SY0-701 Exam - CompTIA Security+ Practice Questions
102 Questions
4 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which of the following is the most likely to be used to document risks, responsible parties, and thresholds?

  • Risk analysis
  • Risk tolerance
  • Risk register (correct)
  • Risk transfer
  • Which of the following should a security administrator adhere to when setting up a new set of firewall rules?

  • Change management procedure (correct)
  • Disaster recovery plan
  • Incident response procedure
  • Business continuity plan
  • A company is compensating researchers based on vulnerabilities discovered in its internet-facing application. What type of program is this?

  • Open-source intelligence
  • Red team
  • Bug bounty (correct)
  • Penetration testing
  • Which of the following threat actors is the most likely to use large financial resources to attack critical systems located in other countries?

    <p>Nation-state</p> Signup and view all the answers

    Which of the following enables the use of an input field to run commands that can view or manipulate data?

    <p>SQL injection</p> Signup and view all the answers

    Employees in the research and development business unit receive extensive training to ensure they understand how to best protect company data. What type of data are these employees most likely to use in day-to-day work activities?

    <p>Intellectual property</p> Signup and view all the answers

    Which of the following is the best reason to complete an audit in a banking environment?

    <p>Regulatory requirement</p> Signup and view all the answers

    A company decided to reduce the cost of its annual cyber insurance policy by removing the coverage for ransomware attacks. Which of the following analysis elements did the company most likely use in making this decision?

    <p>ARO</p> Signup and view all the answers

    Which of the following is the most likely to be included as an element of communication in a security awareness program?

    <p>Reporting phishing attempts or other suspicious activities</p> Signup and view all the answers

    Which of the following is the phase in the incident response process when a security analyst reviews roles and responsibilities?

    <p>Preparation</p> Signup and view all the answers

    After a recent vulnerability scan, a security engineer needs to harden the routers within the corporate network. Which of the following is the most appropriate to disable?

    <p>Web-based administration</p> Signup and view all the answers

    A security administrator needs a method to secure data in an environment that includes some form of checks to track any changes. Which of the following should the administrator set up to achieve this goal?

    <p>FIM</p> Signup and view all the answers

    An administrator is reviewing a single server's security logs and discovers the following: '$Failed password audit$'. Which of the following best describes the action captured in this log entry?

    <p>Brute-force attack</p> Signup and view all the answers

    An enterprise has been experiencing attacks focused on exploiting vulnerabilities in older browser versions with well-known exploits. Which of the following security solutions should be configured to best provide the ability to monitor and block these known signature-based attacks?

    <p>IPS</p> Signup and view all the answers

    A security analyst scans a company's public network and discovers a host is running a remote desktop that can be used to access the production network. Which of the following changes should the security analyst recommend?

    <p>Setting up a VPN and placing the jump server inside the firewall</p> Signup and view all the answers

    A security engineer is implementing FDE for all laptops in an organization. Which of the following are the most important for the engineer to consider as part of the planning process? (Choose two.)

    <p>Key escrow</p> Signup and view all the answers

    Which of the following describes the reason root cause analysis should be conducted as part of incident response?

    <p>To prevent future incidents of the same nature</p> Signup and view all the answers

    Which of the following is the most likely outcome if a large bank fails an internal PCI DSS compliance assessment?

    <p>Fines</p> Signup and view all the answers

    A company is developing a business continuity strategy and needs to determine how many staff members would be required to sustain the business in the case of a disruption. Which of the following best describes this step?

    <p>Capacity planning</p> Signup and view all the answers

    A company’s legal department drafted sensitive documents in a SaaS application and wants to ensure the documents cannot be accessed by individuals in high-risk countries. Which of the following is the most effective way to limit this access?

    <p>Geolocation policy</p> Signup and view all the answers

    Which of the following is a hardware-specific vulnerability?

    <p>Firmware version</p> Signup and view all the answers

    While troubleshooting a firewall configuration, a technician determines that a 'deny any' policy should be added to the bottom of the ACL. The technician updates the policy, but the new policy causes several company servers to become unreachable. Which of the following actions would prevent this issue?

    <p>Testing the policy in a non-production environment before enabling the policy in the production network</p> Signup and view all the answers

    An organization is building a new backup data center with cost-benefit as the primary requirement and RTO and RPO values around two days. Which of the following types of sites is the best for this scenario?

    <p>Cold</p> Signup and view all the answers

    A company requires hard drives to be securely wiped before sending decommissioned systems to recycling. Which of the following best describes this policy?

    <p>Sanitization</p> Signup and view all the answers

    A systems administrator works for a local hospital and needs to ensure patient data is protected and secure. Which of the following data classifications should be used to secure patient data?

    <p>Sensitive</p> Signup and view all the answers

    A penetration tester begins an engagement by performing port and service scans against the client environment according to the rules of engagement. Which of the following reconnaissance types is the tester performing?

    <p>Active</p> Signup and view all the answers

    Which of the following is required for an organization to properly manage its restore process in the event of system failure?

    <p>DRP</p> Signup and view all the answers

    A U.S.-based cloud-hosting provider wants to expand its data centers to new international locations. Which of the following should the hosting provider consider first?

    <p>Local data protection regulations</p> Signup and view all the answers

    Which of the following vulnerabilities is associated with installing software outside of a manufacturer's approved software repository?

    <p>Side loading</p> Signup and view all the answers

    Which of the following would be the best way to block unknown programs from executing?

    <p>Application allow list</p> Signup and view all the answers

    A security analyst is reviewing the following logs. Which of the following attacks is most likely occurring?

    <p>Password spraying</p> Signup and view all the answers

    A company hired a consultant to perform an offensive security assessment covering penetration testing and social engineering. Which of the following teams will conduct this assessment activity?

    <p>Red</p> Signup and view all the answers

    A software development manager wants to ensure the authenticity of the code created by the company. Which of the following options is the most appropriate?

    <p>Performing code signing on company-developed software</p> Signup and view all the answers

    An analyst is evaluating the implementation of Zero Trust principles within the data plane. Which of the following would be most relevant for the analyst to evaluate?

    <p>Secured zones</p> Signup and view all the answers

    An engineer needs to find a solution that creates an added layer of security by preventing unauthorized access to internal company resources. Which of the following would be the best solution?

    <p>Jump server</p> Signup and view all the answers

    Which of the following can be used to identify potential attacker activities without affecting production servers?

    <p>Honeypot</p> Signup and view all the answers

    A company's web filter is configured to scan the URL for strings and deny access when matches are found. Which of the following search strings should an analyst employ to prohibit access to non-encrypted websites?

    <p>http://</p> Signup and view all the answers

    During an investigation, an incident response team attempts to understand the source of an incident. Which of the following incident response activities describes this process?

    <p>Analysis</p> Signup and view all the answers

    During a security incident, the security operations team identified sustained network traffic from a malicious IP address: 10.1.4.9. A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization's network. Which of the following fulfills this request?

    <p>access-list inbound deny ip source 10.1.4.9/32 destination 0.0.0.0/0</p> Signup and view all the answers

    A company needs to provide administrative access to internal resources while minimizing the traffic allowed through the security boundary. Which of the following methods is most secure?

    <p>Implementing a bastion host</p> Signup and view all the answers

    A security analyst is reviewing alerts in the SIEM related to potential malicious network traffic coming from an employee's corporate laptop. The security analyst has determined that additional data about the executable running on the machine is necessary to continue the investigation. Which of the following logs should the analyst use as a data source?

    <p>Endpoint</p> Signup and view all the answers

    A cyber operations team informs a security analyst about a new tactic malicious actors are using to compromise networks. SIEM alerts have not yet been configured. Which of the following best describes what the security analyst should do to identify this behavior?

    <p>Threat hunting</p> Signup and view all the answers

    A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?

    <p>Transfer</p> Signup and view all the answers

    A security administrator would like to protect data on employees' laptops. Which of the following encryption techniques should the security administrator use?

    <p>Full disk</p> Signup and view all the answers

    Which of the following security control types does an acceptable use policy best represent?

    <p>Preventive</p> Signup and view all the answers

    A security practitioner completes a vulnerability assessment and the operations team remediates the vulnerabilities. What should be done next?

    <p>Rescan the network</p> Signup and view all the answers

    What activity best describes a user logging in remotely after hours and copying large amounts of data to a personal device?

    <p>Insider threat</p> Signup and view all the answers

    Which of the following allows for the attribution of messages to individuals?

    <p>Non-repudiation</p> Signup and view all the answers

    What is the best way to consistently determine on a daily basis if security settings on servers have been modified?

    <p>Automation</p> Signup and view all the answers

    What security technique is adopted by including regular expressions in source code to remove special characters from variables set by forms in a web application?

    <p>Input validation</p> Signup and view all the answers

    What should a security analyst do to reduce the impact when a user clicks on a link in a phishing message?

    <p>Update EDR policies</p> Signup and view all the answers

    What has been implemented when a host-based firewall on a legacy Linux system allows connections from specific internal IP addresses?

    <p>Compensating control</p> Signup and view all the answers

    Which automation technique should a systems administrator use to streamline account creation for new manual accounts?

    <p>User provisioning script</p> Signup and view all the answers

    What type of control is set up when a company assigns an analyst to review logs on a weekly basis in a SIEM system?

    <p>Detective</p> Signup and view all the answers

    What is a low-cost cloud-based application-hosting solution suitable for a systems administrator?

    <p>Serverless framework</p> Signup and view all the answers

    What action describes the act of ignoring detected malicious activity on a server in the future?

    <p>Tuning</p> Signup and view all the answers

    What is the best explanation for a security analyst discovering that an attacker is attempting to brute force a user's account?

    <p>An attacker is attempting to brute force the account</p> Signup and view all the answers

    What should a company consider to prevent damage to the server room and downtime due to weather events?

    <p>Geographic dispersion</p> Signup and view all the answers

    What is a primary security concern for a company implementing a BYOD program?

    <p>Unauthorized access</p> Signup and view all the answers

    Which of the following would be best suited for constantly changing environments?

    <p>Containers</p> Signup and view all the answers

    Which of the following incident response activities ensures evidence is properly handled?

    <p>Chain of custody</p> Signup and view all the answers

    An accounting clerk sent money to an attacker's bank account after receiving fraudulent instructions to use a new account. Which of the following would most likely prevent this activity in the future?

    <p>Updating processes for sending wire transfers</p> Signup and view all the answers

    A systems administrator is creating a script that would save time and prevent human error when performing account creation for a large number of end users. Which of the following would be a good use case for this task?

    <p>Orchestration</p> Signup and view all the answers

    Which of the following data roles describes the customer in a scenario where a company's marketing department collects, modifies, and stores sensitive customer data?

    <p>Subject</p> Signup and view all the answers

    Which of the following describes the maximum allowance of accepted risk?

    <p>Risk threshold</p> Signup and view all the answers

    A security analyst receives alerts about an internal system sending a large amount of unusual DNS queries to systems on the internet over short periods of time during non-business hours. Which of the following is most likely occurring?

    <p>Data is being exfiltrated</p> Signup and view all the answers

    A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?

    <p>Supply chain vendor</p> Signup and view all the answers

    A systems administrator is working on a solution with the following requirements: Provide a secure zone, enforce a company-wide access control policy, and reduce the scope of threats. Which of the following is the systems administrator setting up?

    <p>Zero Trust</p> Signup and view all the answers

    Which of the following involves an attempt to take advantage of database misconfigurations?

    <p>SQL injection</p> Signup and view all the answers

    Which of the following is used to validate a certificate when it is presented to a user?

    <p>OCSP</p> Signup and view all the answers

    One of a company's vendors sent an analyst a security bulletin that recommends a BIOS update. Which of the following vulnerability types is being addressed by the patch?

    <p>Firmware</p> Signup and view all the answers

    Which of the following is used to quantitatively measure the criticality of a vulnerability?

    <p>CVSS</p> Signup and view all the answers

    Which of the following actions could a security engineer take to ensure workstations and servers are properly monitored for unauthorized changes and software?

    <p>Install endpoint management software on all systems</p> Signup and view all the answers

    An organization is leveraging a VPN between its headquarters and a branch location. Which of the following is the VPN protecting?

    <p>Data in transit</p> Signup and view all the answers

    After reviewing the following vulnerability scanning report, a security analyst performs the following test. Which of the following would the security analyst conclude for this reported vulnerability?

    <p>It is a false positive</p> Signup and view all the answers

    An organization disabled unneeded services and placed a firewall in front of a business-critical legacy system. Which of the following best describes the actions taken by the organization?

    <p>Segmentation</p> Signup and view all the answers

    A security consultant needs secure, remote access to a client environment. Which of the following should the security consultant most likely use to gain access?

    <p>IPSec</p> Signup and view all the answers

    Which of the following should a systems administrator use to ensure an easy deployment of resources within the cloud provider?

    <p>Infrastructure as code</p> Signup and view all the answers

    After a security awareness training session, a user reported a suspicious call requesting credit card information claiming to be the Chief Financial Officer. Which topic did the user recognize from the training?

    <p>Social engineering</p> Signup and view all the answers

    An administrator assists in archiving information about customer transactions for the proper time period. Which data policy is the administrator carrying out?

    <p>Retention</p> Signup and view all the answers

    A company is working with a vendor to perform a penetration test. Which includes an estimate about the number of hours required to complete the engagement?

    <p>SOW</p> Signup and view all the answers

    A Chief Information Security Officer (CISO) wants to explicitly raise awareness about the increase of ransomware-as-a-service in a report to the management team. Which threat actor does this report describe?

    <p>Organized crime</p> Signup and view all the answers

    Which of the following practices would be best to prevent an insider from introducing malicious code into a company's development process?

    <p>Peer review and approval</p> Signup and view all the answers

    Which of the following can best protect against an employee inadvertently installing malware on a company system?

    <p>Application allow list</p> Signup and view all the answers

    A company is adding a clause to its Acceptable Use Policy (AUP) stating employees are not allowed to modify the operating system on mobile devices. Which vulnerability is the organization addressing?

    <p>Jailbreaking</p> Signup and view all the answers

    An organization would like to store customer data on a separate part of the network that is not accessible to users on the main corporate network. What should the administrator use to accomplish this goal?

    <p>Segmentation</p> Signup and view all the answers

    Which of the following is the most common data loss path for an air-gapped network?

    <p>Removable devices</p> Signup and view all the answers

    Malware spread across a company's network after an employee visited a compromised industry blog. What type of attack is this?

    <p>Watering-hole</p> Signup and view all the answers

    An organization is struggling with scaling issues on its VPN concentrator and internet circuit due to remote work. Which solution will allow a reduction in traffic while providing secured access to the data center and monitoring of remote employee internet traffic?

    <p>Deploying a SASE solution to remote employees</p> Signup and view all the answers

    Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?

    <p>Organized crime</p> Signup and view all the answers

    Which of the following is used to add extra complexity before using a one-way data transformation algorithm?

    <p>Salting</p> Signup and view all the answers

    An employee clicked a link in an email that asked the employee to update contact information. The employee entered login information but received a “page not found” error message. What type of social engineering attack occurred?

    <p>Phishing</p> Signup and view all the answers

    An enterprise is trying to limit outbound DNS traffic originating from its internal network. Outbound DNS requests will only be allowed from one device with the IP address 10.50.10.25. Which firewall ACLs will accomplish this goal?

    <p>Access list outbound permit 0.0.0.0/0 0.0.0.0/0 port 53; Access list outbound deny 0.0.0.0/0 10.50.10.25/32 port 53</p> Signup and view all the answers

    A data administrator is configuring authentication for a SaaS application to reduce the number of credentials employees need. The company prefers to use domain credentials to access new SaaS applications. Which method would allow this functionality?

    <p>SSO</p> Signup and view all the answers

    Which scenario describes a possible business email compromise attack?

    <p>An employee receives a gift card request in an email with an executive's name in the display field.</p> Signup and view all the answers

    A company prevented direct access from the database administrators’ workstations to the network segment containing database servers. What should a database administrator use to access the database servers?

    <p>Jump server</p> Signup and view all the answers

    An organization’s internet-facing website was compromised due to a buffer overflow. What should the organization deploy to protect against similar attacks?

    <p>WAF</p> Signup and view all the answers

    An administrator notices several users logging in from suspicious IP addresses and resets affected users’ passwords after confirming the unauthorized logins. What should the administrator implement to prevent this type of attack?

    <p>Multifactor authentication</p> Signup and view all the answers

    An employee receives a text message pretending to be from the payroll department, asking for credential verification. Which social engineering techniques are being attempted?

    <p>Impersonation</p> Signup and view all the answers

    Several employees received a fraudulent text message from someone claiming to be the CEO, requesting gift cards for employee recognition awards. What are the best responses to this situation?

    <p>Issue a general email warning to the company</p> Signup and view all the answers

    A company is required to use certified hardware when building networks. What best addresses the risks associated with procuring counterfeit hardware?

    <p>A thorough analysis of the supply chain</p> Signup and view all the answers

    Which of the following provides the details about the terms of a test with a third-party penetration tester?

    <p>Rules of engagement</p> Signup and view all the answers

    Study Notes

    Threat Actors and Attack Methods

    • Organized crime is the most likely threat actor to be hired by a foreign government to attack critical systems located in other countries.
    • Phishing is a type of social engineering attack where an attacker sends an email that appears to be from a legitimate source, asking the user to enter login credentials.
    • Brand impersonation is a type of social engineering attack where an attacker impersonates a legitimate company or brand to trick users into revealing sensitive information.
    • Typosquatting is a type of social engineering attack where an attacker registers a domain name that is similar to a legitimate domain name, with the goal of tricking users into revealing sensitive information.

    Authentication and Access Control

    • Salting is used to add extra complexity before using a one-way data transformation algorithm.
    • Single sign-on (SSO) allows users to access multiple applications with a single set of login credentials.
    • Multifactor authentication (MFA) is a security process that requires a user to provide multiple forms of identification to access a system or resource.

    Network Security

    • A jump server is a secure server that provides access to a network segment that contains sensitive resources.
    • A web application firewall (WAF) is a security system that protects web applications from attacks.
    • A next-generation firewall (NGFW) is a security system that provides advanced threat protection and visibility into network traffic.

    Incident Response and Management

    • A disaster recovery plan (DRP) is a set of procedures to follow in the event of a disaster or system failure.
    • A rules of engagement (ROE) document outlines the terms and conditions of a penetration test or security assessment.

    Risk Management and Security Controls

    • Certifying hardware and software can help prevent the use of counterfeit or compromised products.
    • Implementing a zero-trust model involves verifying the identity and permissions of all users and devices before granting access to resources.
    • A bastion host is a secure server that provides access to internal resources while minimizing the traffic allowed through the security boundary.

    Penetration Testing and Vulnerability Management

    • A penetration test is a simulated cyber attack against a computer system, network, or web application to assess its security.
    • A rules of engagement (ROE) document outlines the terms and conditions of a penetration test or security assessment.
    • Side-loading is a type of vulnerability that occurs when software is installed outside of a manufacturer's approved software repository.

    Security Operations and Monitoring

    • A security information and event management (SIEM) system is a security system that collects and analyzes log data from various sources to detect and respond to security threats.

    • A web filter is a security system that scans URLs and blocks access to non-encrypted websites.

    • A firewall rule can be used to block traffic from a specific IP address or range of IP addresses.### Cyber Security Concepts

    • A security analyst should perform threat hunting to identify new tactics malicious actors are using to compromise networks when SIEM alerts have not yet been configured.

    • Cyber insurance is a strategy that addresses items listed on the risk register, which represents a transfer strategy.

    • Full disk encryption is the technique that should be used to protect data on employees' laptops.

    • An acceptable use policy is a type of preventive security control.

    • Least privilege is the security technique that restricts access to the administrator console of help desk software to only the IT manager and the help desk lead.

    • A risk register is used to document risks, responsible parties, and thresholds.

    • When setting up a new set of firewall rules, a security administrator should adhere to change management procedure.

    • A bug bounty program is a type of program that allows individuals to security test a company's internet-facing application and compensates researchers based on the vulnerabilities discovered.

    • Nation-state actors are the most likely to use large financial resources to attack critical systems located in other countries.

    • SQL injection is a type of attack that enables the use of an input field to run commands that can view or manipulate data.

    • Intellectual property is the type of data that employees in the research and development business unit are most likely to use in day-to-day work activities.

    • Labeling laptops with asset inventory stickers and associating them with employee IDs provides security benefits, including:

      • Notifying the correct employee if a security incident occurs on the device
      • Mapping users to their devices when configuring software MFA tokens
    • Modify the content of recurring training is the best option to improve situational and environmental awareness of existing users as they transition from remote to in-office work.

    • A dashboard is the best way to present data to the board of directors when creating a quarterly report detailing the number of incidents that impacted the organization.

    • Rootkit is the most likely occurrence if a file integrity monitoring tool alerts that the hash of the cmd.exe file has changed, and the OS logs show no patches were applied in the last two months.

    • In an IaaS model for a cloud environment, the client is responsible for securing the company's database, according to the shared responsibility model.

    • A SOW (Statement of Work) is the document that a security company should provide to a client, outlining the project, cost, and completion time frame.

    • Input validation is the application security technique that should be implemented to prevent cross-site scripting vulnerabilities.

    • Ease of recovery and ability to patch must be considered when designing a high-availability network.

    • When applying a high-priority patch to a production system, the first step is to create a change control request.

    • Root cause analysis should be conducted as part of incident response to prevent future incidents of the same nature.

    • If a large bank fails an internal PCI DSS compliance assessment, the most likely outcome is fines.

    • Capacity planning is the step in developing a business continuity strategy that determines how many staff members would be required to sustain the business in the case of a disruption.

    • Geolocation policy is the most effective way to limit access to sensitive documents in a SaaS application to individuals in high-risk countries.

    • Firmware version is a hardware-specific vulnerability.

    • A deny any policy should be added to the bottom of the ACL when troubleshooting a firewall configuration to deny any unmatched traffic.### Security Best Practices

    • To prevent issues, it's essential to test policies in a non-production environment before enabling them in the production network.

    • Documenting new policies in a change request and submitting it to change management can also help prevent issues.

    Data Centers and Backup

    • A cold site is the best option for a new backup data center with a cost-benefit focus and an RTO and RPO of around two days.
    • A cold site is a backup data center that has the necessary infrastructure to support IT systems, but does not have the actual systems or equipment installed.

    Data Classification and Security

    • Sensitive data classification should be used to secure patient data in a hospital setting.
    • Sanitization is the process of securely wiping hard drives before sending decommissioned systems to recycling.

    Cloud Security and Compliance

    • When expanding data centers to new international locations, a cloud-hosting provider should consider local data protection regulations first.
    • An application allow list is the best way to block unknown programs from executing.

    Penetration Testing and Social Engineering

    • A red team conducts offensive security assessments, including penetration testing and social engineering.
    • Code signing is the most appropriate option to ensure the authenticity of company-developed software.

    Incident Response and Analysis

    • A honeypot can be used to identify potential attacker activities without affecting production servers.
    • Analysis is the incident response activity that involves understanding the source of an incident.
    • After remediating vulnerabilities, the next step should be to rescan the network.

    Insider Threats and Data Protection

    • Insider threat describes a user's activity when they log in remotely after hours and copy large amounts of data to a personal device.
    • Non-repudiation allows for the attribution of messages to individuals.
    • DLP (Data Loss Prevention) solutions can assist with detecting an employee who has accidentally emailed a file containing customer's PII.

    Automation and Security

    • Automation is the best way to consistently determine on a daily basis whether security settings on servers have been modified.
    • Regular expressions can be used to remove special characters from variables set by forms in a web application, which is an input validation technique.

    Network Security and Segmentation

    • A host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses, which is an example of a compensating control.
    • Network segmentation is a technique used to divide a network into smaller, isolated zones to reduce the attack surface.

    Security Information and Event Management (SIEM)

    • A SIEM system is used to detect and respond to security incidents, and it is an example of a detective control.
    • Automation techniques, such as user provisioning scripts, can streamline account creation and reduce the risk of incorrect access or permissions.

    Cloud Computing and Application Hosting

    • A serverless framework is a low-cost, cloud-based application-hosting solution.
    • Serverless computing is a cloud computing model in which the cloud provider manages the infrastructure and dynamically allocates computing resources.

    Security Operations and Threat Analysis

    • Tuning is the process of ignoring detected activity in the future, which is a common activity in security operations.
    • A security analyst may review domain activity logs to detect and respond to security threats.

    Business Continuity and Disaster Recovery

    • Geographic dispersion is a strategy used to reduce the risk of weather events causing damage to the server room and downtime.
    • Off-site backups are a common strategy used to ensure business continuity in the event of a disaster.

    BYOD and Mobile Security

    • Jailbreaking is a primary security concern for a company setting up a BYOD program, as it can increase the risk of security breaches.
    • BYOD (Bring Your Own Device) is a policy that allows employees to use their personal devices for work purposes.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Practice questions for the CompTIA Security+ SY0-701 exam, covering various topics in computer security. Test your knowledge and prepare for the certification exam.

    More Like This

    Comptia GCGA Chapter 6 Flashcards
    57 questions
    CompTIA Network+ N10-008 Exam Quiz
    31 questions
    Use Quizgecko on...
    Browser
    Browser