SY0-701 Free Practice Test

- (Exam Topic 2)
A company that provides an online streaming service made its customers' personal data including names and email addresses publicly available in a cloud storage service. As a result, the company experienced an increase m the number of requests to delete user accounts. Which of the following best describes the consequence of tins data disclosure?

1. A. Regulatory tines
2. B. Reputation damage
3. C. Increased insurance costs
4. D. Financial loss

Correct Answer: B
Reputation damage Short
Reputation damage is the loss of trust or credibility that a company suffers when its customers’ personal data is exposed or breached. This can lead to customer dissatisfaction, loss of loyalty, and requests to delete user accounts. References: https://www.comptia.org/content/guides/what-is-cybersecurity

- (Exam Topic 2)
Which of the following is most likely to contain ranked and ordered information on the likelihood and potential impact of catastrophic events that may affect business processes and systems, while also highlighting the residual risks that need to be managed after mitigating controls have been implemented?

1. A. An RTO report
2. B. A risk register
3. C. A business impact analysis
4. D. An asset value register
5. E. A disaster recovery plan

Correct Answer: B
A risk register is a document or a tool that records and tracks information about the identified risks and their analysis, such as likelihood, impact, priority, mitigation strategies, residual risks, etc. It can contain ranked and ordered information on the likelihood and potential impact of catastrophic events that may affect business processes and systems, while also highlighting the residual risks that need to be managed after mitigating controls have been implemented.

- (Exam Topic 1)
A systems engineer is building a new system for production. Which of the following is the FINAL step to be performed prior to promoting to production?

1. A. Disable unneeded services.
2. B. Install the latest security patches.
3. C. Run a vulnerability scan.
4. D. Encrypt all disks.

Correct Answer: C
Running a vulnerability scan is the final step to be performed prior to promoting a system to production. This allows any remaining security issues to be identified and resolved before the system is put into production. References: CompTIA Security+ Study Guide, Exam SY0-601, 4th Edition, Chapter 3

- (Exam Topic 1)
A company reduced the area utilized in its datacenter by creating virtual networking through automation and by creating provisioning routes and rules through scripting. Which of the following does this example describe?

1. A. laC
2. B. MSSP
3. C. Containers
4. D. SaaS

Correct Answer: A
laaS (Infrastructure as a Service) allows the creation of virtual networks, automation, and scripting to reduce the area utilized in a datacenter. References: CompTIA Security+ Study Guide, Exam SY0-601, Chapter 4

- (Exam Topic 1)
Which of the following must be in place before implementing a BCP?

1. A. SLA
2. B. AUP
3. C. NDA
4. D. BIA

Correct Answer: D
A Business Impact Analysis (BIA) is a critical component of a Business Continuity Plan (BCP). It identifies and prioritizes critical business functions and determines the impact of their disruption. References: CompTIA Security+ Study Guide 601, Chapter 10