최신 SY0-701 무료덤프 - CompTIA Security+ Certification

문제1

Malware spread across a company's network after an employee visited a compromised industry blog. Which of the following best describes this type of attack?

A. Disinformation

B. Watering-hole

C. Smishing

D. Impersonation

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제2

Local guidelines require that all information systems meet a minimum security baseline to be compliant. Which of the following can security administrators use to assess their system configurations against the baseline?

A. Risk management framework

B. Benchmarks

C. SOAR playbook

D. Security control matrix

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제3

An administrator must replace an expired SSL certificate. Which of the following does the administrator need to create the new SSL certificate?

A. OCSP

B. CSR

C. CRL

D. Key

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제4

An analyst is evaluating the implementation of Zero Trust principles within the data plane. Which of the following would be most relevant for the analyst to evaluate?

A. Secured zones

B. Subject role

C. Threat scope reduction

D. Adaptive identity

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제5

A network manager wants to protect the company's VPN by implementing multifactor authentication that uses:
- Something you know
- Something you have
- Something you are
Which of the following would accomplish the manager's goal?

A. Password, authentication token, thumbprint

B. Domain name, PKI, GeolP lookup

C. Company URL, TLS certificate, home address

D. VPN IP address, company ID, facial structure

정답: A

문제6

A visitor plugs a laptop into a network jack in the lobby and is able to connect to the company's network. Which of the following should be configured on the existing network infrastructure to best prevent this activity?

A. Web application firewall

B. Transport layer security

C. Virtual private network

D. Port security

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제7

A security practitioner completes a vulnerability assessment on a company's network and finds several vulnerabilities, which the operations team remediates. Which of the following should be done next?

A. Rescan the network.

B. Submit a report.

C. Conduct an audit.

D. Initiate a penetration test.

정답: A

문제8

The security team at a large global company needs to reduce the cost of storing data used for performing investigations. Which of the following types of data should have its retention length reduced?

A. OS security logs

B. Vulnerability scan

C. Endpoint logs

D. Packet capture

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제9

During an investigation, an incident response team attempts to understand the source of an incident. Which of the following incident response activities describes this process?

A. Lessons learned

B. Analysis

C. Detection

D. Containment

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제10

A security manager is implementing MFA and patch management. Which of the following would best describe the control type and category? (Select two).

A. Managerial

B. Technical

C. Preventative

D. Administrator

E. Physical

F. Detective

정답: B,C

설명: (DumpTOP 회원만 볼 수 있음)

문제11

Cadets speaking a foreign language are using company phone numbers to make unsolicited phone calls lo a partner organization. A security analyst validates through phone system logs that the calls are occurring and the numbers are not being spoofed. Which of the following is the most likely explanation?

A. The company's SIP server security settings are weak.

B. The service provider has assigned multiple companies the same numbers

C. The executive team is traveling internationally and trying to avoid roaming charges

D. Disgruntled employees are making calls to the partner organization.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제12

After a company was compromised, customers initiated a lawsuit. The company's attorneys have requested that the security team initiate a legal hold in response to the lawsuit. Which of the following describes the action the security team will most likely be required to take?

A. Retain any communications between security members during the breach response.

B. Retain any communications related to the security breach until further notice.

C. Retain the emails between the security team and affected customers for 30 days.

D. Retain all emails from the company to affected customers for an indefinite period of time.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제13

Which of the following security measures is required when using a cloud-based platform for IoT management?

A. Encrypted connection

B. Single sign-on

C. Firewall

D. Federated identity

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제14

After a security incident, a systems administrator asks the company to buy a NAC platform.
Which of the following attack surfaces is the systems administrator trying to protect?

A. SCADA

B. Bluetooth

C. NFC

D. Wired

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제15

A company is implementing a vendor's security tool in the cloud. The security director does not want to manage users and passwords specific to this tool but would rather utilize the company's standard user directory. Which of the following should the company implement?

A. RADIUS

B. SAML

C. 802.1X

D. CHAP

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제16

Which of the following is the most important security concern when using legacy systems to provide production service?

A. Instability

B. Lack of vendor support

C. Loss of availability

D. Use of insecure protocols

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제17

An enterprise is trying to limit outbound DNS traffic originating from its internal network. Outbound DNS requests will only be allowed from one device with the IP address 10.50.10.25. Which of the following firewall ACLs will accomplish this goal?

A. Access list outbound permit 10.50.10.25 32 0.0.0.0/0 port 53
Access list outbound deny 0.0.0.0.0.0.0.0.0/0 port 53

B. Access list outbound permit 0.0.0.0 0 0.0.0.0/0 port 53
Access list outbound deny 10.50.10.25 32 0.0.0.0/0 port 53

C. Access list outbound permit 0.0.0.0/0 10.50.10.25 32 port 53
Access list outbound deny 0.0.0.0 0 0.0.0.0/0 port 53

D. Access list outbound permit 0.0.0.0 0 0.0.0.0/0 port 53
Access list outbound deny 0.0.0.0/0 10.50.10.25 32 port 53

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제18

An organization has too many variations of a single operating system and needs to standardize the arrangement prior to pushing the system image to users. Which of the following should the organization implement first?

A. Standard naming convention

B. Baseline configuration

C. Mashing

D. Network diagrams

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제19

A security team is addressing a risk associated with the attack surface of the organization's web application over port 443. Currently, no advanced network security capabilities are in place.
Which of the following would be best to set up? (Choose two.)

A. NIDS

B. SIEM

C. HIPS

D. WAF

E. Honeypot

F. Certificate revocation list

정답: A,D

설명: (DumpTOP 회원만 볼 수 있음)

최신 SY0-701 무료덤프 - CompTIA Security+ Certification

우리와 연락하기

유용한 링크

최신 업데이트