CompTIA Security+ Exam 2025 Version: Demo [ Total Questions: 10] Web: www.certsout.com Email: support@certsout.com CompTIA SY0-701 IMPORTANT NOTICE Feedback We have developed quality product and state-of-art service to ensure our customers interest. If you have any suggestions, please feel free to contact us at feedback@certsout.com Support If you have any questions about our product, please provide the following items: exam code screenshot of the question login id/email please contact us at and our technical experts will provide support within 24 hours. support@certsout.com Copyright The product of each order has its own encryption code, so you should use it independently. Any unauthorized changes will inflict legal punishment. We reserve the right of final explanation for this statement. CompTIA - SY0-701 Certs Exam 1 of 6 Pass with Valid Exam Questions Pool A. B. C. D. A. B. C. D. Category Breakdown Category Number of Questions Security Program Management and Oversight 1 General Security Concepts 6 Security Operations 1 Threats, Vulnerabilities, and Mitigations 2 TOTAL 10 Question #:1 - [Security Program Management and Oversight] A company expects its provider to ensure servers and networks maintain 97% uptime. Which of the following would most likely list this expectation? BPA MOU NDA SLA Answer: D Explanation An SLA (Service-Level Agreement) defines the expected performance, availability, uptime, response times, and responsibilities between a provider and a client. The requirement in the scenario—“97% uptime”—is a classic example of an SLA metric. Security+ SY0-701 emphasizes that SLAs outline measurable service expectations so the client can assess compliance and performance. A BPA (A) outlines business partnership terms, not performance uptime. An MOU (B) documents mutual understanding but is not legally binding and does not include uptime metrics. An NDA (C) protects confidentiality, not availability or service guarantees. Thus, the correct answer is D: SLA. Question #:2 - [General Security Concepts] An employee receives a text message from an unknown number claiming to be the company's Chief Executive Officer and asking the employee to purchase several gift cards. Which of the following types of attacks does this describe? Vishing Smishing Pretexting CompTIA - SY0-701 Certs Exam 2 of 6 Pass with Valid Exam Questions Pool D. A. B. C. D. Phishing Answer: B Explanation Smishing is a type of phishing attack that uses text messages or common messaging apps to trick victims into clicking on malicious links or providing personal information. The scenario in the question describes a smishing attack that uses pretexting, which is a form of social engineering that involves impersonating someone else to gain trust or access. The unknown number claims to be the company’s CEO and asks the employee to purchase gift cards, which is a common scam tactic. Vishing is a similar type of attack that uses phone calls or voicemails, while phishing is a broader term that covers any email-based attack. References: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 771; Smishing vs. Phishing: Understanding the Differences2 Question #:3 - [Security Operations] The management team wants to assess the cybersecurity team's readiness to respond to a threat scenario. Which of the following will adequately assess and formalize a response within a short time? Send a message to all IT managers and request formal action plans. Create a bug bounty program and assess the findings. Execute a tabletop exercise and document the performance results. Hire an external consultant to independently assess the cybersecurity processes. Answer: C Explanation A tabletop exercise is the most effective way to quickly assess a cybersecurity team’s readiness to respond to a threat scenario. CompTIA Security+ SY0-701 describes tabletop exercises as discussion-based simulations where incident response team members walk through a realistic scenario to evaluate procedures, decision- making, communication, and coordination. These exercises are specifically designed to be conducted in a short timeframe while still providing meaningful insight into preparedness. Executing a tabletop exercise allows management to observe how the team identifies threats, escalates incidents, assigns roles, and follows the incident response plan. Documenting performance results helps formalize findings, identify gaps, and improve playbooks and procedures without the complexity of a live incident or full-scale simulation. Option A is informal and does not test real-time decision-making. Option B focuses on vulnerability discovery, not response readiness. Option D can be effective but is time-consuming and not suited for rapid assessment. Therefore, C: Execute a tabletop exercise and document the performance results is the correct answer. CompTIA - SY0-701 Certs Exam 3 of 6 Pass with Valid Exam Questions Pool A. B. C. D. A. B. C. D. E. F. Question #:4 - [General Security Concepts] Which of the following would be the best way to test resiliency in the event of a primary power failure? Parallel processing Tabletop exercise Simulation testing Production failover Answer: D Question #:5 - [General Security Concepts] A company implemented an MDM policy 10 mitigate risks after repealed instances of employees losing company-provided mobile phones. In several cases. The lost phones were used maliciously to perform social engineering attacks against other employees. Which of the following MDM features should be configured to best address this issue? (Select two). Screen locks Remote wipe Full device encryption Push notifications Application management Geolocation Answer: A B Explanation Integrating each SaaS solution with an Identity Provider (IdP) is the most effective way to address the security issue. This approach allows for Single Sign-On (SSO) capabilities, where users can access multiple SaaS applications with a single set of credentials while maintaining strong password policies across all services. It simplifies the user experience and ensures consistent security enforcement across different SaaS platforms. References = CompTIA Security+ SY0-701 Course Content: Domain 05 Security Program Management and Oversight. CompTIA Security+ SY0-601 Study Guide: Chapter on Identity and Access Management. CompTIA - SY0-701 Certs Exam 4 of 6 Pass with Valid Exam Questions Pool A. B. C. D. A. B. C. D. Question #:6 - [General Security Concepts] An organization implemented cloud-managed IP cameras to monitor building entry points and sensitive areas. The service provider enables direct TCP/IP connection to stream live video footage from each camera. The organization wants to ensure this stream is encrypted and authenticated. Which of the following protocols should be implemented to best meet this objective? SSH SRTP S/MIME PPTP Answer: B Explanation Secure Real-Time Transport Protocol (SRTP) is a security protocol used to encrypt and authenticate the streaming of audio and video over IP networks. It ensures that the video streams from the IP cameras are both encrypted to prevent unauthorized access and authenticated to verify the integrity of the stream, making it the ideal choice for securing video surveillance. References: CompTIA Security+ SY0-701 Course Content: Domain 3: Security Architecture, which includes secure communication protocols like SRTP for protecting data in transit. Question #:7 - [Threats, Vulnerabilities, and Mitigations] An IT team rolls out a new management application that uses a randomly generated MFA token sent to the administrator’s phone. Despite this new MFA precaution, there is a security breach of the same software. Which of the following describes this kind of attack? Smishing Typosquatting Espionage Pretexting Answer: D Explanation Comprehensive and Detailed Explanation From Exact Extract: CompTIA - SY0-701 Certs Exam 5 of 6 Pass with Valid Exam Questions Pool A. B. C. D. A. B. C. D. If MFA is in place yet attackers still breach the system, the compromise most likely resulted from social engineering, specifically pretexting. Pretexting occurs when an attacker fabricates a convincing scenario (a “pretext”) to trick the victim into revealing authentication information, such as OTP codes, MFA prompts, or login details. Even strong MFA cannot prevent an attack when a human is tricked into voluntarily providing the code. Smishing (A) involves fraudulent SMS messages, but no messaging is mentioned in the scenario. Typosquatting (B) involves deceptive URLs that appear similar to legitimate sites and is unrelated to MFA compromise. Espionage (C) refers to stealing sensitive or national-security-related information, not bypassing MFA protections. Security+ SY0-701 details pretexting under Social Engineering Attacks, emphasizing that MFA does not fully mitigate human manipulation. Attackers frequently impersonate IT staff, vendors, or automated systems to convince victims to “verify” or “confirm” credentials. This perfectly matches a breach where MFA was present but still circumvented through deception. Question #:8 - [General Security Concepts] Which of the following describes the procedures a penetration tester must follow while conducting a test? Rules of engagement Rules of acceptance Rules of understanding Rules of execution Answer: A Explanation Detailed Explanation:Rules of engagement specify the agreed-upon boundaries, scope, and procedures for a penetration test to ensure compliance and avoid disruption to the environment. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 4: Security Operations, Section: "Penetration Testing Procedures". Question #:9 - [Threats, Vulnerabilities, and Mitigations] A penetration test identifies that an SMBvl Is enabled on multiple servers across an organization. The organization wants to remediate this vulnerability in the most efficient way possible. Which of the following should the organization use for this purpose? GPO ACL SFTP CompTIA - SY0-701 Certs Exam 6 of 6 Pass with Valid Exam Questions Pool D. A. B. C. D. DLP Answer: A Explanation "Group Policy Objects (GPOs) are a feature of Microsoft Windows Active Directory that allow administrators to centrally manage and configure settings across multiple systems in an efficient manner. When a vulnerability such as SMBv1 (Server Message Block version 1) is identified onmultiple servers, GPOs can be used to disable this outdated and insecure protocol across all affected systems simultaneously. By creating a GPO to enforce a policy that disables SMBv1, the organization can ensure consistent remediation without manually configuring each server individually, making it the most efficient solution for domain-joined environments." Reference:CompTIA Security+ SY0-701 Study Guide, Domain 3.0: Implementation, Section: "Secure System Configuration" (GPOs are covered under centralized management tools for implementing security policies). Explanation:SMBv1 is an outdated and vulnerable protocol that should be disabled to mitigate risks, such as exploitation by attacks like WannaCry. The question emphasizes efficiency across multiple servers. Option A (GPO) allows an organization to push a policy to disable SMBv1 across all servers in an Active Directory environment with minimal effort, making it the most efficient choice. Option B (ACL) refers to Access Control Lists, which manage permissions but aren’t designed for protocol configuration. Option C (SFTP) is a secure file transfer protocol unrelated to SMBv1 remediation. Option D (DLP) focuses on data loss prevention, not protocol vulnerabilities. Thus, A is the correct and most efficient solution. Question #:10 - [General Security Concepts] An employee used a company's billing system to issue fraudulent checks. The administrator is looking for evidence of other occurrences of this activity. Which of the following should the administrator examine? Application logs Vulnerability scanner logs IDS/IPS logs Firewall logs Answer: A About certsout.com certsout.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam Questions, Study Guides, Practice Tests. We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on. View list of all certification exams: All vendors We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed below. Sales: sales@certsout.com Feedback: feedback@certsout.com Support: support@certsout.com Any problems about IT certification or our products, You can write us back and we will get back to you within 24 hours.