CompTIA Security+ Certification Exam SY0-701 Practice Test 18

Question 1

In SNMP, each node in a MIB is uniquely identified by a(n):

A) DSU
B) OID
C) CSU
D) OUI

Answer 1

B) OID

Question 2

Which of the answers listed below refers to a network protocol developed by Cisco for collecting information about IP traffic flowing across network devices like routers, switches, and firewalls?

A) OpenVAS
B) iPerf
C) pfSense
D) NetFlow

Answer 2

D) NetFlow

Question 3

Firewall rules are evaluated based on their order of precedence. Rules at the top of the list take precedence over rules further down the list. Once a matching rule is found, no further evaluation of subsequent rules occurs. The “implicit deny” policy on a firewall is a common default behavior in which any traffic that does not explicitly match any of the configured allow rules is automatically denied or blocked. In other words, if a packet does not meet the criteria of any allow rule, the default behavior of the firewall is to deny the traffic.

A) True
B) False

Answer 3

A) True

Question 4

Which of the following refers to a set of rules defining how a firewall manages network traffic?

A) MAC
B) ACL
C) NAC
D) DLP

Answer 4

B) ACL

Question 5

A lightly protected subnet (a.k.a. DMZ) consisting of publicly available servers placed on the outside of the company’s firewall is known as:

A) Captive portal
B) Quarantine network
C) Extranet
D) Screened subnet

Answer 5

D) Screened subnet

Question 6

Which of the answers listed below most accurately describes patterns or behaviors observed in network traffic over time?

A) Trends
B) Anomalies
C) Threats
D) Signatures

Answer 6

A) Trends

Question 7

Which of the following terms refers to predefined patterns or characteristics of known threats or attack methods?

A) Security logs
B) Baselines
C) Trends
D) Signatures

Answer 7

D) Signatures

Question 8

A type of IDS/IPS that compares current network traffic against a database of known attack patterns is called:

A) Heuristic
B) Anomaly-based
C) Behavioral
D) Signature-based

Answer 8

D) Signature-based

Question 9

Agent-based web filtering: (Select 3 answers)

A) Requires installing software on each device that needs to be monitored

B) Provides flexibility and granular control over web activity at the device level

C) Involves increased management overhead and system resource consumption

D) Simplifies administration and ensures consistent enforcement of web filtering policies across the network

E) Does not require software to be installed on each individual device

F) Requires a functioning central server for web filtering to operate

Answer 9

A) Requires installing software on each device that needs to be monitored

B) Provides flexibility and granular control over web activity at the device level

C) Involves increased management overhead and system resource consumption

Question 10

Web filtering via centralized proxy: (Select 3 answers)

A) Involves increased management overhead and system resource consumption

B) Does not require software to be installed on each individual device

C) Requires installing software on each device that needs to be monitored

D) Simplifies administration and ensures consistent enforcement of web filtering policies across the network

E) Provides flexibility and granular control over web activity at the device level

F) Requires a functioning central server for web filtering to operate

Answer 10

B) Does not require software to be installed on each individual device

D) Simplifies administration and ensures consistent enforcement of web filtering policies across the network

F) Requires a functioning central server for web filtering to operate

Question 11

Content categorization in web filtering involves classifying web content into predefined categories based on its subject matter or type. This technique enables organizations to apply filtering policies selectively, for example restricting access to certain categories during work hours or blocking access to categories associated with security risks or non-work-related activities.

A) True
B) False

Answer 11

A) True

Question 12

In Windows Active Directory environment, this feature enables centralized management and configuration of operating systems, applications, and user account settings.

A) Local Users and Groups
B) Resource Monitor
C) Group Policy
D) User Account Control

Answer 12

C) Group Policy

Question 13

What is SELinux?

A) A security feature in Linux OSs

B) A secure boot mechanism implemented in certain Linux distributions

C) An open-source web server software

D) A Linux distribution

Answer 13

A) A security feature in Linux OSs

Question 14

Which of the following answers refers to a security mechanism imposed by SELinux over system access?

A) DAC
B) RBAC
C) MAC
D) ABAC

Answer 14

C) MAC

Question 15

Which of the protocols listed below is used to enable secure web browsing?

A) L2TP
B) HTTPS
C) SSH
D) IPsec

Answer 15

B) HTTPS

Question 16

Which of the following protocols allow(s) for secure file transfer? (Select all that apply)

A) FTPS
B) TFTP
C) FTP
D) SFTP

Answer 16

A) FTPS

D) SFTP

Question 17

FTPS is an extension to the SSH protocol and runs by default on TCP port 22.

A) True
B) False

Answer 17

B) False

Question 18

Which of the answers listed below refers to a secure replacement for Telnet?

A) RSH
B) IPsec
C) SSH
D) RTPS

Answer 18

C) SSH

Question 19

Which of the following answers refers to a deprecated protocol designed as a secure way to send emails from a client to a mail server and between mail servers?

A) IMAPS
B) SFTP
C) POP3S
D) SMTPS

Answer 19

D) SMTPS

Question 20

Which of the protocols listed below enable secure retrieval of emails from a mail server to an email client? (Select 2 answers)

A) FTPS
B) IMAPS
C) POP3S
D) STARTTLS
E) SMTPS

Answer 20

B) IMAPS

C) POP3S

Question 21

Which of the following protocols enables secure access and management of emails on a mail server from an email client?

A) POP3S
B) SMTPS
C) IMAPS
D) S/MIME

Answer 21

C) IMAPS

Question 22

Which of the answers listed below refers to a secure network protocol used to provide encryption, authentication, and integrity for real-time multimedia communication?

A) IPsec
B) SIP
C) VoIP
D) SRTP

Answer 22

D) SRTP

Question 23

UDP is a connection-oriented protocol using a three-way handshake which is a set of initial steps required for establishing network connection. UDP supports retransmission of lost packets, flow control (managing the amount of data that is being sent), and sequencing (rearranging packets that arrived out of order). Example applications of UDP include transmission of text and image data.

A) True
B) False

Answer 23

B) False

Question 24

TCP is an example of a connectionless protocol. Because TCP does not support three-way handshake while establishing a network connection, it is referred to as unreliable or best-effort protocol. Example applications of TCP include transmission of video and audio streaming data.

A) True
B) False

Answer 24

B) False

Question 25

Which of the answers listed below refer to filtering techniques that can allow or block access to a site based on its web address? (Select 2 answers)

A) SSL/TLS inspection
B) URL scanning
C) Content categorization
D) DNS filtering
E) Reputation-based filtering

Answer 25

B) URL scanning
D) DNS filtering