New Year Special Sale Limited Time 70% Discount Offer - Ends in 1d 3h 40m 4s - Coupon code: scxmas70

SY0-701 Exam Dumps - CompTIA Security+ Exam 2024

Go to page:
Question # 49

Which of the following is used to quantitatively measure the criticality of a vulnerability?

A.

CVE

B.

CVSS

C.

CIA

D.

CERT

Full Access
Question # 50

A technician needs to apply a high-priority patch to a production system. Which of the following steps should be taken first?

A.

Air gap the system.

B.

Move the system to a different network segment.

C.

Create a change control request.

D.

Apply the patch to the system.

Full Access
Question # 51

A company recently decided to allow employees to work remotely. The company wants to protect us data without using a VPN. Which of the following technologies should the company Implement?

A.

Secure web gateway

B.

Virtual private cloud end point

C.

Deep packet Inspection

D.

Next-gene ration firewall

Full Access
Question # 52

A company has begun labeling all laptops with asset inventory stickers and associating them with employee IDs. Which of the following security benefits do these actions provide? (Choose two.)

A.

If a security incident occurs on the device, the correct employee can be notified.

B.

The security team will be able to send user awareness training to the appropriate device.

C.

Users can be mapped to their devices when configuring software MFA tokens.

D.

User-based firewall policies can be correctly targeted to the appropriate laptops.

E.

When conducting penetration testing, the security team will be able to target the desired laptops.

F.

Company data can be accounted for when the employee leaves the organization.

Full Access
Question # 53

A security analyst finds a rogue device during a monthly audit of current endpoint assets that are connected to the network. The corporate network utilizes 002.1X for access control. To be allowed on the network, a device must have a Known hardware address, and a valid user name and password must be entered in a captive portal. The following is the audit report:

Which of the following is the most likely way a rogue device was allowed to connect?

A.

A user performed a MAC cloning attack with a personal device.

B.

A DMCP failure caused an incorrect IP address to be distributed

C.

An administrator bypassed the security controls for testing.

D.

DNS hijacking let an attacker intercept the captive portal traffic.

Full Access
Question # 54

An administrator is Investigating an incident and discovers several users’ computers were Infected with malware after viewing files mat were shared with them. The administrator discovers no degraded performance in the infected machines and an examination of the log files does not show excessive failed logins. Which of the following attacks Is most likely the cause of the malware?

A.

Malicious flash drive

B.

Remote access Trojan

C.

Brute-forced password

D.

Cryptojacking

Full Access
Question # 55

A company wants to get alerts when others are researching and doing reconnaissance on the company One approach would be to host a part of the Infrastructure online with known vulnerabilities that would appear to be company assets. Which of the following describes this approach?

A.

Watering hole

B.

Bug bounty

C.

DNS sinkhole

D.

Honeypot

Full Access
Question # 56

Which of the following is a reason why a forensic specialist would create a plan to preserve data after an modem and prioritize the sequence for performing forensic analysis?

A.

Order of volatility

B.

Preservation of event logs

C.

Chain of custody

D.

Compliance with legal hold

Full Access
Go to page: