A. Encrypting databases containing sensitive data
- B. Replacing sensitive data with surrogate values
- C. Removing sensitive data from production systems
- D. Hashing sensitive data in critical systems
Which of the following is a type of vulnerability that refers to the unauthorized installation of applications on a device through means other than the official application store?
- A. Cross-site scripting
- B. Buffer overflow
- C. Jailbreaking
- D. Side loading
Which of the following types of identification methods can be performed on a deployed application during runtime?
- A. Dynamic analysis
- B. Code review
- C. Package monitoring
- D. Bug bounty
Which of the following cryptographic solutions is used to hide the fact that communication is occurring?
- A. Steganography
- B. Data masking
- C. Tokenization
- D. Private key
Which of the following steps should be taken before mitigating a vulnerability in a production server?
- A. Escalate the issue to the SDLC team.
- B. Use the IR plan to evaluate the changes.
- C. Perform a risk assessment to classify the vulnerability.
- D. Refer to the change management policy.
A company needs to centralize its logs to create a baseline and have visibility on its security events. Which of the following technologies will accomplish this objective?
- A. Security information and event management
- B. A web application firewall
- C. A vulnerability scanner
- D. A next-generation firewall
Which of the following should a company use to provide proof of external network security testing?
- A. Business impact analysis
- B. Supply chain analysis
- C. Vulnerability assessment
- D. Third-party attestation
A security administrator is addressing an issue with a legacy system that communicates data using an unencrypted protocol to transfer sensitive data to a third party. No software updates that use an encrypted protocol are available, so a compensating control is needed. Which of the following are the most appropriate for the administrator to suggest? (Choose two.)
- A. Tokenization
- B. Cryptographic downgrade
- C. SSH tunneling
- D. Segmentation
- E. Patch installation
- F. Data masking