SY0-701試験無料問題集「CompTIA Security+ Certification 認定」

An organization is adopting cloud services at a rapid pace and now has multiple SaaS applications in use.
Each application has a separate log-in. so the security team wants to reduce the number of credentials each employee must maintain. Which of the following is the first step the security team should take?

解説: (GoShiken メンバーにのみ表示されます)
A group of developers has a shared backup account to access the source code repository. Which of the following is the best way to secure the backup account if there is an SSO failure?

解説: (GoShiken メンバーにのみ表示されます)
A company has begun labeling all laptops with asset inventory stickers and associating them with employee IDs. Which of the following security benefits do these actions provide? (Choose two.)

解説: (GoShiken メンバーにのみ表示されます)
An engineer moved to another team and is unable to access the new team's shared folders while still being able to access the shared folders from the former team. After opening a ticket, the engineer discovers that the account was never moved to the new group. Which of the following access controls is most likely causing the lack of access? 1

Visitors to a secured facility are required to check in with a photo ID and enter the facility through an access control vestibule Which of the following but describes this form of security control?

解説: (GoShiken メンバーにのみ表示されます)
Which of the following threat actors would most likely deface the website of a high-profile music group?

解説: (GoShiken メンバーにのみ表示されます)
During a SQL update of a database, a temporary field that was created was replaced by an attacker in order to allow access to the system. Which of the following best describes this type of vulnerability?

A security consultant needs secure, remote access to a client environment. Which of the following should the security consultant most likely use to gain access?

解説: (GoShiken メンバーにのみ表示されます)
Which of the following would be the best way to test resiliency in the event of a primary power failure?

Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?

解説: (GoShiken メンバーにのみ表示されます)
Which of the following is a type of vulnerability that involves inserting scripts into web-based applications in order to take control of the client's web browser?

解説: (GoShiken メンバーにのみ表示されます)
An organization's web servers host an online ordering system. The organization discovers that the servers are vulnerable to a malicious JavaScript injection, which could allow attackers to access customer payment information. Which of the following mitigation strategies would be most effective for preventing an attack on the organization's web servers? (Select two).

Which of the following examples would be best mitigated by input sanitization?

解説: (GoShiken メンバーにのみ表示されます)
After failing an audit twice, an organization has been ordered by a government regulatory agency to pay fines.
Which of the following caused this action?

An attacker used XSS to compromise a web server. Which of the following solutions could have been used to prevent this attack?

解説: (GoShiken メンバーにのみ表示されます)
Which of the following should an internal auditor check for first when conducting an audit of the organization's risk management program?

A vendor salesperson is a personal friend of a company's Chief Financial Officer (CFO). The company recently made a large purchase from the vendor, which was directly approved by the CFO. Which of the following best describes this situation?

解説: (GoShiken メンバーにのみ表示されます)
An organization has a new regulatory requirement to implement corrective controls on a financial system.
Which of the following is the most likely reason for the new requirement?

解説: (GoShiken メンバーにのみ表示されます)
Which of the following is used to protect a computer from viruses, malware, and Trojans being installed and moving laterally across the network?

解説: (GoShiken メンバーにのみ表示されます)