SY0-701 CompTIA Security+ Practice Questions

from Codecademy course and Exam Compass

Which security control enforces the inability of a subject to deny that they participated in a digital transaction, agreement, contract, or communication such as an email?

a. Non-repudiation

b. Confidentiality

c. Availability

d. Integrity

a. Non-repudiation

Which security goal controls an attacker's ability to get unauthorized access to data or information from an application or system?

a. Availability

b. Non-repudiation

c. Confidentiality

d. Integrity

c. Confidentiality

What is the process of granting an authenticated entity permission to access a resource or perform a specific function?

a. Authorization

b. Availability

c. Authentication

d. Accounting

a. Authorization

What is one way to enable authentication of non-traditional network endpoints such as smart card readers, HVAC systems, medical equipment, and IP-enabled door locks?

a. Endpoint fingerprinting

b. Packet mode

c. Protected access files

d. Repudiation

a. Endpoint fingerprinting

What is a strict mathematical model where access to resources is determined by the system based on predefined security labels and rules?

a. ABAC

b. DAC

c. RBAC

d. MAC

d. MAC

Which category of controls supports ongoing maintenance, due care, and continual improvement such as conducting tested patch management?

a. Managerial

b. Operational

c. Physical

d. Technical

b. Operational

Which type of security control is made up of mandatory policies and regulations that are in place to maintain consistency and compliance?

a. Preventative

b. Corrective

c. Directive

d. Deterrent

c. Directive

Which of these are common ways to authenticate people?

Choose all options that best answer the question.

a. A password, PIN, or passphrase they know

b. A smart card token or fob that they possess

c. An X.509 device certificate

d. A QR or other code they present on a device

e. A network interface MAC address

f. A biometric attribute

a. A password, PIN, or passphrase they know

b. A smart card token or fob that they possess

d. A QR or other code they present on a device

f. A biometric attribute

What is a comprehensive appraisal that helps organizations determine the difference between the current state of their information security to specific industry requirements guidance and best practices?

a. Gap analysis

b. External audit

c. Security controls assessment

d. Vulnerability assessment

a. Gap analysis

Which are preventative physical security controls?

Choose all options that best answer the question.

a. Fences

b. Signage

c. Gates

d. Mantraps

e. Bollards

f. IDS

a. Fences

b. Signage

c. Gates

d. Mantraps

e. Bollards

Which initiative consists of planned and unplanned downtime (e.g., an outage) and must be considered with technical change management when making modifications or performing migrations?

a. Resiliency

b. Durability

c. Capacity

d. Availability

d. Availability

What is a system (e.g., a web server) or resource that is designed to be attractive to potential attackers and intruders?

a. Honeynet

b. Honeypot

c. Honey file

d. Honey token

b. Honeypot

What is the term for an evolving set of cybersecurity initiatives that move defenses from static, network-based perimeters to focus on users, assets, and resources?

a. Zero trust

b. Trust but verify

c. Transitive trust

d. Zero-day malware

a. Zero trust

What is the methodical approach to handling the transition or modification of an organization's goals, processes, or technologies?

a. Configuration management

b. Change management

c. Problem management

d. Incident management

b. Change management

What is a set of data, tools, utilities, and processes used to support configuration management?

a. CMDB

b. CSP

c. CMS

d. ITSM

c. CMS

What is defined by explicit trust zones, such as data centers, DMZs, and the public Internet?

a. Zero Trust management plane

b. Zero Trust control plane

c. Zero Trust service plane

d. Zero Trust data plane

d. Zero Trust data plane

Which lightning systems are designed for reserve or on-hold use or to supplement permanent systems?

a. Continuous lighting

b. Stand-by lighting

c. Moveable lighting hardware

d. Emergency lighting

b. Stand-by lighting

Samuel was asked to protect a system from a potential attack on DNS. What are the locations he would need to protect?

a. Web server buffer and host DNS server

b. Reply referrer and domain buffer

c. Host table and external DNS server

d. Web browser and browser add-on

c. Host table and external DNS server

What is the difference between a DoS and a DDoS attack?

a. DoS attacks do not use DNS servers as DDoS attacks do.

b. DoS attacks use fewer computers than DDoS attacks.

c. DoS attacks use more memory than DDoS attacks

d. DoS attacks are faster than DDoS attacks.

b. DoS attacks use fewer computers than DDoS attacks.

Which utility sends custom TCP/IP packets?

a. cURL

b. hping

c. shape

d pingpacket

b. hping

Which of the following is a third-party OS penetration testing tool?

a. theHarvester

b. scanless

c. sn1per

d. Nessus

c. sn1per

Margret wants to change a configuration file on his Linux computer. He first wants to display the entire file contents. Which tool would he use?

a. head

b. show

c. display

d. cat

d. cat

A company purchased cyber insurance to address items listed on the risk register.

Which of the following strategies does this represent?

a. Accept

b. Transfer

c. Mitigate

d. Avoid

b. Transfer

Which of the following is the most likely to be used to document risks, responsible parties, and thresholds?

a. Risk tolerance

b. Risk transfer

c. Risk register

d. Risk analysis

c. Risk register

A systems administrator notices that the research and development department is not using the company VPN when accessing various company-related services and systems.

Which of the following scenarios describes this activity?

a. Espionage

b. Data exfiltration

c. Nation-state attack

d. Shadow IT

d. Shadow IT

Which of the following threat vectors is most commonly utilized by insider threat actors attempting data exfiltration?

a. Unidentified removable devices

b. Default network device credentials

c. Spear phishing emails

d. Impersonation of business units through typosquatting

a. Unidentified removable devices

Which of the following agreement types defines the time frame in which a vendor needs to respond?

a. SOW

b. SLA

c. MOA

d. MOU

b. SLA

Which of the following is a feature of a next-generation SIEM system?

a. Virus signatures

b. Automated response actions

c. Security agent deployment

d. Vulnerability scanning

b. Automated response actions

To improve the security at a data center, a security administrator implements a CCTV system and posts several signs about the possibility of being filmed.

Which of the following best describe these types of controls? (Choose two.)

a. Preventive

b. Deterrent

c. Corrective

d. Directive

e. Compensating

f. Detective

b. Deterrent

f. Detective

Which type of encryption involves the process of encoding all user data on a solid-state drive?

a. Full disk encryption

b. File encryption

c. Volume encryption

d. Partition encryption

a. Full disk encryption

Alice wants to send Bob a message with origin authentication. Which scenario would apply?

a. The message will be encrypted with Bob’s public key then decrypted with Bob’s private key

b. The message will be encrypted with Alice’s private key then decrypted with Alice’s public key

c. The message will be encrypted with Alice’s public key then decrypted with Alice’s private key

d. The message will be encrypted with Bob’s private key then decrypted with Bob’s public key

b. The message will be encrypted with Alice’s private key then decrypted with Alice’s public key

What is often a separate chip on the motherboard (TPM 2.0) that allows manufacturers to build the capability into their chipsets rather than requiring a separate chip?

a. Full disk encryption

b. Key management service

c. Trusted platform module

d. Hardware security module

c. Trusted platform module

Which is a common symmetric key block cipher?

Choose all options that best answer the question.

a. RSA

b. 3DES-EDE

c. ECDSA

d. Blowfish

e. AES-GCM

f. AES-CBC

b. 3DES-EDE

d. Blowfish

e. AES-GCM

f. AES-CBC

What is a distributed database that leverages a constantly growing list of ordered records called blocks for asset transfer ledgers, cryptocurrencies, tokens, and smart contracts?

a. Blockchain

b. Steganography

c. Counter block chaining

d. Tokenization

a. Blockchain

Which is a scalable way to bind a public key with an entity identity and offer revocation services?

a. Hashed message authentication

b. Diffie-Hellman key exchange

c. Digital signing services

d. Public key infrastructure

d. Public key infrastructure

What is the technique of adding pseudorandom data to a cryptographic hash function to make it less deterministic for cracking tools?

a. Hashing

b. Collisions

c. Encryption

d. Salting

d. Salting

Which algorithm uses smaller key spaces while offering superior strength for mobile devices and IoT with limited memory and processing power?

a. SHA-384

b. Elliptic curve

c. RSA key exchange

d. Diffie-Helman key exchange

b. Elliptic curve

Which is a scalable mechanism for providing authenticity, integrity, and non-repudiation using random public/private key pairs?

a. Digital signature

b. HMAC

c. Diffie-Hellman

d. RSA

a. Digital signature

Which attack forces an end user to perform undesirable actions in a web application in which they are authenticated?

a. CSRF/XSRF

b. XSS

c. DDoS

d. SQLi

a. CSRF/XSRF

Which of these technologies contributes to unsecure removable drives?

a. USB

b. TPM

c. HDD

d. SSD

a. USB

Which document offers organizations with an up-to-date, expert-informed understanding of cloud security issues so that educated risk-management decisions can be made concerning cloud adoption strategies?

a. OWASP API Top Ten

b. ITIL4 Management Practices

c. CSA Treacherous 12

d. CIS Top 12

c. CSA Treacherous 12

What is a form of attack that targets companies who outsource, conduct wire transfers, and process invoices - often abroad?

a. Spoofing

b. BEC

c. DDoS

d. Pharming

b. BEC

Which type of attack involves sending a larger than expected input to a front-end web server that accepts it and overwrites memory areas?

a. Cross-site scripting

b. DLL injection

c. Buffer overflow

d. Race condition

c. Buffer overflow

What is the act of exploiting the flaws of a locked-down iPhone to install software other than what the manufacturer has made available for that device?

a. Sideloading

b. MDM

c. Rooting

d. Jailbreaking

d. Jailbreaking

Which term describes software that is embedded within hardware devices and provides low-level control and functionality?

a. Middleware

b. Firmware

c. Ghost IT

d. Shadow IT

b. Firmware

Which type of threat actor is responsible for attacks such as DDoS, ransomware, hijacking, and web site defacing to raise awareness or protest for a cause?

a. Hacktivist

b. Crime syndicate

c. Script kiddie

d. State-based

a. Hacktivist

Which are valid threat actor motivations?

Choose all options that best answer the question.

a. Revenge

b. Extortion

c. Political activism

d. Corporate goodwill

e. Financial gain

f. Borrowing costs

a. Revenge

b. Extortion

c. Political activism

e. Financial gain

What is a powerful countermeasure to supply chain vulnerabilities?

a. Trust but verify

b. Bidirectional trust

c. Transitive trust

d. Zero trust

d. Zero trust

Which is a type of brute force attack where the attacker slowly performs brute force logins based on a list of usernames with default passwords on the application?

a. Downgrade

b. Spraying

c. Spoofing

d. Brute force

b. Spraying

Which physical attack uses devices that overlay an ATM machine or point-of-sale scanner to steal the information from the victim?

a. Skimming

b. Spoofing

c. Brute force

d. RFID cloning

a. Skimming

Which of these would be considered an indicator of compromise?

Choose all options that best answer the question.

a. Concurrent session usage

b. Successful logins

c. Impossible travel

d. Blocked content

e. Logging to a SIEM system

f. High resource consumption

a. Concurrent session usage

c. Impossible travel

d. Blocked content

f. High resource consumption

Which type of attack leverages a scenario when two different inputs can produce the same fingerprint or digest?

a. Collision

b. Downgrade

c. Side channel

d. Brute force

a. Collision

Which common form of DDoS attack involves a network of zombie systems and a master command and control (C&C) server to remotely control the victims?

a. Extranet attack

b. Botnet attack

c. Cache Poisoning attack

d. Amplification attack

b. Botnet attack

Which popular form of malware encrypts key files and captures them until the victim pays the attackers in Bitcoin?

a. Bloatware

b. Spyware

c. Ransomware

d. Firmware

c. Ransomware

Which form of application attack changes a program’s execution path and overwrites elements of its memory, which amends the program’s execution path to damage existing files or expose data?

a. Directory traversal attack

b. Credential replay

c. Buffer overflow

d. Replay attacks

c. Buffer overflow

Which are terms that can be considered synonymous with segmentation?

Choose all options that best answer the question.

a. Zoning

b. Segregation

c. Partitioning

d. Isolation

e. Multicasting

f. Security grouping

a. Zoning

b. Segregation

c. Partitioning

d. Isolation

Which Linux command would one use to modify a file and directory permission?

a. touch

b. chmod

c. mkdir

d. sudo

b. chmod

Which practices contribute to system hardening?

Choose all options that best answer the question.

a. Utilizing password less solutions

b. Opening all TCP and UDP ports

c. Implementing forced vacations

d. Removing all unnecessary and unauthorized software

e. Disabling all auto-configure features

f. Replacing all default passwords with strong credentials

a. Utilizing password less solutions

d. Removing all unnecessary and unauthorized software

e. Disabling all auto-configure features

f. Replacing all default passwords with strong credentials

What is the principle that users and programs should only have the necessary privileges to complete their tasks?

a. Dual operator

b. Mediated access

c. Least privilege

d. Separation of duties

c. Least privilege

What is a common location to collect and send automated monitoring visibility and sending feeds?

a. Security operations center

b. Demilitarized zone

c. Proxy server

d. Firewall appliance

a. Security operations center

Which security practice involves monitoring for uncommon or even risky behavior of outgoing staff members?

a. Proofing

b. Decommissioning

c. Downgrading

d. Onboarding

b. Decommissioning

What is a set of data, tools, utilities, and processes used to support configuration management?

a. CMS

b. SQL

c. DNS

d. CSV

a. CMS

Which security service helps protect private information, sensitive data, and can enhance the security of communication between client apps and servers?

a. Hashing

b. Spraying

c. Encrypting

d. Spoofing

c. Encrypting

Which are valid examples of serverless technologies?

Choose all options that best answer the question.

a. Databases

b. Controllers

c. Bastion hosts

d. Switches

e. Containers

f. Functions

a. Databases

c. Bastion hosts

e. Containers

f. Functions

Which metric specifically refers to long-term data protection where the stored data does not suffer from bit rot, degradation, or other corruption?

a. Durability

b. Availability

c. Capacity

d. Resiliency

a. Durability

What is a discrete environment within an operating system (or a serverless architecture) where one or more applications can run that is typically assigned all the resources and dependencies needed to function?

a. Controllers

b. Partitions

c. Containers

d. Functions

c. Containers

In the cloud computing shared responsibility model (SRM) which service type does the provider bear the LEAST responsibility?

a. PaaS

b. SaaS

c. IaaS

d. DBaaS

c. IaaS

Which is a framework intended to make a network more flexible and easier to centrally manage by abstracting the control plane from the data forwarding function in the different networking devices?

a. GCP

b. SDN

c. CSP

d. AWS

b. SDN

In which type of network system does each node make its own decision and the final behavior of the system is the aggregate of the decisions of each individual node or host?

a. Decentralized design

b. Centralized design

c. Air gapped design

d. Software defined design

a. Decentralized design

Which are common examples of SCADA systems?

Choose all options that best answer the question.

a. Traffic and mass transit

b. Power grid

c. KVM datacenter systems

d. Fire detection and suppression

e. Water management

f. Facility and manufacturing control

a. Traffic and mass transit

b. Power grid

e. Water management

f. Facility and manufacturing control

Which type of hypervisor is also referred to as “native” or “bare metal”?

a. Type I

b. Type II

c. Type III

d. Type IV

a. Type I

Which term describes the provisioning and operations of infrastructure using configuration files that contain the infrastructure specifications instead of by manual processes?

a. Managed security service provision

b. Hybrid cloud deployment

c. Infrastructure-as-code

d. Platform-as-a-service

c. Infrastructure-as-code

Which acronym refers to the collective network of connected devices and the technology that facilitates communication between devices and the cloud, as well as between the devices themselves?

a. IoT

b. SaaS

c. IaC

d. IaaS

a. IoT

What is the preferred security solution to support mobile devices, embedded components and IoT?

a. Elliptic curves

b. mutual TLS

c. Software defined networking

d. Electronic codebooks

a. Elliptic curves

Which IPsec protocol has two phases and two separate security associations?

a. IKEv1

b. ESP

c. IKEv2

d. AH

a. IKEv1

Which actions can an intrusion detection service perform?

Choose all options that best answer the question.

a. Verbose dumps

b. Alerts and alarms

c. Drop packets inline

d. SNMP traps

e. Block attacker address inline

f. TCP resets

a. Verbose dumps

b. Alerts and alarms

d. SNMP traps

f. TCP resets

Which service offers multiple security features and services on a single network device to protect email, webmail, fax, voice, conferencing, streaming, peer-to-peer file transfer services and more?

a. ACL

b. SDP

c. VPN

d. UTM

d. UTM

Which term describes all possible attack vectors that a threat actor can leverage to access a system and extract data?

a. Kill chain

b. Attack surface

c. Restricted zone

d. Indicator of compromise

b. Attack surface

What is an architecture that delivers converged network and security as a service capabilities such as secure web gateways, cloud access security brokers, firewall as-a-service, and zero-trust network access (ZTNA)?

a. SASE

b. SD-MAN

c. TLS

d. SMTP

a. SASE

What is the most ubiquitous certificate-based peer authentication in use on the Internet (HTTPS)?

a. TLS

b. SDN

c. IPsec

d. SSL

a. TLS

Which assigned port number is used for HTTPS?

a, 563

b. 465

c. 443

d. 990

c. 443

What is the most stringent privacy and security law in the world drafted and passed by the European Union (EU)?

a. HITECH

b. GLBA

c. GDPR

d. PCI-DSS

c. GDPR

Which type of data is temporarily in computer memory or Redis cache waiting to be read or updated?

a. Data at rest

b. Data in transit

c. Data in storage

d. Data in use

d. Data in use

Which algorithm is most commonly used to protect data at rest?

a. AES

b. DHKE

c. TLS

d. 3DES

a. AES

What is any representation of data that allows the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means?

a. Regulated data

b. Personal health information

c. Personally identifiable information

d. Intellectual property

c. Personally identifiable information

In which data lifecycle phase is data typically placed onto a volume (block), object (blob), file system, or into one of several types of databases?

a. Create

b. Share

c. Use

d. Store

d. Store

What is a process of dividing and organizing data and information into defined groups to enable handling, labeling, sorting, viewing, and securing?

a. Tokenization

b. Segmentation

c. Encryption

d. Compartmentalization

b. Segmentation

Which data obfuscation technique involves sending sensitive data through an API call (or batch file) to a system that replaces the data with non-sensitive, pseudorandom placeholders?

a. Obscuring

b. Encryption

c. Data mapping

d. Tokenization

d. Tokenization

Which type of corporate data classification applies to information limited to employees only and often has different security requirements that affect who can access it and how it can be used?

a. Confidential

b. Top secret

c. Internal

d. Public

c. Internal

Which technology, widely used in data center, manufacturing and cloud services industries, is a technique for analyzing how much production capacity organizations need to meet consumer demand?

a. Availability management

b. Tabletop planning

c. Capacity planning

d. Deployment planning

c. Capacity planning

Which business impact metric measures the average time needed to repair or replace a failed system or module?

a. MTBF

b. MAC

c. MTD

d. MTTR

d. MTTR

Which technology solution is designed to be a redundant set of service functionalities based on active-standby or active-active deployments of two or more components or systems?

a. Load balancing

b. Segmenting

c. Clustering

d. Target grouping

c. Clustering

What are planned power outages, usually implemented in areas with unstable grids or with infrastructure that cannot handle the population it serves?

a. Permanent faults

b. Brownouts

c. Rolling blackouts

d. Interruptible power

c. Rolling blackouts

Which disaster recovery testing solution involves completely shutting down operations at the primary site to completely emulate the disaster and use the recovery site solution?

a. Parallel test

b. Full interruption test

c. Walkthrough test

d. Simulation test

b. Full interruption test

Which of these disaster recovery site solutions is the cheapest and slowest option?

a. Reciprocal cold site

b. Warm site

c. Mobile site

d. Cloud site

a. Reciprocal cold site

Which type of backup is an immediate point-in-time virtual copy of the source data where the time to backup does not increase with amount of data?

a. Differential

b. Snapshot

c. Full

d. Incremental

b. Snapshot

Which stage of the asset management process often involves the ongoing enumeration and tracking of all physical and logical assets typically leveraging SIEM and SOAR systems?

a. Sanitization/certification

b. Retention/destruction

c. Monitoring/tracking

d. Acquisition/procurement

c. Monitoring/tracking

Which specific tool generates a color-coded graphical representation of different wireless metrics such as signal strength, signal-to-noise ratio levels (SNR), and interference in different areas?

a. Wireless access point

b. Wireless heat map

c. Wireless gateway

d. Wireless packet sniffer

b. Wireless heat map

Which application testing methodology is commonly defined as a clear-box or “know all” test, where an analysis of the application source code, byte code, and binaries is carried out by the application test without executing the code?

a. SAST

b. DAST

c. DQ

d. PQ

a. SAST

Which mobile device provisioning model will a company typically give the employees devices that are provisioned from vendors and cellular providers without end-user input that users can then handle as if they were their own?

a. CYOD

b. CMDB

c. COPE

d. BYOD

c. COPE