SY0-701無料問題集「CompTIA Security+ Certification」

質問 1

An organization issued new laptops to all employees and wants to provide web filtering both in and out of the office without configuring additional access to the network. Which of the following types of web filtering should a systems administrator configure?

（A）URL scanning

（B）Agent-based

（C）Centralized proxy

（D）Content categorization

正解：B 解答を投票する

質問 2

The Chief Information Security Officer (CISO) at a large company would like to gain an understanding of how the company's security policies compare to the requirements imposed by external regulators. Which of the following should the CISO use?

（A）Internal audit

（B）External examination

（C）Penetration test

（D）Attestation

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

A security analyst receives alerts about an internal system sending a large amount of unusual DNS queries to systems on the internet over short periods of time during non-business hours. Which of the following is most likely occurring?

（A）Ransomware is encrypting files.

（B）A worm is propagating across the network.

（C）Data is being exfiltrated.

（D）A logic bomb is deleting data.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

The Chief Information Security Officer wants to put security measures in place to protect PlI. The organization needs to use its existing labeling and classification system to accomplish this goal. Which of the following would most likely be configured to meet the requirements?

（A）Tokenization

（B）MFA

（C）S/MIME

（D）DLP

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Which of the following would best explain why a security analyst is running daily vulnerability scans on all corporate endpoints?

（A）To hunt for active attackers in the network

（B）To continuously the monitor hardware inventory

（C）To find shadow IT cloud deployments

（D）To track the status of patching installations

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

Which of the following describes the maximum allowance of accepted risk?

（A）Risk score

（B）Risk level

（C）Risk indicator

（D）Risk threshold

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?

（A）Hacktivist

（B）Unskilled attacker

（C）Organized crime

（D）Whistleblower

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

A security administrator needs to reduce the attack surface in the company's data centers. Which of the following should the security administrator do to complete this task?

（A）Define Group Policy on the servers.

（B）Configure the servers for high availability.

（C）Upgrade end-of-support operating systems.

（D）Implement a honeynet.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

An organization is required to provide assurance that its controls are properly designed and operating effectively. Which of the following reports will best achieve the objective?

（A）Independent audit

（B）Red teaming

（C）Penetration testing

（D）Vulnerability assessment

正解：D 解答を投票する

質問 10

An organization is building a new backup data center with cost-benefit as the primary requirement and RTO and RPO values around two days. Which of the following types of sites is the best for this scenario?

（A）Hot

（B）Cold

（C）Warm

（D）Real-time recovery

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

A systems administrator discovers a system that is no longer receiving support from the vendor. However, this system and its environment are critical to running the business, cannot be modified, and must stay online.
Which of the following risk treatments is the most appropriate in this situation?

（A）Refect

（B）Avoid

（C）Transfer

（D）Accept

正解：C 解答を投票する

質問 12

Which of the following types of identification methods can be performed on a deployed application during runtime?

（A）Package monitoring

（B）Bug bounty

（C）Dynamic analysis

（D）Code review

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 13

A cybersecurity incident response team at a large company receives notification that malware is present on several corporate desktops No known Indicators of compromise have been found on the network. Which of the following should the team do first to secure the environment?

（A）Segment the core database server.

（B）Implement firewall rules to block outbound beaconing

（C）Contain the Impacted hosts

（D）Add the malware to the application blocklist.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

SY0-701 無料問題集「CompTIA Security+ Certification」

弊社を連絡する

関連リンク

トップ試験