SY0-701試験無料問題集（527題）「CompTIA Security+ Certification 認定」

出題：1

Which of the following should a systems administrator use to decrease the company's hardware attack surface?

A. Replication

B. Isolation

C. Centralization

D. Virtualization

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Which of the following is a type of vulnerability that refers to the unauthorized installation of applications on a device through means other than the official application store?

A. Cross-site scripting

B. Buffer overflow

C. Jailbreaking

D. Side loading

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

An organization is building a new backup data center with cost-benefit as the primary requirement and RTO and RPO values around two days. Which of the following types of sites is the best for this scenario?

A. Real-time recovery

B. Warm

C. Cold

D. Hot

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

The security operations center is researching an event concerning a suspicious IP address A security analyst looks at the following event logs and discovers that a significant portion of the user accounts have experienced faded log-In attempts when authenticating from the same IP address:

Which of the following most likely describes attack that took place?

A. Brute-force

B. Dictionary

C. Spraying

D. Rainbow table

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

A company prevented direct access from the database administrators' workstations to the network segment that contains database servers. Which of the following should a database administrator use to access the database servers?

A. HSM

B. Load balancer

C. RADIUS

D. Jump server

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

Which of the following should an organization use to protect its environment from external attacks conducted by an unauthorized hacker?

A. IDS

B. ACL

C. NIPS

D. HIDS

正解：A 解答を投票する

出題：7

A company wants to reduce the time and expense associated with code deployment. Which of the following technologies should the company utilize?

A. Virtual machines

B. Serverless architecture

C. Thin clients

D. Private cloud

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

Which of the following can be used to compromise a system that is running an RTOS?

A. Cross-site scripting

B. Memory injection

C. Ransomware

D. Replay attack

正解：B 解答を投票する

出題：9

Employees in the research and development business unit receive extensive training to ensure they understand how to best protect company data. Which of the following is the type of data these employees are most likely to use in day-to-day work activities?

A. Data in transit

B. Critical

C. Intellectual property

D. Encrypted

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

The Cruel Information Security Officer (CISO) asks a security analyst to install an OS update to a production VM that has a 99% uptime SLA. The CISO tells me analyst the installation must be done as quickly as possible. Which of the following courses of action should the security analyst take first?

A. Log in to the server and perform a health check on the VM.

B. Install the patch Immediately.

C. Confirm that the backup service is running.

D. Take a snapshot of the VM.

正解：D 解答を投票する

出題：11

An organization is required to provide assurance that its controls are properly designed and operating effectively. Which of the following reports will best achieve the objective?

A. Vulnerability assessment

B. Red teaming

C. Independent audit

D. Penetration testing

正解：A 解答を投票する

出題：12

A network engineer is increasing the overall security of network devices and needs to harden the devices.
Which of the following will best accomplish this task?

A. Replacing Telnet with SSH

B. Configuring centralized logging

C. Enabling HTTP administration

D. Generating local administrator accounts

正解：A 解答を投票する

出題：13

A company installed cameras and added signs to alert visitors that they are being recorded. Which of the following controls did the company implement? (Select two).

A. Detective

B. Technical

C. Deterrent

D. Preventive

E. Corrective

F. Directive

正解：A,C 解答を投票する

出題：14

When trying to access an internal website, an employee reports that a prompt displays, stating that the site is insecure. Which of the following certificate types is the site most likely using?

A. Root of trust

B. Wildcard

C. Self-signed

D. Third-party

正解：C 解答を投票する

出題：15

Which of the following would best explain why a security analyst is running daily vulnerability scans on all corporate endpoints?

A. To find shadow IT cloud deployments

B. To hunt for active attackers in the network

C. To continuously monitor hardware inventory

D. To track the status of patch installations

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

SY0-701試験無料問題集「CompTIA Security+ Certification 認定」