CompTIA SY0-701 CompTIA Security+ Online Training

Question #51

An organization is building a new backup data center with cost-benefit as the primary requirement and RTO and RPO values around two days.

Which of the following types of sites is the best for this scenario?

A . Real-time recovery
B . Hot
C . Cold
D . Warm

Reveal Solution Hide Solution

Question #52

A company requires hard drives to be securely wiped before sending decommissioned systems to recycling.

Which of the following best describes this policy?

A . Enumeration
B . Sanitization
C . Destruction
D . Inventory

Reveal Solution Hide Solution

Question #53

A systems administrator works for a local hospital and needs to ensure patient data is protected and secure.

Which of the following data classifications should be used to secure patient data?

A . Private
B . Critical
C . Sensitive
D . Public

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

Data classification is a process of categorizing data based on its level of sensitivity, value, and impact to the organization if compromised. Data classification helps to determine the appropriate security controls and policies to protect the data from unauthorized access, disclosure, or modification. Different organizations may use different data classification schemes, but a common one is the four-tier model, which consists of the following categories: public, private, sensitive, and critical.

Public data is data that is intended for public access and disclosure, and has no impact to the organization if compromised. Examples of public data include marketing materials, press releases, and public web pages.

Private data is data that is intended for internal use only, and has a low to moderate impact to the organization if compromised. Examples of private data include employee records, financial reports, and internal policies.

Sensitive data is data that is intended for authorized use only, and has a high impact to the organization if compromised. Examples of sensitive data include personal information, health records, and intellectual property.

Critical data is data that is essential for the organization’s operations and survival, and has a severe impact to the organization if compromised. Examples of critical data include encryption keys, disaster recovery plans, and system backups.

Patient data is a type of sensitive data, as it contains personal and health information that is protected by law and ethical standards. Patient data should be used only by authorized personnel for legitimate purposes, and should be secured from unauthorized access, disclosure, or modification. Therefore, the systems administrator should use the sensitive data classification to secure patient data.

Reference = CompTIA Security+ SY0-701 Certification Study Guide, page 90-91; Professor Messer’s CompTIA SY0-701 Security+ Training Course, video 5.5 – Data Classifications, 0:00 – 4:30.

Question #54

A U.S.-based cloud-hosting provider wants to expand its data centers to new international locations.

Which of the following should the hosting provider consider first?

A . Local data protection regulations
B . Risks from hackers residing in other countries
C . Impacts to existing contractual obligations
D . Time zone differences in log correlation

Reveal Solution Hide Solution

Question #55

Which of the following would be the best way to block unknown programs from executing?

A . Access control list
B . Application allow list.
C . Host-based firewall
D . DLP solution

Reveal Solution Hide Solution

Question #56

A company hired a consultant to perform an offensive security assessment covering penetration testing and social engineering.

Which of the following teams will conduct this assessment activity?

A . White
B . Purple
C . Blue
D . Red

Reveal Solution Hide Solution

Question #57

A software development manager wants to ensure the authenticity of the code created by the company.

Which of the following options is the most appropriate?

A . Testing input validation on the user input fields
B . Performing code signing on company-developed software
C . Performing static code analysis on the software
D . Ensuring secure cookies are use

Reveal Solution Hide Solution

Question #58

Which of the following can be used to identify potential attacker activities without affecting production servers?

A . Honey pot
B . Video surveillance
C . Zero Trust
D . Geofencing

Reveal Solution Hide Solution

Question #59

During an investigation, an incident response team attempts to understand the source of an incident.

Which of the following incident response activities describes this process?

A . Analysis
B . Lessons learned
C . Detection
D . Containment

Reveal Solution Hide Solution

Question #60

A security practitioner completes a vulnerability assessment on a company’s network and finds several vulnerabilities, which the operations team remediates.

Which of the following should be done next?

A . Conduct an audit.
B . Initiate a penetration test.
C . Rescan the network.
D . Submit a report.

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

After completing a vulnerability assessment and remediating the identified vulnerabilities, the next step is to rescan the network to verify that the vulnerabilities have been successfully fixed and no new vulnerabilities have been introduced. A vulnerability assessment is a process of identifying and evaluating the weaknesses and exposures in a network, system, or application that could be exploited by attackers. A vulnerability assessment typically involves using automated tools, such as scanners, to scan the network and generate a report of the findings. The report may include information such as the severity, impact, and remediation of the vulnerabilities. The operations team is responsible for applying the appropriate patches, updates, or configurations to address the vulnerabilities and reduce the risk to the network. A rescan is necessary to confirm that the remediation actions have been effective and that the network is secure.

Conducting an audit, initiating a penetration test, or submitting a report are not the next steps after

completing a vulnerability assessment and remediating the vulnerabilities. An audit is a process of reviewing and verifying the compliance of the network with the established policies, standards, and regulations. An audit may be performed by internal or external auditors, and it may use the results of the vulnerability assessment as part of the evidence. However, an audit is not a mandatory step after a vulnerability assessment, and it does not validate the effectiveness of the remediation actions.

A penetration test is a process of simulating a real-world attack on the network to test the security defenses and identify any gaps or weaknesses. A penetration test may use the results of the vulnerability assessment as a starting point, but it goes beyond scanning and involves exploiting the vulnerabilities to gain access or cause damage. A penetration test may be performed after a vulnerability assessment, but only with the proper authorization, scope, and rules of engagement. A penetration test is not a substitute for a rescan, as it does not verify that the vulnerabilities have been fixed.

Submitting a report is a step that is done after the vulnerability assessment, but before the remediation. The report is a document that summarizes the findings and recommendations of the vulnerability assessment, and it is used to communicate the results to the stakeholders and the operations team. The report may also include a follow-up plan and a timeline for the remediation actions. However, submitting a report is not the final step after the remediation, as it does not confirm that the network is secure.

Reference = CompTIA Security+ SY0-701 Certification Study Guide, page 372-375; Professor Messer’s CompTIA SY0-701 Security+ Training Course, video 4.1 – Vulnerability Scanning, 0:00 – 8:00.