WGU D329 Network and Security – Applications | CompTIA Security+ (SY0-701) Certification Exam | 77 Questions & Answers WITH 2 PBQs | 2025

1 . What is the recommended failure mode for logical security controls in a data center to ensure proper data protection? Fail open Fail closed Fail safe Fail secure 2 . A company is evaluating its cybersecurity strategy and has determined that it can tolerate a certain level of data breach risk. If the risk threshold is set at 10%, what actions should the company take if a proposed security measure only reduces the risk to 12%? Implement the security measure, as it is close to the threshold. Reject the security measure, as it exceeds the risk threshold. Modify the security measure to further reduce the risk. Accept the risk, as it is within the company's tolerance. 3. What is the primary purpose of an application allow list in cybersecurity? A. To block all incoming network traffic B. To permit only approved applications to run on a system C. To monitor user activity on company systems D. To encrypt sensitive data on devices 4 . What does FIM stand for in the context of data security? File Integrity Monitoring Firewall Intrusion Management 1/21   6/1/25, 2:56 AM Federated Identity Management Fast Internet Monitoring 5 . Explain why organized crime is considered a significant threat actor in the context of ransomware-as-a-service. They operate independently without any financial motivation. They often collaborate with government agencies. They have the resources and motivation to develop and distribute ransomware. They focus solely on political activism. 6. A company has recently experienced a data breach due to misconfigured routers. As a security engineer, you are tasked with implementing security measures. If you decide to disable web-based administration, which additional measure should you consider to further secure the routers? Enable all routing protocols for redundancy. Implement strong password policies for console access. Increase the number of VLANs for better segmentation. Allow remote access for easier management. 7 . A company has recently experienced a data breach due to unauthorized file changes. As a security administrator, you are tasked with implementing a solution to prevent future incidents. Which of the following actions should you take to enhance data security? Implement a File Integrity Monitoring (FIM) system to track and alert on file changes Increase the number of user accounts with administrative privileges Disable all firewalls to improve system performance Rely solely on antivirus software for protection 2/21   6/1/25, 2:56 AM 8. In the context of data roles, which term refers to an individual whose personal information is being collected and stored by an organization? Processor Custodian Subject Owner 9. What does OCSP stand for in the context of certificate validation? Online Certificate Status Protocol Open Certificate Security Protocol Operational Certificate Status Process Original Certificate Signing Procedure 1 0. Explain how orchestration can reduce human error during the account creation process for multiple end users. A. By allowing administrators to manually create each account B. By automating repetitive tasks and ensuring consistency C. By providing a user interface for end users to create their own accounts D. By implementing strict policies that must be followed 1 1. Explain why logical security controls should be configured to fail closed in a data center environment. To allow unrestricted access during a failure To prevent unauthorized access and protect sensitive data To ensure that all systems remain operational regardless of security status 3/21   6/1/25, 2:56 AM To facilitate easier troubleshooting of security issues