SY0-701 Free Practice Test

- (Exam Topic 1)
An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification?

1. A. It allows for the sharing of digital forensics data across organizations
2. B. It provides insurance in case of a data breach
3. C. It provides complimentary training and certification resources to IT security staff.
4. D. It certifies the organization can work with foreign entities that require a security clearance
5. E. It assures customers that the organization meets security standards

Correct Answer: E
ISO 27001 is an international standard that outlines the requirements for an Information Security Management System (ISMS). It provides a framework for managing and protecting sensitive information using risk management processes. Acquiring an ISO 27001 certification assures customers that the organization meets security standards and follows best practices for information security management. It helps to build customer trust and confidence in the organization's ability to protect their sensitive information. References: CompTIA Security+ Certification Exam Objectives, Exam Domain 1.0: Attacks, Threats, and Vulnerabilities, 1.2 Given a scenario, analyze indicators of compromise and determine the type of malware, p. 7

- (Exam Topic 2)
Historically, a company has had issues with users plugging in personally owned removable media devices into corporate computers. As a result, the threat of malware incidents is almost constant. Which of the following would best help prevent the malware from being installed on the computers?

1. A. AUP
2. B. NGFW
3. C. DLP
4. D. EDR

Correct Answer: D
EDR stands for Endpoint Detection and Response, which is a technology that monitors, detects, and responds to cyber threats on endpoint devices, such as laptops, desktops, servers, or mobile devices. EDR collects and analyzes data from endpoints to identify suspicious or malicious activities, such as malware installation, file modification, registry changes, network connections, or user actions. EDR also provides tools and capabilities to respond to threats, such as isolating infected devices, blocking malicious processes, removing malware, or restoring files.
Historically, a company has had issues with users plugging in personally owned removable media devices into corporate computers. As a result, the threat of malware incidents is almost constant. EDR would best help prevent the malware from being installed on the computers by detecting the insertion of removable media devices and scanning them for any malicious code or files. EDR would also alert the security team of any potential infection and enable them to take immediate action to contain and remediate the threat.

- (Exam Topic 2)
Which of the following can be used by an authentication application to validate a user's credentials without the need to store the actual sensitive data?

1. A. Salt string
2. B. Private Key
3. C. Password hash
4. D. Cipher stream

Correct Answer: C
Password hash is a method of storing a user’s credentials without the need to store the actual sensitive data. A password hash is a one-way function that transforms the user’s password into a fixed-length string of characters that cannot be reversed. The authentication application can then compare the password hash with the stored hash to validate the user’s credentials without revealing the original password. References: 1
CompTIA Security+ Certification Exam Objectives, page 15, Domain 3.0: Implementation, Objective 3.5:
Implement secure authentication mechanisms 2
CompTIA Security+ Certification Exam Objectives, page 16,
Domain 3.0: Implementation, Objective 3.6: Implement identity and account management best practices 3
https://www.comptia.org/blog/what-is-password-hashing

- (Exam Topic 1)
A business is looking for a cloud service provider that offers a la carte services, including cloud backups, VM elasticity, and secure networking. Which of the following cloud service provider types should business engage?

1. A. A laaS
2. B. PaaS
3. C. XaaS
4. D. SaaS

Correct Answer: A
Infrastructure as a Service (IaaS) providers offer a la carte services, including cloud backups, VM elasticity, and secure networking. With IaaS, businesses can rent infrastructure components such as virtual machines, storage, and networking from a cloud service provider. References: CompTIA Security+ Study Guide, pages 233-234

- (Exam Topic 2)
A security administrator performs weekly vulnerability scans on all cloud assets and provides a detailed report. Which of the following describes the administrator's activities?

1. A. Continuous deployment
2. B. Continuous integration
3. C. Continuous validation
4. D. Continuous monitoring

Correct Answer: C
Continuous validation is a process that involves performing regular and automated tests to verify the security and functionality of a system or an application. Continuous validation can help identify and remediate vulnerabilities, bugs, or misconfigurations before they cause any damage or disruption. The security administrator’s activities of performing weekly vulnerability scans on all cloud assets and providing a detailed report are examples of continuous validation.