Practice set
Security+ SY0-701 questions
Question 1mediummultiple choice
Full question →A backup server encrypts large nightly database exports before sending them to an offsite storage system. The organization has already arranged a secure way to share the secret key between the systems, and performance is a concern because the files are very large. Which encryption approach is the best fit?
Question 2hardmulti select
Full question →A baseline review found that standard developer accounts are local administrators, unsigned tools can run from user profile folders, and reimaged systems still end up with unauthorized persistence. Which two changes best improve hardening while preserving developer work? Select two.
Question 3mediummultiple choice
Full question →A billing application has an RTO of 2 hours and an RPO of 30 minutes. The current recovery method requires rebuilding the VM from scratch and then restoring last night's backup, which takes over six hours. Which solution best meets the stated recovery objectives?
Question 4easymulti select
Full question →A branch office has users, finance workstations, and printers on the same LAN. Management wants finance devices isolated from general users while still allowing approved printing and internet access. Which two changes best meet this goal? Select two.
Question 5mediummultiple choice
Full question →A branch office has users, finance workstations, printers, and IP phones on one flat network. The security team wants to reduce lateral movement if one user PC is compromised, but printers still need to receive print jobs from users. What is the best design change?
Question 6mediummultiple choice
Full question →A branch office has users, finance workstations, printers, and IP phones on one flat LAN. After a malware outbreak on a user PC, management wants to limit lateral movement without blocking printing or voice traffic. What should the network team implement?
Question 7easymultiple choice
Full question →A branch office loses power briefly several times each month. Which control best helps keep network equipment running long enough for an orderly shutdown?
Question 8mediummultiple choice
Full question →A branch office needs to send a confidential design document to headquarters over an untrusted network. Headquarters already has the public/private key pair available for document exchange. Which method is most appropriate to keep the file confidential during transit without first sharing a secret key?
Question 9hardmulti select
Full question →A branch office reports intermittent failures reaching internal sites. DHCP logs show clients receiving leases from an unknown MAC address, and DNS responses for intranet.example resolve to an address owned by the same device. Which two attacks best match the evidence? Select two.
Question 10mediummultiple choice
Full question →A branch office's network closet has repeated unauthorized access issues after staff badge in and hold the door for others. Management wants a control that allows one person through after valid badge use and helps prevent tailgating. Which control is best?
Question 11mediummultiple choice
Full question →A branch office stores nightly backups on a NAS that is joined to the same Active Directory domain as the production servers. After a ransomware incident, management wants a backup design that is much harder for attackers to encrypt or delete. Which approach is the best improvement?
Question 12mediummultiple choice
Full question →A branch office uses a flat LAN, and a compromise on one user workstation could spread quickly to finance systems. Management wants finance workstations isolated from general users, but finance staff still need access to a central finance application and network printer. What is the best design change?
Question 13mediummultiple choice
Full question →A branch office uses a NAS for nightly backups, but the NAS is joined to the same domain as the production servers. After ransomware encrypted both production data and backups, management wants the most effective change to reduce the chance of backup tampering without a major redesign. Which control should be implemented?
Question 14mediummultiple choice
Full question →A business-critical internal reporting portal is exposed to all employees. A scan finds a high-severity vulnerability, but the vendor says a fix will not be available for 30 days. The application is only used by finance once a month, and the business can tolerate a brief outage if needed. Which risk treatment is the BEST immediate action?
Question 15mediummultiple choice
Full question →A business owner asks the security team to compare the cost of two controls for a legacy application in dollar terms. The team estimates the annual chance of a breach, the potential loss per event, and the expected yearly loss after each control is applied. Which risk analysis approach is being used?
Question 16mediummultiple choice
Full question →A business owner asks whether to proceed with a medium-risk issue on an internal reporting system. The vulnerability is unlikely to be exploited because the system is reachable only from a segmented admin network, and no sensitive data is stored there. The owner wants to postpone remediation until the next planned upgrade window. Which risk treatment is being chosen?
Question 17mediummulti select
Full question →A business unit asks for a 30-day exception to use an unsupported browser plug-in on two engineering workstations while a replacement is tested. Which three conditions should be required before approval? Select three.
Question 18mediummultiple choice
Full question →A business unit is worried about the financial impact of a rare but severe data center outage. After reviewing the risk register, leadership decides to purchase cyber insurance and document the remaining exposure rather than redesign the entire platform. Which risk treatment is this?
Question 19easymulti select
Full question →A business unit keeps a low-priority legacy tool but adds extra monitoring and patching. The company also buys cyber insurance to reduce the financial effect of a loss. Which two risk treatment strategies are being used? Select two.
Question 20mediummulti select
Full question →A business unit wants to keep using a customer portal even though a low-likelihood, high-impact dependency risk was identified. Leadership does not want to stop the service, but it does want to lower exposure and formally document the remaining risk. Which two actions best fit that approach? Select two.
Question 21easymultiple choice
Full question →A business wants to keep operating even if a supplier-related loss occurs, so it purchases cyber insurance to offset possible costs. Which risk treatment is being used?
Question 22mediummultiple choice
Full question →A caller claims to be from the company's SaaS provider and says a tenant migration will fail unless the help desk reads back a one-time verification code sent to an administrator's phone. The caller knows the admin's name and ticket number. What attack technique is being used?
Question 23easymultiple choice
Full question →A caller says they are from IT support and asks a user to read back the one-time MFA code that just arrived on their phone. What type of attack is this most likely?
Question 24easymultiple choice
Full question →