CompTIA Security+ Certification Exam SY0-701 Practice Test 10

Question 1

Which of the following URLs is a potential indicator of a directory traversal attack?

A) http://www.example.com/var/../etc/passwd

B) http://www.example.com/var/www/../../etc/passwd

C) http://www.example.com/var/www/files/../../../etc/passwd

D) http://www.example.com/var/www/files/images/../../../../etc/passwd

E) Any of the above

Answer 1

E) Any of the above

Question 2

A type of cryptographic attack that forces a network protocol to revert to its older, less secure version is known as:

A) Downgrade attack
B) Replay attack
C) Deauthentication attack
D) Spraying attack

Answer 2

A) Downgrade attack

Question 3

Which cryptographic attack relies on the concepts of probability theory?

A) Brute-force
B) KPA
C) Dictionary
D) Birthday

Answer 3

D) Birthday

Question 4

hash collision occurs when cryptographic hash function produces two different digests for the same data input.

A) True

B) False

Answer 4

B) False

Question 5

A short list of commonly used passwords tried against large number of user accounts is a characteristic feature of:

A) Replay attack
B) Dictionary attack
C) Spraying attack
D) Birthday attack

Answer 5

C) Spraying attack

Question 6

Which password attack bypasses account-lockout policies?

A) Birthday attack
B) Replay attack
C) Spraying attack
D) Dictionary attack

Answer 6

C) Spraying attack

Question 7

An attack against encrypted data that relies heavily on computing power to check all possible keys and passwords until the correct one is found is called:

A) Replay attack
B) Brute-force attack
C) Dictionary attack
D) Birthday attack

Answer 7

B) Brute-force attack

Question 8

One of the measures for bypassing the failed logon attempt account lockout policy is to capture any relevant data that might contain the password and brute force it offline.

A) True

B) False

Answer 8

A) True

Question 9

A type of forensic evidence that can be used to detect unauthorized access attempts or other malicious activities is called:

A) CVE
B) IoC
C) AIS
D) OSINT

Answer 9

B) IoC

Question 10

An account lockout might indicate which type of malicious activity?

A) Attempt to deliver malicious content
B) DoS attack
C) Account compromise
D) Password brute-forcing attempt

Answer 10

D) Password brute-forcing attempt

Question 11

Which of the terms listed below most accurately describes a situation wherein a single account is being used from multiple locations/devices at the same time?

A) Spraying attack
B) Concurrent session usage
C) Single Sign-On (SSO)
D) Impossible travel

Answer 11

B) Concurrent session usage

Question 12

Which of the following terms refers to a malicious activity indicator in a situation where a firewall or other security measure prevents an attempt to deliver malicious payload or perform an unauthorized action?

A) DoS attack
B) Resource inaccessibility
C) Blocked content
D) Excessive system resource consumption

Answer 12

C) Blocked content

Question 13

Which of the terms listed below most accurately describes a situation wherein an account is accessed from a location that is physically impossible for the user to be in?

A) Login time restrictions
B) Impossible travel
C) Concurrent session usage
D) Out-of-cycle logging

Answer 13

B) Impossible travel

Question 14

The term “Out-of-cycle logging” refers to instances where systems or applications produce logs outside their regular intervals or in abnormal volumes, potentially signaling malicious activity.

A) True

B) False

Answer 14

A) True

Question 15

Which of the following would indicate an attempt to hide evidence of malicious activity?

A) Account lockout
B) Resource inaccessibility
C) Missing logs
D) Concurrent session usage

Answer 15

C) Missing logs

Question 16

Which of the terms listed below refers to a logical grouping of computers that allow computer hosts to function as if they were attached to the same broadcast domain regardless of their physical location?

A) VLAN
B) DMZ
C) SNMP community
D) VPN

Answer 16

A) VLAN

Question 17

What is the name of a solution that increases the efficiency of IP address space management by allowing network administrators to divide networks into subnets of different sizes?

A) DNAT
B) VLSM
C) MPLS
D) VLAN

Answer 17

B) VLSM

Question 18

Which of the following provides granular control over user access to specific network segments and resources based on their assigned roles and permissions?

A) EDR
B) IAM
C) AAA
D) IPS

Answer 18

B) IAM

Question 19

Which of the answers listed below refers to a solution that allows for easier management and control of network segmentation policies through software applications?

A) VDI
B) SDN
C) VPC
D) EDR

Answer 19

B) SDN

Question 20

Which of the following acronyms refers to a set of rules that specify which users or system processes are granted access to objects as well as what operations are allowed on a given object?

A) ACL
B) MFA
C) NAC
D) AUP

Answer 20

A) ACL

Question 21

A rule-based access control mechanism implemented on routers, switches, and firewalls is referred to as:

A) MAC
B) AUP
C) DAC
D) ACL

Answer 21

D) ACL

Question 22

Which of the answers listed below refers to a rule-based access control mechanism associated with files and/or directories?

A) EFS
B) FACL
C) FIM
D) NTFS

Answer 22

B) FACL

Question 23

Which of the following policies applies to any requests that fall outside the criteria defined in an ACL?

A) Fair access policy
B) Implicit deny policy
C) Transitive trust
D) Context-aware authentication

Answer 23

B) Implicit deny policy

Question 24

Which of the answers listed below does not refer to the concept of network isolation?

A) VLANs
B) Subnetting
C) DLP
D) Firewalls
E) DMZs
F) NAC
G) SDN
H) Air gaps
I) Zero Trust network architecture

Answer 24

C) DLP

Question 25

Which of the following answers does not refer to the concept of system/application isolation?

A) Virtualization
B) Containerization
C) Sandboxing
D) Data encryption

Answer 25

D) Data encryption