SY0-701 CompTIA Exam Questions and Free Practice Test

Question 79

- (Exam Topic 1)
Which of the following authentication methods sends out a unique password to be used within a specific number of seconds?

A. TOTP

B. Biometrics

C. Kerberos

D. LDAP

Correct Answer:A
Time-based One-Time Password (TOTP) is a type of authentication method that sends out a unique password to be used within a specific number of seconds. It uses a combination of a shared secret key and the current time to generate a one-time password. TOTP is commonly used for two-factor authentication (2FA) to provide an additional layer of security beyond just a username and password.

Question 80

- (Exam Topic 2)
A security team suspects that the cause of recent power consumption overloads is the unauthorized use of empty power outlets in the network rack. Which of the following options will mitigate this issue without compromising the number of outlets available?

A. Adding a new UPS dedicated to the rack

B. Installing a managed PDU

C. Using only a dual power supplies unit

D. Increasing power generator capacity

Correct Answer:B
Installing a managed PDU is the most appropriate option to mitigate the issue without compromising the number of outlets available. A managed Power Distribution Unit (PDU) helps monitor, manage, and control power consumption at the rack level. By installing a managed PDU, the security team will have greater visibility into power usage in the network rack, and they can identify and eliminate unauthorized devices that consume excessive power from empty outlets.
https://www.comptia.org/training/books/security-sy0-601-study-guide

Question 81

- (Exam Topic 1)
Which of the following must be in place before implementing a BCP?

A. SLA

B. AUP

C. NDA

D. BIA

Correct Answer:D
A Business Impact Analysis (BIA) is a critical component of a Business Continuity Plan (BCP). It identifies and prioritizes critical business functions and determines the impact of their disruption. References: CompTIA Security+ Study Guide 601, Chapter 10

Question 82

- (Exam Topic 1)
A help desk technician receives an email from the Chief Information Officer (C/O) asking for documents. The technician knows the CIO is on vacation for a few weeks. Which of the following should the technician do to validate the authenticity of the email?

A. Check the metadata in the email header of the received path in reverse order to follow the email’s path.

B. Hover the mouse over the CIO's email address to verify the email address.

C. Look at the metadata in the email header and verify the "From." line matches the CIO's email address.

D. Forward the email to the CIO and ask if the CIO sent the email requesting the documents.

Correct Answer:B
The “From” line in the email header can be easily spoofed or manipulated by an attacker to make it look like the email is coming from the CIO’s email address. However, this does not mean that the email address is actually valid or that the email is actually sent by the CIO. A better way to check the email address is to hover over it and see if it matches the CIO’s email address exactly. This can help to spot any discrepancies or typos that might indicate a phishing attempt. For example, if the CIO’s email address is cio@company.com, but when you hover over it, it shows cio@compnay.com, then you know that the email is not authentic and likely a phishing attempt.

Question 83

- (Exam Topic 2)
Which of the following can reduce vulnerabilities by avoiding code reuse?

A. Memory management

B. Stored procedures

C. Normalization

D. Code obfuscation

Correct Answer:A
Memory management is a technique that can allocate and deallocate memory for applications and processes. Memory management can reduce vulnerabilities by avoiding code reuse, which is a technique that exploits a memory corruption vulnerability to execute malicious code that already exists in memory. Memory management can prevent code reuse by implementing features such as address space layout randomization (ASLR), data execution prevention (DEP), or stack canaries.

Question 84

- (Exam Topic 2)
A security analyst is reviewing computer logs because a host was compromised by malware After the computer was infected it displayed an error screen and shut down. Which of the following should the analyst review first to determine more information?

A. Dump file

B. System log

C. Web application log

D. Security too

Correct Answer:A
A dump file is the first thing that a security analyst should review to determine more information about a compromised device that displayed an error screen and shut down. A dump file is a file that contains a snapshot of the memory contents of a device at the time of a system crash or error. A dump file can help a security analyst analyze the cause and source of the crash or error, as well as identify any malicious code or activity that may have triggered it.
References: https://www.comptia.org/certifications/security#examdetails https://www.comptia.org/content/guides/comptia-security-sy0-601-exam-objectives https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/introduction-to-crash-dump-files

START SY0-701 EXAM