CompTIA Security+ Practice Tests
Exam SY0-701
3rd Edition
Published on 8. December 2023
637 pages
978-1-394-21139-5 (ISBN)
Description
Prepare for the Security+ certification exam confidently and quickly
CompTIA Security+ Practice Tests: Exam SY0-701, Third Edition, prepares you for the newly updated CompTIA Security+ exam. You'll focus on challenging areas and get ready to ace the exam and earn your Security+ certification. This essential collection of practice tests contains study questions covering every single objective domain included on the SY0-701. Comprehensive coverage of every essential exam topic guarantees that you'll know what to expect on exam day, minimize test anxiety, and maximize your chances of success.
You'll find 1000 practice questions on topics like general security concepts, threats, vulnerabilities, mitigations, security architecture, security operations, and security program oversight. You'll also find:
* Complimentary access to the Sybex test bank and interactive learning environment
* Clear and accurate answers, complete with explanations and discussions of exam objectives
* Material that integrates with the CompTIA Security+ Study Guide: Exam SY0-701, Ninth Edition
The questions contained in CompTIA Security+ Practice Tests increase comprehension, strengthen your retention, and measure overall knowledge. It's an indispensable part of any complete study plan for Security+ certification.
CompTIA Security+ Practice Tests: Exam SY0-701, Third Edition, prepares you for the newly updated CompTIA Security+ exam. You'll focus on challenging areas and get ready to ace the exam and earn your Security+ certification. This essential collection of practice tests contains study questions covering every single objective domain included on the SY0-701. Comprehensive coverage of every essential exam topic guarantees that you'll know what to expect on exam day, minimize test anxiety, and maximize your chances of success.
You'll find 1000 practice questions on topics like general security concepts, threats, vulnerabilities, mitigations, security architecture, security operations, and security program oversight. You'll also find:
* Complimentary access to the Sybex test bank and interactive learning environment
* Clear and accurate answers, complete with explanations and discussions of exam objectives
* Material that integrates with the CompTIA Security+ Study Guide: Exam SY0-701, Ninth Edition
The questions contained in CompTIA Security+ Practice Tests increase comprehension, strengthen your retention, and measure overall knowledge. It's an indispensable part of any complete study plan for Security+ certification.
More details
Other editions
Additional editions
Book
12/2023
3rd Edition
Sybex Inc.,U.S.
€43.50
Shipment within 15-20 days
Previous edition
E-Book
01/2021
2nd Edition
Wiley-Scrivener
€27.99
Available for download
Person
DAVID SEIDL, CYSA+, CISSP, PENTEST+, is Vice President for Information Technology and CIO at Miami University. David co-led Notre Dame's move to the cloud and has written multiple cybersecurity certification books.
Content
Introduction xi
Chapter 1 Domain 1.0: General Security Concepts 1
Chapter 2 Domain 2.0: Threats, Vulnerabilities, and Mitigations 29
Chapter 3 Domain 3.0: Security Architecture 69
Chapter 4 Domain 4.0: Security Operations 115
Chapter 5 Domain 5.0: Security Program Management and Oversight 169
Appendix Answers to Review Questions 217
Chapter 1: Domain 1.0: General Security Concepts 218
Chapter 2: Domain 2.0: Threats, Vulnerabilities, and Mitigations 233
Chapter 3: Domain 3.0: Security Architecture 255
Chapter 4: Domain 4.0: Security Operations 283
Chapter 5: Domain 5.0: Security Program Management and Oversight 309
Index 337
Chapter 1
Domain 1.0: General Security Concepts
THE COMPTIA SECURITY+ EXAM SY0-701 TOPICS COVERED IN THIS CHAPTER INCLUDE THE FOLLOWING:
- Domain 1.0: General Security Concepts
- 1.1 Compare and contrast various types of security controls
- Categories (Technical, Managerial, Operational, Physical)
- Control types (Preventive, Deterrent, Detective, Corrective, Compensating, Directive)
- 1.2 Summarize fundamental security concepts
- Confidentiality, Integrity, and Availability (CIA)
- Non-repudiation
- Authentication, Authorization, and Accounting (AAA) (Authenticating people, authenticating systems, authorization models)
- Gap analysis
- Zero trust (control plane, data plane)
- Physical security (bollards, access control vestibule, fencing, video surveillance, security guard, access badge, lighting, sensors)
- Deception and disruption technology (honeypot, honeynet, honeyfile, honeytoken)
- 1.3 Explain the importance of change management processes and the impact to security
- Business processes impacting security operations (approval process, ownership, stakeholders, impact analysis, test results, backout plan, maintenance window, standard operating procedure)
- Technical implications (allow lists/deny lists, restricted activities, downtime, service restart, application restart, legacy applications, dependencies)
- Documentation (updating diagrams, updating policies/procedures)
- Version control
- 1.4 Explain the importance of using appropriate cryptographic solutions
- Public key infrastructure (PKI) (Public key, private, key, key escrow)
- Encryption (Level, transport/communication, asymmetric, symmetric, key exchange, algorithms, key length)
- Tools (Trusted Platform Module [TPM], Hardware security module [HSM], key management systems, secure enclave)
- Obfuscation (Steganography, tokenization, data masking)
- Hashing
- Salting
- Digital Signatures
- Key stretching
- Blockchain
- Open public ledger
- Certificates (certificate authorities, certificate revocation lists [CRLs], Online Certificate Status Protocol [OCSP], self-signed, third-party, root of trust, certificate signing request [CSR] generation, wildcard)
- 1.1 Compare and contrast various types of security controls
- Felicia wants to deploy an encryption solution that will protect files in motion as they are copied between file shares as well as at rest, and also needs it to support granular, per-user security. What type of solution should she select?
- Partition encryption
- File encryption
- Full-disk encryption
- Record-level encryption
- Valerie wants to use a certificate to handle multiple subdomains for her website, including the
sales.example.comandsupport.example.comsubdomains. What type of certificate should she use?- A self-signed certificate
- A root of trust certificate
- A CRL certificate
- A wildcard certificate
- What information is analyzed during a gap analysis?
- Control objectives and controls intended to meet the objectives
- Physically separate networks and their potential connection points
- Compensating controls and the controls they are replacing
- Security procedures and the policies they are designed to support
- Susan's team has recommended an application restart for a production, customer-facing application as part of an urgent patch due to a security update. What technical implication is the most common concern when conducting an application restart?
- Application configuration changes caused by the restart
- Whether the patch will properly apply
- Lack of security controls during the restart
- The downtime during the restart
- Using a tool like
gitis most frequently associated with what critical change management process?- Having a backout plan
- Stakeholder analysis
- Version control
- Standard operating procedures (SOPs)
- Jacob is concerned that the password used for one of his organization's services is weak, and he wants to make it harder to crack by making it harder to test possible keys during a brute-force attack. What is this technique called?
- Master keying
- Key stretching
- Key rotation
- Passphrase armoring
- Log monitoring is an example of what control category?
- Technical
- Managerial
- Operational
- Physical
- Rick wants to make offline brute-force attacks against his password file very difficult for attackers. Which of the following is not a common technique to make passwords harder to crack?
- Use of a salt
- Use of a pepper
- Use of a purpose-built password hashing algorithm
- Encrypting password plain text using symmetric encryption
- Diffie-Hellman and RSA are both examples of what important encryption-related solution?
- Rekeying
- Certificate revocation protocols
- Key exchange algorithms
- Key generation algorithms
- Sally wants to ensure that her change management process includes a procedure for what to do if the change fails. What should she create to handle this possibility?
- An impact analysis
- A backout plan
- A regression test
- A maintenance window
- Theresa is concerned that her scheduled maintenance window may extend beyond the allocated time due to an unexpected issue. What element from the CIA triad is she concerned about?
- Criticality
- Accessibility
- Integrity
- Availability
- Alaina is concerned about vehicles that might impact her organization's backup generator. What should she install to prevent both inadvertent and purposeful vehicle impacts on a generator installed outside her building near a parking lot?
- A speed bump
- An access control vestibule
- Bollards
- A chain-link fence
- Ben has deployed a data loss prevention (DLP) tool that inspects data and flags specific data types for review before emails containing it are sent outside the organization. What control type best describes this type of solution?
- Managerial
- Detective
- Corrective
- Preventive
- What type of control is a policy or procedure?
- Directive
- Corrective
- Detective
- Preventive
- Murali has deployed a file integrity monitoring tool and has configured alerts to notify him if files are modified. What control type best describes this solution?
- Preventive
- Deterrent
- Directive
- Detective
- Charles wants to reduce the threat scope of compromised credentials. What type of the following security controls is best suited to meeting this need?
- Single sign-on
- Federation
- Zero trust
- Multifactor authentication (MFA)
- Carol wants to obfuscate data that is contained in her database. She wants to be able to refer to the data elements without having the actual data exposed. What type of obfuscation option should she select?
- Tokenization
- Encryption
- Data masking
- Data randomization
- What key is used to decrypt information sent by another individual between two people using public key encryption?
- The recipient's private key
- The recipient's public key
- The sender's private key
- The sender's public key
- Selah's organization has recently experienced a breach and the private keys for her organization's certificates were exposed. What should she immediately do?
- Reissue the certificates with changed hostnames and other details.
- Replace the certificates with self-signed certificates until they can be replaced by the vendor.
- Revoke the certificates and place them on a certificate revocation list.
- Replace the certificates with wildcard certificates.
- Which of the following is not a major concern related to downtime caused by patching and system updates?
- Attackers compromising the system or service while it is offline
- Security systems or functions being offline during restart or shutdown processes
- Unexpected extended downtime
- Dependencies between systems or services related to downtime
- Joanna wants to ensure that the most current version of each component in her application is deployed. What change management process will help the most with this requirement?
- Dependency mapping
- Version control
- Impact analysis
- Allow and deny lists
- Greg wants to implement a version control system to ensure that changes are made in ways that will not cause problems for his organization's critical software. Which of the following is not a common feature of version control systems designed for software source code?
- Atomic operations
- File locking
- Regression testing
- Tagging and labeling
- Christina wants to implement a physical security control that has the...
