CompTIA CompTIA Certifications SY0-701 Questions & Answers

• Question 161:

  An accounting clerk sent money to an attacker's bank account after receiving fraudulent instructions to use a new account. Which of the following would most likely prevent this activity in the future?

  A. Standardizing security incident reporting

  B. Executing regular phishing campaigns

  C. Implementing insider threat detection measures

  D. Updating processes for sending wire transfers

  Correct Answer: D

  Updating the processes for sending wire transfers would most likely prevent this type of activity in the future. This could include implementing additional verification steps, such as requiring multiple levels of approval, verifying new payment instructions through a separate communication channel, or implementing a callback procedure to confirm the authenticity of the instructions.

• Question 162:

  A company is required to perform a risk assessment on an annual basis. Which of the following types of risk assessments does this requirement describe?

  A. Continuous

  B. Ad hoc

  C. Recurring

  D. One time

  Correct Answer: C

• Question 163:

  Which of the following best ensures minimal downtime and data loss for organizations with critical computing equipment located in earthquake-prone areas?

  A. Generators and UPS

  B. Off-site replication

  C. Redundant cold sites

  D. High availability networking

  Correct Answer: B

• Question 164:

  A newly identified network access vulnerability has been found in the OS of legacy IoT devices. Which of the following would best mitigate this vulnerability quickly?

  A. Insurance

  B. Patching

  C. Segmentation

  D. Replacement

  Correct Answer: C

• Question 165:

  A legacy device is being decommissioned and is no longer receiving updates or patches. Which of the following describes this scenario?

  A. End of business

  B. End of testing

  C. End of support

  D. End of life

  Correct Answer: D

• Question 166:

  Which of the following is the best way to secure an on-site data center against intrusion from an insider?

  A. Bollards

  B. Access badge

  C. Motion sensor

  D. Video surveillance

  Correct Answer: B

• Question 167:

  An engineer moved to another team and is unable to access the new team's shared folders while still being able to access the shared folders from the former team. After opening a ticket, the engineer discovers that the account was never moved to the new group. Which of the following access controls is most likely causing the lack of access?

  A. Role-based

  B. Discretionary

  C. Time of day

  D. Least privilege

  Correct Answer: A

• Question 168:

  An accounting intern receives an invoice via email from the Chief Executive Officer (CEO). In the email, the CEO demands the immediate release of funds to the bank account that is listed. Which of the following principles best describes why this attack might be successful?

  A. Authority

  B. Scarcity

  C. Consensus

  D. Familiarity

  Correct Answer: A

• Question 169:

  A user downloaded software from an online forum. After the user installed the software, the security team observed external network traffic connecting to the user's computer on an uncommon port. Which of the following is the most likely explanation of this unauthorized connection?

  A. The software had a hidden keylogger.

  B. The software was ransomware.

  C. The user's computer had a fileless virus.

  D. The software contained a backdoor.

  Correct Answer: D

• Question 170:

  During a penetration test, a flaw in the internal PKI was exploited to gain domain administrator rights using specially crafted certificates. Which of the following remediation tasks should be completed as part of the cleanup phase?

  A. Updating the CRL

  B. Patching the CA

  C. Changing passwords

  D. Implementing SOAR

  Correct Answer: B