CompTIA Security+ Certification Exam SY0-701 Practice Test 20

Question 1

Which access control model allows for defining granular rules that consider user roles, time constraints, and network access restrictions?

A) ABAC
B) MAC
C) RuBAC
D) DAC
E) RBAC

Answer 1

C) RuBAC

Question 2

Examples of properties used for defining access policies in Attribute-Based Access Control (ABAC) model include:

A) Subject (i.e., user or process requesting access)
B) Type of action (for example “read”, “write”, “execute”)
C) Resource type (medical record, bank account etc.)
D) Environment (contextual data, such as time of day or geolocation)
E) All of the above

Answer 2

E) All of the above

Question 3

Which access control model defines access control rules with the use of statements that closely resemble natural language?

A) DAC
B) ABAC
C) MAC
D) RBAC

Answer 3

B) ABAC

Question 4

Which of the access control models listed below enforces the strictest set of access rules?

A) MAC
B) RBAC
C) DAC
D) ABAC

Answer 4

A) MAC

Question 5

Which of the following access control methods would be the most suitable for scheduling system maintenance tasks during periods of low user activity?

A) Resource provisioning
B) Time-of-day restrictions
C) Principle of least privilege
D) Just-in-time permissions

Answer 5

B) Time-of-day restrictions

Question 6

The principle of least privilege is a security rule that prevents users from accessing information and resources that lie beyond the scope of their responsibilities.

A) True
B) False

Answer 6

A) True

Question 7

In the context of IT security, the term “Biometrics” refers to both biological characteristics of the human body and behavioral traits that can be used for identification and access control purposes.

A) True
B) False

Answer 7

A) True

Question 8

A measure of the likelihood that a biometric security system will incorrectly reject an access attempt by an authorized user is called:

A) FAR
B) CER
C) CRC
D) FRR

Answer 8

D) FRR

Question 9

Which of the answers listed below refer(s) to a medium type that can be used as a hardware authentication token? (Select all that apply)

A) Smart card
B) Key fob
C) Security key
D) Passphrase
E) Biometric reader
F) RFID badge

Answer 9

A) Smart card

B) Key fob

C) Security key

Question 10

Which of the following examples does not fall into the category of software authentication tokens?

A) QR code token
B) Security key
C) SMS-based OTP
D) Authenticator app
F)Email-based OTP

Answer 10

B) Security key

Question 11

Which of the answers listed below refer to the features of a security key? (Select 3 answers)

A) Used for OTP generation, remote vehicle access, and building access

B) Hardware authentication token

C) Typically, a physical USB stick or key fob-sized device

D) Primarily used for digital security (2FA/MFA)

E) Software authentication token

F)Typically, a credit card-sized plastic card with an embedded chip

Answer 11

B) Hardware authentication token

C) Typically, a physical USB stick or key fob-sized device

D) Primarily used for digital security (2FA/MFA)

Question 12

Authentication process can be based on various categories of authentication factors. These include knowledge-based factors such as usernames, passwords, PINs, or security question answers (“something you know”), possession-based factors (i.e., physical tokens) such as smart cards, key fobs, or security keys (“something you have”), inherence-based factors that include unique physical traits of each individual, such as fingerprints, iris scans, facial recognition, or voice patterns (“something you are”), or location-based factors such as geolocation data or IP addresses (“somewhere you are”). A multifactor authentication system requires the implementation of authentication factors from two or more distinct categories.

A) True
B) False

Answer 12

A) True

Question 13

The two factors that are considered important for creating strong passwords are: (Select 2 answers)

A) Password length
B) Minimum password age
C) Password history
D) Password complexity
E) Maximum password age

Answer 13

A) Password length

D) Password complexity

Question 14

A strong password that meets the password complexity requirement should contain: (Select the best answer)

A) Uppercase letters (A-Z)
B) Digits (0-9)
C) Non-alphanumeric characters if permitted (e.g., !, @, #, $)
D) Lowercase letters (a-z)
E) A combination of characters from at least 3 character groups

Answer 14

E) A combination of characters from at least 3 character groups

Question 15

Which of the following passwords is the most complex?

A) T$7C52WL4SU
B) GdL3tU8wxYz
C) @TxBL$nW@Xt
D) G$L3tU8wY@z

Answer 15

D) G$L3tU8wY@z

Question 16

Which password policy would be the most effective in decreasing the risk of a security breach across multiple accounts?

A) Password expiration policy
B) Minimum password age policy
C) Password reuse policy
D) Maximum password age policy

Answer 16

C) Password reuse policy

Question 17

Which password policy enforces a mandatory password change after a specific time?

A) Password expiration policy
B) Password history policy
C) Minimum password age policy
D) Password reuse policy

Answer 17

A) Password expiration policy

Question 18

The minimum password age policy setting determines the period of time that a password can be used before the system requires the user to change it.

A) True
B) False

Answer 18

B) False

Question 19

The maximum password age policy setting determines the period of time that a password must be used before the user can change it.

A) True
B) False

Answer 19

B) False

Question 20

Which of the answers listed below refers to a software tool specifically designed to store and manage login credentials?

A) BitLocker
B) Password manager
C) Key escrow
D) Password vault

Answer 20

B) Password manager

Question 21

Which of the following technologies cannot be used as a passwordless authentication method?

A) Biometrics

B) Hardware tokens

C) QR codes

D) OTPs

E) Passkeys

F) All of the above can be used as a means for passwordless authentication

Answer 21

F) All of the above can be used as a means for passwordless authentication

Question 22

A security solution that provides control over elevated (i.e., administrative type) accounts is referred to as:

A) MFA
B) IAM
C) SSO
D) PAM

Answer 22

D) PAM

Question 23

Which of the answers listed below refers to a solution designed to minimize the risk of unauthorized access to privileged accounts?

A) Principle of least privilege
B) Just-in-time-permissions
C) Passwordless authentication
D) Multifactor authentication

Answer 23

B) Just-in-time-permissions

Question 24

Which of the following answers refers to an encrypted database that provides secure storage space for user credentials?

A) Secure enclave
B) Password manager
C) Rainbow table
D) Password vault

Answer 24

D) Password vault

Question 25

Which of the terms listed below refer(s) to the concept of ephemeral access, where access to systems, resources, or permissions is provided for a limited duration? (Select all that apply)

A) TOTP

B) OTP

C) Just-in-time permissions

D) User password

E) API key

Answer 25

A) TOTP

B) OTP

C) Just-in-time permissions