CompTIA SY0-701 CompTIA Security+ Certification Exam Exam Practice Test Questions

• Question 1

  An enterprise is trying to limit outbound DNS traffic originating from its internal network. Outbound DNS requests will only be allowed from one device with the IP address 10.50.10.25. Which of the following firewall ACLs will accomplish this goal?

  • Access list outbound permit 0.0.0.0 0 0.0.0.0/0 port 53 Access list outbound deny 10.50.10.25 320.0.0.0/0 port 53
  • Access list outbound permit 0.0.0.0/0 10.50.10.25 32 port 53 Access list outbound deny 0.0.0.0 00.0.0.0/0 port 53
  • Access list outbound permit 0.0.0.0 0 0.0.0.0/0 port 53 Access list outbound deny 0.0.0.0/010.50.10.25 32 port 53
  • Access list outbound permit 10.50.10.25 32 0.0.0.0/0 port 53 Access list outbound deny 0.0.0.0.0.0.0.0.0/0 port 53

  Show Answer Answer: D Next

• Question 2

  A security operations center determines that the malicious activity detected on a server is normal. Which of the following activities describes the act of ignoring detected activity in the future?

  • Tuning
  • Aggregating
  • Quarantining
  • Archiving

  Show Answer Answer: A Next

• Question 3

  Which of the following is the best way to consistently determine on a daily basis whether security settings on servers have been modified?

  • Automation
  • Compliance checklist
  • Attestation
  • Manual audit

  Show Answer Answer: A Next

• Question 4

  A company’s legal department drafted sensitive documents in a SaaS application and wants to ensure the documents cannot be accessed by individuals in high-risk countries. Which of the following is the most effective way to limit this access?

  • Data masking
  • Encryption
  • Geolocation policy
  • Data sovereignty regulation

  Show Answer Answer: C Next

• Question 5

  Which of the following would be best suited for constantly changing environments?

  • RTOS
  • Containers
  • Embedded systems
  • SCADA

  Show Answer Answer: B Next