SY0-701 Online Practice Questions and Answers

Correct Answer: A

RBAC stands for Role-Based Access Control, which is a method of restricting access to data and resources based on the roles or responsibilities of users. RBAC simplifies the management of permissions by assigning roles to users and granting access rights to roles, rather than to individual users. RBAC can help enforce the principle of least privilege and reduce the risk of unauthorized access or data leakage. The other options are not as suitable for the scenario as RBAC, as they either do not prevent access based on responsibilities, or do not apply a simplified format.

References: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 133 1

Correct Answer: B

Detective controls are security measures that are designed to identify and monitor any malicious activity or anomalies on a system or network. They can help to discover the source, scope, and impact of an attack, and provide evidence for

further analysis or investigation. Detective controls include log files, security audits, intrusion detection systems, network monitoring tools, and antivirus software. In this case, the administrator used log files as a detective control to review the

ransomware attack on the company's system. Log files are records of events and activities that occur on a system or network, such as user actions, system errors, network traffic, and security alerts. They can provide valuable information for

troubleshooting, auditing, and forensics.

References:

Security+ (Plus) Certification | CompTIA IT Certifications, under "About the exam", bullet point 3: "Operate with an awareness of applicable regulations and policies, including principles of governance, risk, and compliance." CompTIA Security

+ Certification Kit: Exam SY0-701, 7th Edition, Chapter 1, page 14: "Detective controls are designed to identify and monitor any malicious activity or anomalies on a system or network." Control Types -CompTIA Security+ SY0-401: 2.1 Professor Messer IT ..., under "Detective Controls": "Detective controls are security measures that are designed to identify and monitor any malicious activity or anomalies on a system or network."

Correct Answer: C

IPSec is a protocol suite that provides secure communication over IP networks. IPSec can be used to create virtual private networks (VPNs) that encrypt and authenticate the data exchanged between two or more parties. IPSec can also provide data integrity, confidentiality, replay protection, and access control. A security consultant can use IPSec to gain secure, remote access to a client environment by establishing a VPN tunnel with the client's network.

References: CompTIA Security+ Study Guide: Exam SY0- 701, 9th Edition, Chapter 8: Secure Protocols and Services, page 385 1

Correct Answer: C

Federation means the company trusts accounts created and managed by a different network. It connects the identity management services of multiple systems

Correct Answer: A

Correct Answer: C

Correct Answer: A

The questions listed are part of a Risk Control Self-Assessment (RCSA), which is a process where teams evaluate the risks associated with their operations and assess the effectiveness of existing controls. The questions focus on aspects

such as patch management, the use of open-source code, external access, and compliance with corporate standards, all of which are critical for identifying and mitigating risks.

References:

CompTIA Security+ SY0-701 Course Content: The course discusses various risk management processes, including self-assessments that help in identifying and managing risks within the organization.

Correct Answer: C

To prevent the issuance of an MFA bypass code to an attacker posing as an employee, implementing identity proofing would be most effective. Identity proofing involves verifying the identity of individuals before granting access or providing

sensitive information.

Identity proofing: Ensures that the person requesting the MFA bypass is who they claim to be, thereby preventing social engineering attacks where attackers pose as legitimate employees.

Hardware token MFA: Provides an additional factor for authentication but does not address verifying the requester's identity.

Biometrics: Offers strong authentication based on physical characteristics but is not related to the process of issuing MFA bypass codes. Least privilege: Limits access rights for users to the bare minimum necessary to perform their work but

does not prevent social engineering attacks targeting the service desk.

Reference: CompTIA Security+ SY0-701 Exam Objectives, Domain 4.6 - Implement and maintain identity and access management (Identity proofing).

Correct Answer: C

Tokenization is a process that replaces sensitive data, such as credit card information, with a non-sensitive equivalent (token) that can be used in place of the actual data. This technique is particularly useful in securely storing payment

information because the token can be safely stored and transmitted without exposing the original credit card number.

References:

CompTIA Security+ SY0-701 Course Content: Domain 03 Security Architecture. CompTIA Security+ SY0-601 Study Guide: Chapter on Cryptography and Data Protection.

Correct Answer: A

Configuring devices to log to an off-site location for possible future reference is best described as log aggregation. Log aggregation involves collecting logs from multiple sources and storing them in a centralized location, often off-site, to

ensure they are preserved and can be analyzed in the future.

Log aggregation: Centralizes log data from multiple devices, making it easier to analyze and ensuring logs are available for future reference. DLP (Data Loss Prevention): Focuses on preventing unauthorized data transfer and ensuring data

security.

Archiving: Involves storing data for long-term retention, which could be part of log aggregation but is broader in scope.

SCAP (Security Content Automation Protocol): A standard for automating vulnerability management and policy compliance.

Reference: CompTIA Security+ SY0-701 Exam Objectives, Domain 4.4 - Explain security alerting and monitoring concepts and tools (Log aggregation).