Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. SY0-701

CompTIA SY0-701 Exam Questions
CompTIA Security+ (Page 9 )

Updated On: 31-Mar-2026
Page 9 of 91
PDF with 757 Questions

An analyst is performing a vulnerability scan against the web servers exposed to the internet without a system account.
Which of the following is most likely being performed?

  1. Non-credentialed scan
  2. Packet capture
  3. Privilege escalation
  4. System enumeration
  5. Passive scan

Answer(s): A

Explanation:

A) A non-credentialed scan is correct because it runs without system credentials to assess publicly exposed services, identifying vulnerabilities from an external perspective.
B) Packet capture is unrelated to vulnerability scanning; it records traffic, not system weaknesses.
C) Privilege escalation involves exploiting a weakness to gain higher privileges, not performing external scans.
D) System enumeration would require credentials to list detailed system information; the scenario specifies no system account.
E) Passive scan implies monitoring without active probing; vulnerability scanning typically requires active checks, especially against internet-exposed webservers.


Reference:



A security administrator is hardening corporate systems and applying appropriate mitigations by consulting a real-world knowledge base for adversary behavior.
Which of the following would be best for the administrator to reference?

  1. MITRE ATT&CK
  2. CSIRT
  3. CVSS
  4. SOAR

Answer(s): A

Explanation:

The MITRE ATT&CK framework provides a comprehensive, real-world knowledge base of adversary tactics, techniques, and procedures (TTPs) for understanding and mitigating attacks.
A) MITRE ATT&CK
B) CSIRT is a response team, not a knowledge base of attacker behavior.
C) CVSS rates vulnerability severity, not attacker TTPs.
D) SOAR automates response and orchestration, not the adversary behavior catalog.
Correct answer: A


Reference:



An architect has a request to increase the speed of data transfer using JSON requests externally. Currently, the organization uses SFTP to transfer data files.
Which of the following will most likely meet the requirements?

  1. A website-hosted solution
  2. Cloud shared storage
  3. A secure email solution
  4. Microservices using API

Answer(s): D

Explanation:

A secure API-based microservices architecture using API allows fast, structured JSON data transfer over REST/HTTP with authentication, authorization, and scalable endpoints, meeting the requirement for speed and JSON requests while preserving security.
A) A website-hosted solution is not specifically optimized for programmatic JSON data transfer or secure automated exchanges.
B) Cloud shared storage focuses on file storage access, not JSON-based transfer or APIs.
C) A secure email solution is not designed for high-speed programmatic data exchange or JSON payloads.
D) Microservices using API provides defined interfaces, stateless calls, and scalable throughput suitable for externally consuming JSON requests.



Which of the following addresses individual rights such as the right to be informed, the right of access, and the right to be forgotten?

  1. GDPR
  2. PCI DSS
  3. NIST
  4. ISO

Answer(s): A

Explanation:

GDPR protects individual rights such as the right to be informed, access, and erasure (right to be forgotten).
A) GDPR
B) PCI DSS does not address individual privacy rights; it focuses on payment card data security.
C) NIST provides cybersecurity guidelines, not a rights framework.
D) ISO refers to various standards (e.g., ISO 27001) but GDPR specifically governs data protection and privacy rights in the EU.


Reference:



An administrator is installing an LDAP browser tool in order to view objects in the corporate LDAP directory. Secure connections to the LDAP server are required.
When the browser connects to the server, certificate errors are being displayed, and then the connection is terminated.
Which of the following is the most likely solution?

  1. The administrator should allow SAN certificates in the browser configuration.
  2. The administrator needs to install the server certificate into the local truststore.
  3. The administrator should request that the secure LDAP port be opened to the server.
  4. The administrator needs to increase the TLS version on the organization's RA.

Answer(s): B

Explanation:

A secure LDAP (LDAPS) connection requires the client to trust the server’s certificate. Installing the server certificate into the local truststore ensures the LDAP browser can establish a trusted TLS session without certificate validation errors, preventing termination.
A) Allowing SAN certificates in the browser configuration is not relevant because the issue is trust validation of the server certificate, not SAN handling.
C) Opening a port is not about certificate trust and would not resolve TLS certificate errors.
D) Increasing TLS version on RA (RA? likely CA) is not applicable; the problem is the client does not trust the server’s certificate, not a negotiated TLS protocol version.



Which of the following is the most important security concern when using legacy systems to provide production service?

  1. Instability
  2. Lack of vendor support
  3. Loss of availability
  4. Use of insecure protocols

Answer(s): B

Explanation:

A legacy system used for production raises critical risk from lack of vendor support, making patches, vulnerability disclosures, and timely remediation unavailable, which directly impacts risk management and compliance.
A) Instability can occur but is often mitigated by proper change control; it is not as foundational as support for timely security fixes.
C) Loss of availability is a concern but is typically addressed with redundancy and backups rather than vendor support alone.
D) Use of insecure protocols is a concern, but even if addressed, without vendor support there is no ongoing patching or guidance for secure configuration.


Reference:



A security investigation revealed that malicious software was installed on a server using a server administrator's credentials. During the investigation, the server administrator explained that Telnet was regularly used to log in.
Which of the following most likely occurred?

  1. A spraying attack was used to determine which credentials to use.
  2. A packet capture tool was used to steal the password.
  3. A remote-access Trojan was used to install the malware.
  4. A dictionary attack was used to log in as the server administrator.

Answer(s): B

Explanation:

Telnet usage and credential compromise indicate interception of credentials in transit, making a packet capture tool the most likely method to steal the password.
A) Spraying attack targets many accounts with a few common passwords, not specifically tied to Telnet sessions or a single administrator’s credentials. B) Packet capture can capture unencrypted credentials transmitted over Telnet, enabling the attacker to obtain the password. C) Remote-access Trojan describes malware installed after gaining access, not the credential theft method via Telnet. D) Dictionary attack attempts logins by trial of common passwords; it does not explain credential capture from an active Telnet session.



A user is requesting Telnet access to manage a remote development web server. Insecure protocols are not allowed for use within any environment.
Which of the following should be configured to allow remote access to this server?

  1. HTTPS
  2. SNMPv3
  3. SSH
  4. RDP
  5. SMTP

Answer(s): C

Explanation:

SSH provides encrypted remote command-line access, replacing insecure Telnet for remote server management, which aligns with a policy restricting insecure protocols. A) HTTPS is for web traffic encryption but does not provide shell access. B) SNMPv3 offers secure management but is typically for device monitoring, not interactive remote shell. D) RDP can be encrypted but is a graphical remote desktop protocol, not as secure or appropriate for server management in some environments and may introduce risk. E) SMTP is for email delivery, not remote server administration. Therefore SSH is the correct, secure choice for remote management.


Reference:



Viewing page 9 of 91
Viewing questions 65 - 72 out of 757 questions



Post your Comments and Discuss CompTIA SY0-701 exam dumps with other Community members:

SY0-701 Exam Discussions & Posts

AI Tutor 👋 I’m here to help!