CompTIA Security+ SY0-701 - Domain
4.0 Security Operations. Exam
Questions With Correct Answers
A proprietary software remains mission-critical ten years after its in-house creation. The
software requires an exception to the rules as it cannot use the latest in-use operating system
(OS) versio...
A proprietary software remains mission-critical ten years after its in-house creation. The
software requires an exception to the rules as it cannot use the latest in-use operating system
(OS) version. How can the IT department protect this mission-critical software and reduce its
exposure factor? (Select the two best options.) - answer✔✔Network Segmentation &
Compensating Controls
A technology firm's network security specialist notices a sudden increase in unidentified
activities on the firm's Security Information and Event and Management (SIEM) incident
tracking system. An unknown entity or process also increases the number of reported incidents.
The specialist decides to investigate these incidents. Which combination of data sources would
provide a balanced perspective to support the investigation? - answer✔✔System-specific
security logs, which track system-level operations; logs generated by applications running on
hosts; and real-time reports from the SIEM solution, summarizing incidents.
A forensic analyst at an international law enforcement agency investigates a sophisticated cyber-
espionage case. The analyst must uncover the timeline of document interactions, detect
concealed or system-protected files, interpret categories of digital events, and trace digital
breadcrumbs left behind during media uploads on social platforms. What combination of data
sources would provide the MOST comprehensive information for this multifaceted
investigation? - answer✔✔File metadata with extended attributes and network transaction logs
In a medium-sized organization, the IT department manages a wide range of applications
employees use. Recently, the IT security team identified a growing number of security incidents
related to malware infections and unauthorized access to sensitive data. They suspect that certain
applications may be the entry point for these attacks. To mitigate the risks, the team wants to
implement a security measure that isolates applications from the rest of the system to prevent
potential threats from spreading. They aim to achieve this without affecting the overall
performance and usability of the applications. Which security measure should the IT security
team consider implementing to isolate applications from the rest of the system, reduce the impact
of potential security threats, and maintain optimal performance and usability? -
answer✔✔Sandboxing
, EXAM STUDY MATERIALS 8/7/2024 11:29 AM
A company's network has experienced increased infiltration due to employees accessing
dangerous websites from different content categories. The company has decided to enhance its
security by implementing reputation-based filtering and content categorization in its web
filtering system. Which of the following BEST compares these features? -
answer✔✔Reputation-based filtering evaluates sites by past behavior; content categorization
sorts by themes like adult content.
In a medium-sized tech company, employees have different roles and responsibilities requiring
access to specific resources and data. The IT team is implementing security measures to control
access effectively and reduce the risk of unauthorized activities. What security measure could the
IT team implement in the tech company to control access effectively and minimize the risk of
unauthorized activities? - answer✔✔The principle of least privilege to grant employees the
minimum needed access based on job roles
The network administrator of a small business needs to enhance the security of the business's
wireless network. The primary goal is to implement Wi-Fi Protected Access 3 (WPA3) as the
main security measure but recognize the need to adjust other wireless security settings to
effectively complement WPA3 and create a robust network for all employees to access critical
company resources securely. What considerations should the network administrator consider
when implementing WPA3 and adjusting wireless security settings? (Select the two best
options.) - answer✔✔Implementing 802.1X authentication for user devices & Enabling media
access control address filtering to restrict access to authorized devices
An IT auditor is responsible for ensuring compliance with best practice frameworks. The auditor
conducts a compliance scan, using the security content automation protocol (SCAP), to measure
system and configuration settings against a best practice framework. Which XML schema should
the IT auditor use to develop and audit BEST practice configuration checklists and rules? -
answer✔✔Extensible configuration checklist description format
A cyber group is reviewing its web filtering capabilities after a recent breach. Which centralized
web-filtering technique groups websites into categories such as social networking, gambling, and
webmail? - answer✔✔Content categorization
After a breach, an organization implements new multifactor authentication (MFA) protocols.
What MFA philosophy incorporates using a smart card or key fob to support authentication? -
answer✔✔Something you have
An IT admin has been testing a newly released software patch and discovered an exploitable
vulnerability. The manager directs the IT admin to immediately report to Common Vulnerability
Enumeration (CVE), utilizing the common vulnerability scoring system (CVSS) to base the
score for the vulnerability. What could happen if there are delays in completing the report?
(Select the two best options.) - answer✔✔Can lead to delays in remediation & Increase window
of opportunity for attackers
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Brightstars. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.
