Security+ (SY0-701) Practice Questions

Security+ (SY0-701) Practice Questions Flashcards

Which of the following is a technical control?

Firewalls

What is the main purpose of a deterrent control?

Discourage an intrusion attempt

Which control type is applied after an event to reduce its impact?

Corrective

Which of these is an example of a compensating control?

Firewall blocks a vulnerable app

What type of control instructs users toward secure behavior?

Directive

What does the 'I' in the CIA triad stand for?

Integrity

Which of the following best helps ensure confidentiality?

Encryption

Which technique verifies data integrity?

Digital signatures

What supports the availability principle of the CIA triad?

Redundancy and fault tolerance

What does non-repudiation ensure?

That a person cannot deny their actions

What cryptographic function is used to verify integrity in non-repudiation?

Hashing

How is a digital signature created?

Encrypting the hash with a private key

What part of AAA is responsible for tracking logins and resource usage?

Accounting

Which of the following is used to authenticate devices in a network securely?

Certificate

Why is an authorization model used?

To simplify access management

What does a gap analysis identify?

The difference between current and desired security posture

Which of the following is a formal standard used in gap analysis?

ISO/IEC 27001

What is the final step in a gap analysis?

Write the formal report

What is the primary principle behind Zero Trust security?

Nothing is trusted by default

Which component evaluates access decisions in a Zero Trust architecture?

Policy Engine

What role does the Policy Enforcement Point (PEP) play?

Grants or denies access based on policy

What is the purpose of using security zones in Zero Trust?

Define trusted and untrusted boundaries

What is the function of a bollard?

Block vehicle access

What type of sensor detects motion using reflected ultrasonic waves?

Ultrasonic sensor

Which physical security control replaces or supports guards with automated visual monitoring?

CCTV

What is the purpose of an access control vestibule?

Prevent unauthorized multi-person entry

What is the purpose of a honeypot?

Attract and analyze attacker behavior

What are honeyfiles typically used for?

Trap attackers accessing fake documents

What makes a honeytoken useful in threat tracking?

It alerts when accessed

What is the first step in a typical change management approval process?

Complete a change request

Who is responsible for overseeing a change but not performing it?

Owner

Whats the purpose of an impact analysis in change management?

Assess the risks and effects of a change

What does a backout plan ensure?

Allows a return to original state after failure

What is an allow list used for?

Permit only approved applications

Which activity would be considered a restricted action without proper scope?

Updating an unrelated system during a change

Why is sandbox testing used before a major change?

It simulates real-world deployment safely