Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

SY0-701 Exam Dumps - CompTIA Security+ Questions and Answers

Question # 4

An administrator was notified that a user logged in remotely after hours and copied large amounts of data to a personal device.

Which of the following best describes the user’s activity?

Options:

A.

Penetration testing

B.

Phishing campaign

C.

External audit

D.

Insider threat

Buy Now
Question # 5

Which of the following actions would reduce the number of false positives for an analyst to manually review?

Options:

A.

Create playbooks as part of a SOAR platform

B.

Redefine the patch management process

C.

Replace an EDR tool with an XDR solution

D.

Disable AV heuristics scanning

Buy Now
Question # 6

An IT team rolls out a new management application that uses a randomly generated MFA token sent to the administrator’s phone. Despite this new MFA precaution, there is a security breach of the same software. Which of the following describes this kind of attack?

Options:

A.

Smishing

B.

Typosquatting

C.

Espionage

D.

Pretexting

Buy Now
Question # 7

While updating the security awareness training, a security analyst wants to address issues created if vendors ' email accounts are compromised. Which of the following recommendations should the security analyst include in the training?

Options:

A.

Refrain from clicking on images included in emails from new vendors.

B.

Delete emails from unknown service provider partners.

C.

Require that invoices be sent as attachments.

D.

Be alert to unexpected requests from familiar email addresses.

Buy Now
Question # 8

Which of the following best protects sensitive data in transit across a geographically dispersed Infrastructure?

Options:

A.

Encryption

B.

Masking

C.

Tokenization

D.

Obfuscation

Buy Now
Question # 9

Which of the following attacks primarily targets insecure networks?

Options:

A.

Evil twin

B.

Impersonation

C.

Watering hole

D.

Pretexting

Buy Now
Question # 10

A legal department must maintain a backup from all devices that have been shredded and recycled by a third party. Which of the following best describes this requirement?

Options:

A.

Data retention

B.

Certification

C.

Sanitation

D.

Destruction

Buy Now
Question # 11

An administrator implements web-filtering products but still sees that users are visiting malicious links. Which of the following configuration items does the security administrator need to review?

Options:

A.

Intrusion prevention system

B.

Content categorization

C.

Encryption

D.

DNS service

Buy Now
Question # 12

During a SQL update of a database, a temporary field that was created was replaced by an attacker in order to allow access to the system. Which of the following best describes this type of vulnerability?

Options:

A.

Race condition

B.

Memory injection

C.

Malicious update

D.

Side loading

Buy Now
Question # 13

An organization experiences a suspected data breach that affects sensitive client information. The incident response team must preserve logs, server images, and email communications related to the breach. Which of the following best describes this course of action?

Options:

A.

Maintaining the chain of custody

B.

Performing root cause analysis

C.

Enforcing a legal hold

D.

Conducting a containment activity

Buy Now
Question # 14

A client demands at least 99.99% uptime from a service provider ' s hosted security services. Which of the following documents includes the information the service provider should return to the client?

Options:

A.

MOA

B.

SOW

C.

MOU

D.

SLA

Buy Now
Question # 15

A security analyst receives an alert from a web server that contains the following logs:

GET /image?filename=../../../etc/passwd

Host: AcmeInc.web.net

useragent: python-request/2.27.1

GET /image?filename=../../../etc/shadow

Host: AcmeInc.web.net

useragent: python-request/2.27.1

Which of the following attacks is being attempted?

Options:

A.

File injection

B.

Privilege escalation

C.

Directory traversal

D.

Cookie forgery

Buy Now
Question # 16

A company ' s end users are reporting that they are unable to reach external websites. After reviewing the performance data for the DNS severs, the analyst discovers that the CPU, disk, and memory usage are minimal, but the network interface is flooded with inbound traffic. Network logs show only a small number of DNS queries sent to this server. Which of the following best describes what the security analyst is seeing?

Options:

A.

Concurrent session usage

B.

Secure DNS cryptographic downgrade

C.

On-path resource consumption

D.

Reflected denial of service

Buy Now
Question # 17

A visitor plugs a laptop into a network jack in the lobby and is able to connect to the company ' s network. Which of the following should be configured on the existing network infrastructure to best prevent this activity?

Options:

A.

Port security

B.

Web application firewall

C.

Transport layer security

D.

Virtual private network

Buy Now
Question # 18

A company is concerned about the theft of client data from decommissioned laptops. Which of the following is the most cost-effective method to decrease this risk?

Options:

A.

Wiping

B.

Recycling

C.

Shredding

D.

Deletion

Buy Now
Question # 19

A company requires hard drives to be securely wiped before sending decommissioned systems to recycling. Which of the following best describes this policy?

Options:

A.

Enumeration

B.

Sanitization

C.

Destruction

D.

Inventory

Buy Now
Question # 20

A legacy device is being decommissioned and is no longer receiving updates or patches. Which of the following describes this scenario?

Options:

A.

End of business

B.

End of testing

C.

End of support

D.

End of life

Buy Now
Question # 21

A security engineer configured a remote access VPN. The remote access VPN allows end users to connect to the network by using an agent that is installed on the endpoint, which establishes an encrypted tunnel. Which of the following protocols did the engineer most likely implement?

Options:

A.

GRE

B.

IPSec

C.

SD-WAN

D.

EAP

Buy Now
Question # 22

An unexpected and out-of-character email message from a Chief Executive Officer’s corporate account asked an employee to provide financial information and to change the recipient ' s contact number. Which of the following attack vectors is most likely being used?

Options:

A.

Business email compromise

B.

Phishing

C.

Brand impersonation

D.

Pretexting

Buy Now
Question # 23

Employees sign an agreement that restricts specific activities when leaving the company. Violating the agreement can result in legal consequences. Which of the following agreements does this best describe?

Options:

A.

SLA

B.

BPA

C.

NDA

D.

MOA

Buy Now
Exam Code: SY0-701
Exam Name: CompTIA Security+ Exam 2026
Last Update: Jul 5, 2026
Questions: 887
SY0-701 pdf

SY0-701 PDF

$25.5  $84.99
SY0-701 Engine

SY0-701 Testing Engine

$28.5  $94.99
SY0-701 PDF + Engine

SY0-701 PDF + Testing Engine

$40.5  $134.99