Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

SY0-701 Exam Dumps - CompTIA Security+ Questions and Answers

Question # 244

During a penetration test in a hypervisor, the security engineer is able to use a script to inject a malicious payload and access the host filesystem. Which of the following best describes this vulnerability?

Options:

A.

VM escape

B.

Cross-site scripting

C.

Malicious update

D.

SQL injection

Buy Now
Question # 245

A security administrator needs to reduce the attack surface in the company ' s data centers. Which of the following should the security administrator do to complete this task?

Options:

A.

Implement a honeynet.

B.

Define Group Policy on the servers.

C.

Configure the servers for high availability.

D.

Upgrade end-of-support operating systems.

Buy Now
Question # 246

An organization has a new regulatory requirement to implement corrective controls on a financial system. Which of the following is the most likely reason for the new requirement?

Options:

A.

To defend against insider threats altering banking details

B.

To ensure that errors are not passed to other systems

C.

To allow for business insurance to be purchased

D.

To prevent unauthorized changes to financial data

Buy Now
Question # 247

Which of the following uses proprietary controls and is designed to function in harsh environments over many years with limited remote access management?

Options:

A.

ICS

B.

Microservers

C.

Containers

D.

IoT

Buy Now
Question # 248

A systems administrator is looking for a low-cost application-hosting solution that is cloud-based. Which of the following meets these requirements?

Options:

A.

Serverless framework

B.

Type 1 hvpervisor

C.

SD-WAN

D.

SDN

Buy Now
Question # 249

A government worker secretly copies classified files that contain defense tactics information to an external drive. The government worker then gives the external drive to a corrupt organization. Which of the following best describes the motivation of the worker?

Options:

A.

Espionage

B.

Data exfiltration

C.

Financial gain

D.

Blackmail

Buy Now
Question # 250

Which of the following is the best reason to perform a tabletop exercise?

Options:

A.

To address audit findings

B.

To collect remediation response times

C.

To update the IRP

D.

To calculate the ROI

Buy Now
Question # 251

Which of the following metrics are used to calculate the risk rating in a matrix format? Select two.

Options:

A.

Likelihood

B.

Quantitative

C.

SLE

D.

Impact

E.

ALE

F.

ARO

Buy Now
Question # 252

An organization wants to limit potential impact to its log-in database in the event of a breach. Which of the following options is the security team most likely to recommend?

Options:

A.

Tokenization

B.

Hashing

C.

Obfuscation

D.

Segmentation

Buy Now
Question # 253

During a routine audit, an analyst discovers that a department at a high school uses a simulation program that was not properly vetted before deployment. Which of the following threats is this an example of?

Options:

Buy Now
Question # 254

A company is concerned with supply chain compromise of new servers and wants to limit this risk. Which of the following should the company review first?

Options:

A.

Sanitization procedure

B.

Acquisition process

C.

Change management

D.

Asset tracking

Buy Now
Question # 255

A security team is setting up a new environment for hosting the organization ' s on-premises software application as a cloud-based service. Which of the following should the team ensure is in place in order for the organization to follow security best practices?

Options:

A.

Visualization and isolation of resources

B.

Network segmentation

C.

Data encryption

D.

Strong authentication policies

Buy Now
Question # 256

Which of the following elements of digital forensics should a company use If It needs to ensure the integrity of evidence?

Options:

A.

Preservation

B.

E-discovery

C.

Acquisition

D.

Containment

Buy Now
Question # 257

An administrator must replace an expired SSL certificate. Which of the following does the administrator need to create the new SSL certificate?

Options:

A.

CSR

B.

OCSP

C.

Key

D.

CRL

Buy Now
Question # 258

A customer of a large company receives a phone call from someone claiming to work for the company and asking for the customer ' s credit card information. The customer sees the caller ID is the same as the company ' s main phone number. Which of the following attacks is the customer most likely a target of?

Options:

A.

Phishing

B.

Whaling

C.

Smishing

D.

Vishing

Buy Now
Question # 259

An administrator wants to automate an account permissions update for a large number of accounts. Which of the following would best accomplish this task?

Options:

A.

Security groups

B.

Federation

C.

User provisioning

D.

Vertical scaling

Buy Now
Question # 260

Which of the following is used to quantitatively measure the criticality of a vulnerability?

Options:

A.

CVE

B.

CVSS

C.

CIA

D.

CERT

Buy Now
Question # 261

Which of the following teams combines both offensive and defensive testing techniques to protect an organization ' s critical systems?

Options:

A.

Red

B.

Blue

C.

Purple

D.

Yellow

Buy Now
Question # 262

An organization plans to expand its operations internationally and needs to keep data at the new location secure. The organization wants to use the most secure architecture model possible. Which of the following models offers the highest level of security?

Options:

A.

Cloud-based

B.

Peer-to-peer

C.

On-premises

D.

Hybrid

Buy Now
Question # 263

A systems administrator is creating a script that would save time and prevent human error when performing account creation for a large number of users. Which of the following would be a good use case for this task?creating a script

Options:

A.

Off-the-shelf software

B.

Orchestration

C.

Baseline

D.

Policy enforcement

Buy Now
Exam Code: SY0-701
Exam Name: CompTIA Security+ Exam 2026
Last Update: Jul 6, 2026
Questions: 887
SY0-701 pdf

SY0-701 PDF

$25.5  $84.99
SY0-701 Engine

SY0-701 Testing Engine

$28.5  $94.99
SY0-701 PDF + Engine

SY0-701 PDF + Testing Engine

$40.5  $134.99