CompTIA SY0-701 CompTIA Security+ Certification Exam Practice Test

Page: 1 / 14
Total 470 questions
Question 1

A company is aware of a given security risk related to a specific market segment. The business chooses not to accept responsibility and target their services to a different market segment. Which of the following describes this risk management strategy?



Answer : C

Avoidance involves choosing not to engage in activities or markets where certain risks are present. This is a proactive approach to risk management. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: 'Risk Management Strategies'.


Question 2

Which of the following would a security administrator use to comply with a secure baseline during a patch update?



Answer : C

Standard operating procedures (SOPs) outline the steps to be followed to maintain a secure baseline, such as testing and deploying patches while minimizing risk to the system. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 4: Security Operations, Section: 'Patch Management and Baseline Compliance'.


Question 3

Which of the following allows a systems administrator to tune permissions for a file?



Answer : B

Access control lists (ACLs) allow administrators to fine-tune file permissions by specifying which users or groups have access to a file and defining the level of access. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 3: Security Architecture, Section: 'Access Control Mechanisms'.


Question 4

Which of the following should a company use to provide proof of external network security testing?



Answer : D

Third-party attestation involves an external, independent party performing a network security assessment and providing documented proof, ensuring objectivity and compliance with regulatory or client requirements. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: 'Compliance and Security Audits'.


Question 5

Which of the following best describes the concept of information being stored outside of its country of origin while still being subject to the laws and requirements of the country of origin?



Answer : A

Data sovereignty refers to the principle that data stored in another country remains subject to the originating country's laws. This is a common concern in cloud computing. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 3: Security Architecture, Section: 'Data Sovereignty and Regulatory Compliance'.


Question 6

Which of the following is a possible consequence of a VM escape?



Answer : B

A VM escape occurs when an attacker breaks out of a virtual machine's isolation to access the hypervisor. This compromise can allow control of the hypervisor and all other VMs on the host, posing significant security risks. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 3: Security Architecture, Section: 'Virtualization Risks and Mitigation'.


Question 7

While conducting a business continuity tabletop exercise, the security team becomes concerned by potential impacts if a generator fails during failover. Which of the following is the team most likely to consider in regard to risk management activities?



Answer : D

Mean Time to Repair (MTTR) is a key metric in risk management, reflecting the time required to repair a failed component, such as a generator, and restore operations. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: 'Business Continuity Metrics'.


Page:    1 / 14   
Total 470 questions