2025年最新の更新のCompTIA Security+が有効なSY0-701問題集を無料提供しています
最新のJPNTest SY0-701PDF問題集をダウンロードしちゃおう:https://www.jpntest.com/shiken/SY0-701-mondaishu(527問題と解答)
CompTIA SY0-701 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
質問 # 156
A company evaluates several options that would allow employees to have remote access to the network. The security team wants to ensure the solution includes AAA to comply with internal security policies. Which of the following should the security team recommend?
- A. Web proxy for all remote traffic
- B. RDP connection with LDAPS
- C. IPSec with RADIUS
- D. Jump server with 802.1X
正解:C
質問 # 157
An administrator needs to perform server hardening before deployment. Which of the following steps should the administrator take? (Select two).
- A. Disable default accounts.
- B. Add the server to the asset inventory.
- C. Remove unnecessary services.
- D. Join the server to the corporate domain.
- E. Send server logs to the SIEM.
- F. Document default passwords.
正解:A、C
質問 # 158
Which of the following is a common source of unintentional corporate credential leakage in cloud environments?
- A. Dark web
- B. State actors
- C. Code repositories
- D. Threat feeds
- E. Vulnerability databases
正解:C
解説:
Code repositories are a common source of unintentional corporate credential leakage, especially in cloud environments. Developers may accidentally commit and push sensitive information, such as API keys, passwords, and other credentials, to public or poorly secured repositories. These credentials can then be accessed by unauthorized users, leading to security breaches. Ensuring that repositories are properly secured and that sensitive data is never committed is critical for protecting against this type of leakage.
References =
* CompTIA Security+ SY0-701 Course Content: Domain 03 Security Architecture.
* CompTIA Security+ SY0-601 Study Guide: Chapter on Threats and Vulnerability Management.
質問 # 159
A security analyst is reviewing the following logs:
Which of the following attacks is most likely occurring?
- A. Account forgery
- B. Password spraying
- C. Brute-force
- D. Pass-t he-hash
正解:B
解説:
Password spraying is a type of brute force attack that tries common passwords across several accounts to find a match. It is a mass trial-and-error approach that can bypass account lockout protocols. It can give hackers access to personal or business accounts and information. It is not a targeted attack, but a high-volume attack tactic that uses a dictionary or a list of popular or weak passwords12.
The logs show that the attacker is using the same password ("password123") to attempt to log in to different accounts ("admin", "user1", "user2", etc.) on the same web server. This is a typical pattern of password spraying, as the attacker is hoping that at least one of the accounts has a weak password that matches the one they are trying. The attacker is also using a tool called Hydra, which is one of the most popular brute force tools, often used in cracking passwords for network authentication3.
Account forgery is not the correct answer, because it involves creating fake accounts or credentials to impersonate legitimate users or entities. There is no evidence of account forgery in the logs, as the attacker is not creating any new accounts or using forged credentials.
Pass-the-hash is not the correct answer, because it involves stealing a hashed user credential and using it to create a new authenticated session on the same network. Pass-the-hash does not require the attacker to know or crack the password, as they use the stored version of the password to initiate a new session4. The logs show that the attacker is using plain text passwords, not hashes, to try to log in to the web server.
Brute-force is not the correct answer, because it is a broader term that encompasses different types of attacks that involve trying different variations of symbols or words until the correct password is found. Password spraying is a specific type of brute force attack that uses a single common password against multiple accounts5. The logs show that the attacker is using password spraying, not brute force in general, to try to gain access to the web server. References = 1: Password spraying: An overview of password spraying attacks ... - Norton, 2: Security: Credential Stuffing vs. Password Spraying - Baeldung, 3: Brute Force Attack: A definition + 6 types to know | Norton, 4: What is a Pass-the-Hash Attack? - CrowdStrike, 5: What is a Brute Force Attack? | Definition, Types & How It Works - Fortinet
質問 # 160
A security analyst is investigating an application server and discovers that software on the server is behaving abnormally. The software normally runs batch jobs locally and does not generate traffic, but the process is now generating outbound traffic over random high ports. Which of the following vulnerabilities has likely been exploited in this software?
- A. Side loading
- B. Race condition
- C. SQL injection
- D. Memory injection
正解:D
解説:
Memory injection vulnerabilities allow unauthorized code or commands to be executed within a software program, leading to abnormal behavior such as generating outbound traffic over random high ports. This issue often arises from software not properly validating or encoding input, which can be exploited by attackers to inject malicious code.References: CompTIA Security+ SY0-701 course content and official CompTIA study resources.
質問 # 161
You are security administrator investigating a potential infection on a network.
Click on each host and firewall. Review all logs to determine which host originated the Infecton and then deny each remaining hosts clean or infected.






正解:
解説:
質問 # 162
Users at a company are reporting they are unable to access the URL for a new retail website because it is flagged as gambling and is being blocked. Which of the following changes would allow users to access the site?
- A. Tuning the DLP rule that detects credit card data
- B. Configuring the IPS to allow shopping
- C. Creating a firewall rule to allow HTTPS traffic
- D. Updating the categorization in the content filter
正解:D
質問 # 163
Which of the following attacks exploits a potential vulnerability as a result of using weak cryptographic algorithms?
- A. On-path
- B. Digital signing
- C. Side-channel
- D. Password cracking
正解:D
質問 # 164
Security controls in a data center are being reviewed to ensure data is properly protected and that human life considerations are included. Which of the following best describes how the controls should be set up?
- A. Logging controls should fail open.
- B. Remote access points should fail closed.
- C. Safety controls should fail open.
- D. Logical security controls should fail closed.
正解:C
解説:
Safety controls are security controls that are designed to protect human life and physical assets from harm or damage. Examples of safety controls include fire alarms, sprinklers, emergency exits, backup generators, and surge protectors. Safety controls should fail open, which means that they should remain operational or allow access when a failure or error occurs. Failing open can prevent or minimize the impact of a disaster, such as a fire, flood, earthquake, or power outage, on human life and physical assets. For example, if a fire alarm fails, it should still trigger the sprinklers and unlock the emergency exits, rather than remain silent and locked.
Failing open can also ensure that essential services, such as healthcare, transportation, or communication, are available during a crisis. Remote access points, logging controls, and logical security controls are other types of security controls, but they should not fail open in a data center. Remote access points are security controls that allow users or systems to access a network or a system from a remote location, such as a VPN, a web portal, or a wireless access point. Remote access points should fail closed, which means that they should deny access when a failure or error occurs. Failing closed can prevent unauthorized or malicious access to the data center's network or systems, such as by hackers, malware, or rogue devices. Logging controls are security controls that record and monitor the activities and events that occur on a network or a system, such as user actions, system errors, security incidents, or performance metrics. Logging controls should also fail closed, which means that they should stop or suspend the activities or events when a failure or error occurs. Failing closed can prevent data loss, corruption, or tampering, as well as ensure compliance with regulations and standards. Logical security controls are security controls that use software or code to protect data and systems from unauthorized or malicious access, modification, or destruction, such as encryption, authentication, authorization, or firewall. Logical security controls should also fail closed, which means that they should block or restrict access when a failure or error occurs. Failing closed can prevent data breaches, cyberattacks, or logical flaws, as well as ensure confidentiality, integrity, and availability of data and systems. References:
CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 142-143, 372-373, 376-377
質問 # 165
Which of the following techniques would attract the attention of a malicious attacker in an insider threat scenario?
- A. Adding a fake account to /etc/passwd
- B. Setting weak passwords in /etc/shadow
- C. Scheduling vulnerable jobs in /etc/crontab
- D. Creating a false text file in /docs/salaries
正解:D
質問 # 166
To which of the following security categories does an EDR solution belong?
- A. Operational
- B. Technical
- C. Physical
- D. Managerial
正解:B
質問 # 167
After a company was compromised, customers initiated a lawsuit. The company's attorneys have requested that the security team initiate a legal hold in response to the lawsuit. Which of the following describes the action the security team will most likely be required to take?
- A. Retain all emails from the company to affected customers for an indefinite period of time.
- B. Retain any communications related to the security breach until further notice.
- C. Retain the emails between the security team and affected customers for 30 days.
- D. Retain any communications between security members during the breach response.
正解:B
解説:
A legal hold (also known as a litigation hold) is a notification sent from an organization's legal team to employees instructing them not to delete electronically stored information (ESI) or discard paper documents that may be relevant to a new or imminent legal case. A legal hold is intended to preserve evidence and prevent spoliation, which is the intentional or negligent destruction of evidence that could harm a party's case. A legal hold can be triggered by various events, such as a lawsuit, a regulatory investigation, or a subpoena12 In this scenario, the company's attorneys have requested that the security team initiate a legal hold in response to the lawsuit filed by the customers after the company was compromised. This means that the security team will most likely be required to retain any communications related to the security breach until further notice. This could include emails, instant messages, reports, logs, memos, or any other documents that could be relevant to the lawsuit. The security team should also inform the relevant custodians (the employees who have access to or control over the ESI) of their preservation obligations and monitor their compliance. The security team should also document the legal hold process and its scope, as well as take steps to protect the ESI from alteration, deletion, or loss34 Reference:
1: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 6: Risk Management, page 303 2: CompTIA Security+ Certification Kit: Exam SY0-701, 7th Edition, Chapter 6: Risk Management, page 305 3: Legal Hold (Litigation Hold) - The Basics of E-Discovery - Exterro 5 4: The Legal Implications and Consequences of a Data Breach 6
質問 # 168
Which of the following risks can be mitigated by HTTP headers?
- A. SSL
- B. DoS
- C. SQLi
- D. XSS
正解:D
解説:
HTTP headers can be used to mitigate risks associated with Cross-Site Scripting (XSS). Security- related HTTP headers such as Content Security Policy (CSP) and X-XSS-Protection can be configured to prevent the execution of malicious scripts in the context of a web page. XSS (Cross-Site Scripting): A vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users. HTTP headers like CSP help prevent XSS attacks by specifying which dynamic resources are allowed to load.
SQLi (SQL Injection): Typically mitigated by using parameterized queries and input validation, not HTTP headers.
DoS (Denial of Service): Mitigated by network and application-level defenses rather than HTTP headers.
SSL (Secure Sockets Layer): Refers to securing communications and is not directly mitigated by HTTP headers; rather, it's implemented using SSL/TLS protocols.
質問 # 169
A security analyst is reviewing the source code of an application in order to identify misconfigurations and vulnerabilities. Which of the following kinds of analysis best describes this review?
- A. Dynamic
- B. Static
- C. Gap
- D. Impact
正解:B
解説:
Reviewing the source code of an application to identify misconfigurations and vulnerabilities is best described as static analysis. Static analysis involves examining the code without executing the program. It focuses on finding potential security issues, coding errors, and vulnerabilities by analyzing the code itself.
Static analysis: Analyzes the source code or compiled code for vulnerabilities without executing the program.
Dynamic analysis: Involves testing and evaluating the program while it is running to identify vulnerabilities.
Gap analysis: Identifies differences between the current state and desired state, often used for compliance or process improvement.
Impact analysis: Assesses the potential effects of changes in a system or process.
質問 # 170
A company with a high-availability website is looking to harden its controls at any cost. The company wants to ensure that the site is secure by finding any possible issues. Which of the following would most likely achieve this goal?
- A. Vulnerability scan
- B. Reconnaissance
- C. Permission restrictions
- D. Bug bounty program
正解:D
解説:
Abug bounty programencourages ethical hackers tofind and report vulnerabilities, helping organizations discover security flaws before they are exploited by malicious actors. Unlikevulnerability scans, bug bounty programs usereal-world testing techniques.
質問 # 171
Easy-to-guess passwords led to an account compromise. The current password policy requires at least 12 alphanumeric characters, one uppercase character, one lowercase character, a password history of two passwords, a minimum password age of one day, and a maximum password age of 90 days. Which of the following would reduce the risk of this incident from happening again? (Choose two.)
- A. Increasing the maximum password age to 120 days.
- B. Reducing the minimum password length to ten characters.
- C. Upgrading the password hashing algorithm from MD5 to SHA-512.
- D. Reducing the minimum password age to zero days.
- E. Including a requirement for at least one special character.
- F. Increasing the minimum password length to 14 characters.
正解:E、F
解説:
Since the issue is with the passwords being easy to guess, the solution would be one that addresses password complexity (and not password history or age necessarily). Increasing the minimum length of the password and introducing a special character would be the best options for this.
質問 # 172
Which of the following should a company use to provide proof of external network security testing?
- A. Vulnerability assessment
- B. Third-party attestation
- C. Business impact analysis
- D. Supply chain analysis
正解:B
解説:
Detailed Explanation:Third-party attestation involves an external, independent party performing a network security assessment and providing documented proof, ensuring objectivity and compliance with regulatory or client requirements. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management, Section: "Compliance and Security Audits".
質問 # 173
A security analyst is reviewing the logs on an organization's DNS server and notices the following unusual snippet:
Which of the following attack techniques was most likely used?
- A. Exfiltrating data from fshare.int.complia.org
- B. Bypassing the organization's DNS sinkholing
- C. Determining the organization's ISP-assigned address space
- D. Attempting to achieve initial access to the DNS server
- E. Footprinting the internal network
正解:E
解説:
The AXFR request is typically used by attackers to obtain a complete list of DNS records, which can reveal internal IP addresses and hostnames, thereby providing a detailed map of the internal network. This information can then be used for further attacks, such as identifying critical systems or planning network intrusions.
質問 # 174
A company is developing a business continuity strategy and needs to determine how many staff members would be required to sustain the business in the case of a disruption. Which of the followingbestdescribes this step?
- A. Geographic dispersion
- B. Redundancy
- C. Tablet exercise
- D. Capacity planning
正解:D
解説:
Capacity planning is the process of determining the resources needed to meet the current and future demands of an organization.
Capacity planning can help a company develop a business continuity strategy by estimating how many staff members would be required to sustain the business in the case of a disruption, such as a natural disaster, a cyberattack, or a pandemic.
Capacity planning can also help a company optimize the use of its resources, reduce costs, and improve performance.
質問 # 175
A U.S.-based cloud-hosting provider wants to expand its data centers to new international locations. Which of the following should the hosting provider consider first?
- A. Risks from hackers residing in other countries
- B. Impacts to existing contractual obligations
- C. Local data protection regulations
- D. Time zone differences in log correlation
正解:C
解説:
Local data protection regulations are the first thing that a cloud-hosting provider should consider before expanding its data centers to new international locations. Data protection regulations are laws or standards that govern how personal or sensitive data is collected, stored, processed, and transferred across borders. Different countries or regions may have different data protection regulations, such as the General Data Protection Regulation (GDPR) in the European Union, the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada, or the California Consumer Privacy Act (CCPA) in the United States. A cloud-hosting provider must comply with the local data protection regulations of the countries or regions where it operates or serves customers, or else it may face legal penalties, fines, or reputational damage. Therefore, a cloud-hosting provider should research and understand the local data protection regulations of the new international locations before expanding its data centers there.
質問 # 176
After a security awareness training session, a user called the IT help desk and reported a suspicious call. The suspicious caller stated that the Chief Financial Officer wanted credit card information in order to close an invoice. Which of the following topics did the user recognize from the training?
- A. Insider threat
- B. Social engineering
- C. Executive whaling
- D. Email phishing
正解:B
解説:
Explanation
Social engineering is the practice of manipulating people into performing actions or divulging confidential information, often by impersonating someone else or creating a sense of urgency or trust. The suspicious caller in this scenario was trying to use social engineering to trick the user into giving away credit card information by pretending to be the CFO and asking for a payment. The user recognized this as a potential scam and reported it to the IT help desk. The other topics are not relevant to this situation. References: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 19 1
質問 # 177
Visitors to a secured facility are required to check in with a photo ID and enter the facility through an access control vestibule Which of the following but describes this form of security control?
- A. Operational
- B. Technical
- C. Managerial
- D. Physical
正解:D
解説:
A physical security control is a device or mechanism that prevents unauthorized access to a physical location or asset. An access control vestibule, also known as a mantrap, is a physical security control that consists of a small space with two sets of interlocking doors, such that the first set of doors must close before the second set opens. This prevents unauthorized individuals from following authorized individuals into the facility, a practice known as piggybacking or tailgating. A photo ID check is another form of physical security control that verifies the identity of visitors. Managerial, technical, and operational security controls are not directly related to physical access, but rather to policies, procedures, systems, and processes that support security objectives.
質問 # 178
A Chief Information Security Officer wants to monitor the company's servers for SQLi attacks and allow for comprehensive investigations if an attack occurs. The company uses SSL decryption to allow traffic monitoring. Which of the following strategies would best accomplish this goal?
- A. Logging endpoint and OS-specific security logs
- B. Enabling full packet capture for traffic entering and exiting the servers
- C. Deploying network traffic sensors on the same subnet as the servers
- D. Logging all NetFlow traffic into a SIEM
正解:B
解説:
Full packet capture is a technique that records all network traffic passing through a device, such as a router or firewall. It allows for detailed analysis and investigation of network events, such as SQLi attacks, by providing the complete content and context of the packets. Full packet capture can help identify the source, destination, payload, and timing of an SQLi attack, as well as the impact on the server and database. Logging NetFlow traffic, network traffic sensors, and endpoint and OS-specific security logs can provide some information about network activity, but they do not capture the full content of the packets, which may limit the scope and depth of the investigation. Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 372-373
質問 # 179
A security consultant needs secure, remote access to a client environment. Which of the following should the security consultant most likely use to gain access?
- A. NAT
- B. IPSec
- C. EAP
- D. DHCP
正解:B
解説:
IPSec is a protocol suite that provides secure communication over IP networks. IPSec can be used to create virtual private networks (VPNs) that encrypt and authenticate the data exchanged between two or more parties. IPSec can also provide data integrity, confidentiality, replay protection, and access control. A security consultant can use IPSec to gain secure, remote access to a client environment by establishing a VPN tunnel with the client's network. References: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 8: Secure Protocols and Services, page 385 1
質問 # 180
......
実験された試験材料はSY0-701:https://www.jpntest.com/shiken/SY0-701-mondaishu
最新SY0-701リアル試験問題をフォローせよ!:https://drive.google.com/open?id=15GYkAlmJg1ho3F8oit15YHbKnmsuLFGr