comptia sy0-701 practice test

Question 1

A security analyst locates a potentially malicious video file on a server and needs to identify both the creation date and the files creator. Which of the following actions would most likely give the security analyst the information required?

• A. Obtain the file's SHA-256 hash.
• B. Use hexdump on the file's contents.
• C. Check endpoint logs.
• D. Query the file's metadata.

Question 2

A security analyst is investigating an application server and discovers that software on the server is behaving abnormally. The software normally runs batch jobs locally and does not generate traffic, but the process is now generating outbound traffic over random high ports. Which of the following vulnerabilities has likely been exploited in this software?

• A. Memory injection
• B. Race condition
• C. Side loading
• D. SQL injection

Question 3

Which of the following most impacts an administrators ability to address CVEs discovered on a server?

• A. Rescanning requirements
• B. Patch availability Most Votes
• C. Organizational impact
• D. Risk tolerance

Question 4

Which of the following is the best way to secure an on-site data center against intrusion from an insider?

• A. Bollards
• B. Access badge Most Votes
• C. Motion sensor
• D. Video surveillance

Question 5

An engineer needs to find a solution that creates an added layer of security by preventing unauthorized access to internal company resources. Which of the following would be the best solution?

• A. RDP server
• B. Jump server Most Votes
• C. Proxy server
• D. Hypervisor

Question 6

Which of the following is used to validate a certificate when it is presented to a user?

• A. OCSP Most Votes
• B. CSR
• C. CA
• D. CRC

Question 7

A company is experiencing a web services outage on the public network. The services are up and available but inaccessible. The network logs show a sudden increase in network traffic that is causing the outage. Which of the following attacks is the organization experiencing?

• A. ARP poisoning
• B. Brute force
• C. Buffer overflow
• D. DDoS

Question 8

Which of the following methods would most likely be used to identify legacy systems?

• A. Bug bounty program
• B. Vulnerability scan
• C. Package monitoring
• D. Dynamic analysis

Question 9

HOTSPOT -
You are a security administrator investigating a potential infection on a network.

INSTRUCTIONS -
Click on each host and firewall. Review all logs to determine which host originated the infection and then identify if each remaining host is clean or infected.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Question 10

Which of the following describes an executive team that is meeting in a board room and testing the companys incident response plan?

• A. Continuity of operations
• B. Capacity planning
• C. Tabletop exercise
• D. Parallel processing