CompTIA Security+ Certification Exam SY0-701 Practice Test 17

Question 1

Which of the following statements describe the features of dynamic code analysis? (Select 3 answers)

A) Typically used later in the software development lifecycle

B) Involves examining the code without executing it

C) Analyzes runtime properties like memory usage, performance, and error handling to identify issues such as memory leaks, performance bottlenecks, and runtime errors

D) Often used early in the development process

E) Examines code structure, syntax, and semantics to detect issues like syntax errors, coding standards violations, security vulnerabilities, and bugs

F) Involves executing the code and analyzing its behavior at runtime

Answer 1

A) Typically used later in the software development lifecycle

C) Analyzes runtime properties like memory usage, performance, and error handling to identify issues such as memory leaks, performance bottlenecks, and runtime errors

F) Involves executing the code and analyzing its behavior at runtime

Question 2

Which of the terms listed below refers to tracking and managing software application components, such as third-party libraries and other dependencies?

A) Version control
B) Package monitoring
C) Configuration enforcement
D) Application hardening

Answer 2

B) Package monitoring

Question 3

Which of the terms listed below refers to a US government initiative for real-time sharing of cyber threat indicators?

A) AIS
B) STIX
C) TTP
D) CVSS

Answer 3

A) AIS

Question 4

Which of the following terms refers to threat intelligence gathered from publicly available sources?

A) IoC
B) OSINT
C) RFC
D) CVE/NVD

Answer 4

B) OSINT

Question 5

What is STIX?

A) A type of vulnerability database
B) Common language for describing cyber threat information

C) US government initiative for real-time sharing of cyber threat indicators

D) Transport mechanism for cyber threat information

Answer 5

B) Common language for describing cyber threat information

Question 5

A dedicated transport mechanism for cyber threat information is called:

A) TCP/IP
B) TLS
C) TAXII
D)

Answer 5

C) TAXII

Question 6

Which of the following statements does not apply to dark web?

A) Typically requires specialized software to access its contents
B) Forms a large part of the deep web
C) Not indexed by traditional search engines
D) Often associated with trading stolen data, malware, and cyber threats

Answer 6

B) Forms a large part of the deep web

Question 7

Which of the following provides insights into the methods and tools used by cybercriminals to carry out attacks?

A) CVE
B) IoC
C) AIS
D) TTP

Answer 7

D) TTP

Question 8

Penetration testing: (Select all that apply)

A) Bypasses security controls
B) Only identifies lack of security controls
C) Actively tests security controls
D) Exploits vulnerabilities
E) Passively tests security controls

Answer 8

A) Bypasses security controls
C) Actively tests security controls
D) Exploits vulnerabilities

Question 9

A responsible disclosure program is a formal process established by an organization to encourage security researchers and ethical hackers to report vulnerabilities they discover in the organization’s systems or software. A bug bounty program is a specific type of responsible disclosure program that offers financial rewards to security researchers for reporting valid vulnerabilities.

A) True
B) False

Answer 9

A) True

Question 10

An antivirus software identifying non-malicious file as a virus due to faulty virus signature file is an example of:

A) Fault tolerance
B) False positive error
C) Quarantine feature
D) False negative error

Answer 10

B) False positive error

Question 11

Which of the answers listed below refers to a situation where no alarm is raised when an attack has taken place?

A) False negative
B) True positive
C) False positive
D) True negative

Answer 11

A) False negative

Question 12

A measure of the likelihood that a security system will incorrectly reject an access attempt by an authorized user is referred to as:

A) FAR
B) CER
C) CRC
D) FRR

Answer 12

D) FRR

Question 13

Which of the following terms refers to a framework and knowledge base that provides understanding of TTPs used during cyberattacks?

A) CVSS
B) ATT&CK
C) STIX
D) TAXII

Answer 13

B) ATT&CK

Question 14

Which of the answers listed below refers to an industry standard for assessing and scoring the severity of computer system security vulnerabilities?

A) SIEM
B) CVSS
C) OSINT
D) SOAR

Answer 14

B) CVSS

Question 15

Which of the following refers to a system that identifies, defines, and catalogs publicly known cybersecurity vulnerabilities?

A) TAXII
B) CVE
C) STIX
D) CVSS

Answer 15

B) CVE

Question 16

What is Exposure Factor (EF) in vulnerability analysis?

A) The likelihood that a vulnerability will be exploited in a real-world scenario

B) The rate at which vulnerabilities are discovered and reported

C) The degree of loss that a realized threat would have on a specific asset

D) The measure of the potential impact of a vulnerability on an organization’s assets

Answer 16

C) The degree of loss that a realized threat would have on a specific asset

Question 17

Which of the statements listed below does not refer to a vulnerability response and remediation technique?

A) Applying updates or fixes provided by software vendors to address the vulnerability (patching)

B) Ensuring financial recovery from the costs associated with a successful cyberattack (insurance)

C) Dividing a network into smaller, isolated zones to limit the potential impact of a vulnerability (segmentation)

D) Mitigating the risk associated with a vulnerability that cannot be immediately patched by implementing alternative security measures (compensating controls)

E) Delaying or forgoing a patch for a specific system, e.g., when applying a patch may not be feasible due to compatibility issues or potential disruptions to critical systems (exceptions and exemptions)

F) All of the above answers are examples of vulnerability response and remediation techniques

Answer 17

F) All of the above answers are examples of vulnerability response and remediation techniques

Question 18

The practice of isolating potentially malicious or suspicious entities to prevent them from causing harm to the rest of the network or system is known as:

A) Sandboxing
B) Containerization
C) Quarantine
D) Segmentation

Answer 18

C) Quarantine

Question 19

Which of the following answers refer to SCAP? (Select 3 answers)

A) A type of security system designed to collect logs and events from various sources

B) Designed to provide a centralized user interface for accessing collected data

C) A collection of standards developed by NIST

D) Provides a common language for communicating security information

E) Allows different security tools to share data and work together more effectively

F) Enables real-time threat detection, incident response, and compliance monitoring

Answer 19

C) A collection of standards developed by NIST

D) Provides a common language for communicating security information

E) Allows different security tools to share data and work together more effectively

Question 20

Which of the answers listed below refer to SIEM? (Select 3 answers)

A) Allows different security tools to share data and work together more effectively

B) Designed to provide a centralized user interface for accessing collected data

C) A collection of standards developed by NIST

D) Enables real-time threat detection, incident response, and compliance monitoring

E) A type of security system designed to collect logs and events from various sources

F) Provides a common language for communicating security information

Answer 20

B) Designed to provide a centralized user interface for accessing collected data

D) Enables real-time threat detection, incident response, and compliance monitoring

E) A type of security system designed to collect logs and events from various sources

Question 21

Which of the following acronyms refers to software or hardware-based security solutions designed to detect and prevent unauthorized use and transmission of confidential information?

A) IPS
B) DLP
C) IDS
D) DEP

Answer 21

B) DLP

Question 22

Simple Network Management Protocol (SNMP) is a UDP-based, application layer protocol used in network management systems to monitor network-attached devices. SNMP is typically integrated into most modern network infrastructure devices such as routers, bridges, switches, servers, printers, copiers, fax machines, and other network-attached devices. An SNMP-managed network comprises three essential components: a managed device, a network-management software module that resides on a managed device (Agent), and a Network Management Station (NMS), which runs applications responsible for monitoring and controlling managed devices, as well as collecting SNMP information from Agents. The manager receives notifications (Traps and InformRequests) on UDP port 162, while the SNMP Agent receives requests on UDP port 161.

A) True
B) False

Answer 22

A) True

Question 23

An SNMP-compliant device includes a virtual database containing information about configuration and state of the device that can be queried by an SNMP management station. This type of data repository is referred to as:

A) MIB
B) DCS
C) NMS
D) SIEM

Answer 23

A) MIB

Question 24

Of the three existing versions of the Simple Network Management Protocol (SNMP), versions 1 and 2 (SNMPv1 and SNMPv2) offer authentication based on community strings sent in an unencrypted form (a.k.a. cleartext). SNMPv3 provides packet encryption, authentication, and hashing mechanisms that allow for checking whether data has changed in transit.

A) True
B) False

Answer 24

A) True