CompTIA SY0-701 CompTIA Security+ Certification Exam Practice Test
Page: 1 / 14 Total 413 questions
Want more questions? Get Premium Access. ()
Question 1
Which of the following aspects of the data management life cycle is most directly impacted by local and international regulations?
Answer : C
Retention policies dictate how long data must be stored to comply with local and international regulations. Non-compliance can result in legal and financial penalties. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: 'Data Retention and Legal Requirements'.
Question 2
Which of the following is an example of a data protection strategy that uses tokenization?
Answer : B
Tokenization replaces sensitive data with non-sensitive surrogate values that retain the necessary format but are meaningless without access to the original data. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 3: Security Architecture, Section: 'Data Masking and Tokenization'.
Question 3
Various company stakeholders meet to discuss roles and responsibilities in the event of a security breach affecting offshore offices. Which of the following is this an example of?
Answer : A
A tabletop exercise is a discussion-based activity where stakeholders simulate a security breach scenario to identify gaps in response plans and clarify roles and responsibilities. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: 'Incident Response Planning and Exercises'.
Question 4
An organization has a new regulatory requirement to implement corrective controls on a financial system. Which of the following is the most likely reason for the new requirement?
Answer : D
Corrective controls, such as auditing and versioning, help prevent unauthorized changes to financial data, ensuring data integrity and compliance with regulations. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: 'Controls for Financial Systems'.
Question 5
Which of the following would be the greatest concern for a company that is aware of the consequences of non-compliance with government regulations?
Answer : B
Sanctions imposed for non-compliance can include fines, legal actions, and loss of business licenses. These pose a significant financial and reputational risk to organizations. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: 'Regulatory Compliance Risks'.
Question 6
Which of the following threat actors would most likely deface the website of a high-profile music group?
Answer : A
An unskilled attacker, often referred to as a script kiddie, is likely to engage in website defacement. This type of attack typically requires minimal expertise and is often conducted for notoriety. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 2: Threats, Section: 'Threat Actors and Motivations'.
Question 7
A group of developers has a shared backup account to access the source code repository. Which of the following is the best way to secure the backup account if there is an SSO failure?
Answer : D
Privileged Access Management (PAM) solutions enhance security by enforcing strong authentication, rotation of credentials, and access control for shared accounts. This is especially critical in scenarios like SSO failures. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: 'Privileged Access and Identity Management'.
All Official Question Types