Comptia Security+ 701
Which of the following threat actors is the most likely to be hired by a foreign government to
attack critical systems located in other countries?
A. Hacktivist
B. Whistleblower
C. Organized crime
D. Unskilled attacker ANS: C. Organized crime
Which of the following is used to add extra complexity before using a one-way data
transformation algorithm?
A. Key stretching
B. Data masking
C. Steganography
D. Salting ANS: D. Salting
An employee clicked a link in an email from a payment website that asked the employee to
update contact information. The employee entered the log-in information but received a "page
not found" error message.
Which of the following types of social engineering attacks occurred?
A. Brand impersonation
B. Pretexting
C. Typosquatting
D. Phishing ANS: D. Phishing
An enterprise is trying to limit outbound DNS traffic originating from its internal network.
,Outbound DNS requests will only be allowed from one device with the IP address 10.50.10.25.
Which of the following firewall ACLs will accomplish this goal?
A. Access list outbound permit 0.0.0.0/0 0.0.0.0/0 port 53
Access list outbound deny 10.50.10.25/32 0.0.0.0/0 port 53
B. Access list outbound permit 0.0.0.0/0 10.50.10.25/32 port 53Access list outbound deny 0.0.0.0/0
0.0.0.0/0 port 53
C. Access list outbound permit 0.0.0.0/0 0.0.0.0/0 port 53
Access list outbound deny 0.0.0.0/0 10.50.10.25/32 port 53
D. Access list outbound permit 10.50.10.25/32 0.0.0.0/0 port 53
Access list outbound deny 0.0.0.0/0 0.0.0.0/0 port 53 ANS: D. Access list outbound permit
10.50.10.25/32 0.0.0.0/0 port 53
Access list outbound deny 0.0.0.0/0 0.0.0.0/0 port 53
A data administrator is configuring authentication for a SaaS application and would like to
reduce the number of credentials employees need to maintain. The company prefers to use
domain credentials to access new SaaS applications.
Which of the following methods would allow this functionality?
A. SSO
B. LEAP
C. MFA
D. PEAP ANS: A. SSO
Which of the following scenarios describes a possible business email compromise attack?
A. An employee receives a gift card request in an email that has an executive's name in the
display field of the email.
B. Employees who open an email attachment receive messages demanding payment in order to
,access files.
C. A service desk employee receives an email from the HR director asking for log-in credentials
to a cloud administrator account.
D. An employee receives an email with a link to a phishing site that is designed to look like the
company's email portal. ANS: A. An employee receives a gift card request in an email that has an
executive's name in the
display field of the email.
A company prevented direct access from the database administrators' workstations to the
network segment that contains database servers.
Which of the following should a database administrator use to access the database servers?
A. Jump server
B. RADIUS
C. HSM
D. Load balancer ANS: A. Jump server
An organization's internet-facing website was compromised when an attacker exploited a buffer
overflow.
Which of the following should the organization deploy to best protect against similar attacks in
the future?
A. NGFW
B. WAF
C. TLS
D. SD-WAN ANS: B. WAF
An administrator notices that several users are logging in from suspicious IP addresses. After
, speaking with the users, the administrator determines that the employees were not logging in
from those IP addresses and resets the affected users' passwords.
Which of the following should the administrator implement to prevent this type of attack from
succeeding in the future?
A. Multifactor authentication
B. Permissions assignment
C. Access management
D. Password complexity ANS: A. Multifactor authentication
An employee receives a text message that appears to have been sent by the payroll department
and is asking for credential verification.
Which of the following social engineering techniques are being attempted? (Choose two.)
A. Typosquatting
B. Phishing
C. Impersonation
D. Vishing
E. Smishing
F. Misinformation ANS: C. Impersonation
E. Smishing
Several employees received a fraudulent text message from someone claiming to be the Chief
Executive Officer (CEO). The message stated:
"I'm in an airport right now with no access to email. I need you to buy gift cards for employee
recognition awards. Please send the gift cards to following email address."
Which of the following are the best responses to this situation? (Choose two).
Which of the following threat actors is the most likely to be hired by a foreign government to
attack critical systems located in other countries?
A. Hacktivist
B. Whistleblower
C. Organized crime
D. Unskilled attacker ANS: C. Organized crime
Which of the following is used to add extra complexity before using a one-way data
transformation algorithm?
A. Key stretching
B. Data masking
C. Steganography
D. Salting ANS: D. Salting
An employee clicked a link in an email from a payment website that asked the employee to
update contact information. The employee entered the log-in information but received a "page
not found" error message.
Which of the following types of social engineering attacks occurred?
A. Brand impersonation
B. Pretexting
C. Typosquatting
D. Phishing ANS: D. Phishing
An enterprise is trying to limit outbound DNS traffic originating from its internal network.
,Outbound DNS requests will only be allowed from one device with the IP address 10.50.10.25.
Which of the following firewall ACLs will accomplish this goal?
A. Access list outbound permit 0.0.0.0/0 0.0.0.0/0 port 53
Access list outbound deny 10.50.10.25/32 0.0.0.0/0 port 53
B. Access list outbound permit 0.0.0.0/0 10.50.10.25/32 port 53Access list outbound deny 0.0.0.0/0
0.0.0.0/0 port 53
C. Access list outbound permit 0.0.0.0/0 0.0.0.0/0 port 53
Access list outbound deny 0.0.0.0/0 10.50.10.25/32 port 53
D. Access list outbound permit 10.50.10.25/32 0.0.0.0/0 port 53
Access list outbound deny 0.0.0.0/0 0.0.0.0/0 port 53 ANS: D. Access list outbound permit
10.50.10.25/32 0.0.0.0/0 port 53
Access list outbound deny 0.0.0.0/0 0.0.0.0/0 port 53
A data administrator is configuring authentication for a SaaS application and would like to
reduce the number of credentials employees need to maintain. The company prefers to use
domain credentials to access new SaaS applications.
Which of the following methods would allow this functionality?
A. SSO
B. LEAP
C. MFA
D. PEAP ANS: A. SSO
Which of the following scenarios describes a possible business email compromise attack?
A. An employee receives a gift card request in an email that has an executive's name in the
display field of the email.
B. Employees who open an email attachment receive messages demanding payment in order to
,access files.
C. A service desk employee receives an email from the HR director asking for log-in credentials
to a cloud administrator account.
D. An employee receives an email with a link to a phishing site that is designed to look like the
company's email portal. ANS: A. An employee receives a gift card request in an email that has an
executive's name in the
display field of the email.
A company prevented direct access from the database administrators' workstations to the
network segment that contains database servers.
Which of the following should a database administrator use to access the database servers?
A. Jump server
B. RADIUS
C. HSM
D. Load balancer ANS: A. Jump server
An organization's internet-facing website was compromised when an attacker exploited a buffer
overflow.
Which of the following should the organization deploy to best protect against similar attacks in
the future?
A. NGFW
B. WAF
C. TLS
D. SD-WAN ANS: B. WAF
An administrator notices that several users are logging in from suspicious IP addresses. After
, speaking with the users, the administrator determines that the employees were not logging in
from those IP addresses and resets the affected users' passwords.
Which of the following should the administrator implement to prevent this type of attack from
succeeding in the future?
A. Multifactor authentication
B. Permissions assignment
C. Access management
D. Password complexity ANS: A. Multifactor authentication
An employee receives a text message that appears to have been sent by the payroll department
and is asking for credential verification.
Which of the following social engineering techniques are being attempted? (Choose two.)
A. Typosquatting
B. Phishing
C. Impersonation
D. Vishing
E. Smishing
F. Misinformation ANS: C. Impersonation
E. Smishing
Several employees received a fraudulent text message from someone claiming to be the Chief
Executive Officer (CEO). The message stated:
"I'm in an airport right now with no access to email. I need you to buy gift cards for employee
recognition awards. Please send the gift cards to following email address."
Which of the following are the best responses to this situation? (Choose two).
