SY0-701無料問題集「CompTIA Security+ Certification」

質問 1

Which of the following best describe why a process would require a two-person integrity security control?

（A）To allow one person to perform the activity while being recorded on the CCTV camera

（B）To reduce the risk that the procedures are performed incorrectly or by an unauthorized user

（C）To permit two users from another department to observe the activity that is being performed by an authorized user

（D）To Increase the chance that the activity will be completed in half of the time the process would take only one user to complete

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

Cadets speaking a foreign language are using company phone numbers to make unsolicited phone calls lo a partner organization. A security analyst validates through phone system logs that the calls are occurring and the numbers are not being spoofed. Which of the following is the most likely explanation?

（A）The company's SIP server security settings are weak.

（B）The executive team is traveling internationally and trying to avoid roaming charges

（C）Disgruntled employees are making calls to the partner organization.

（D）The service provider has assigned multiple companies the same numbers

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

Which of the following enables the use of an input field to run commands that can view or manipulate data?

（A）Side loading

（B）Cross-site scripting

（C）SQL injection

（D）Buffer overflow

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

The help desk receives multiple calls that machines with an outdated OS version are running slowly. Several users are seeing virus detection alerts. Which of the following mitigation techniques should be reviewed first?

（A）Patching

（B）Isolation

（C）Monitoring

（D）Segmentation

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

A growing company would like to enhance the ability of its security operations center to detect threats but reduce the amount of manual work required tor the security analysts. Which of the following would best enable the reduction in manual work?

（A）SOAR

（B）SIEM

（C）MDM

（D）DLP

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

Which of the following best protects sensitive data in transit across a geographically dispersed Infrastructure?

（A）Tokenization

（B）Obfuscation

（C）Encryption

（D）Masking

正解：C 解答を投票する

質問 7

An attacker used XSS to compromise a web server. Which of the following solutions could have been used to prevent this attack?

（A）NGFW

（B）UTM

（C）NAC

（D）WAF

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

An IT manager informs the entire help desk staff that only the IT manager and the help desk lead will have access to the administrator console of the help desk software. Which of the following security techniques is the IT manager setting up?

（A）Employee monitoring

（B）Configuration enforcement

（C）Least privilege

（D）Hardening

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

The security team at a large global company needs to reduce the cost of storing data used for performing investigations. Which of the following types of data should have its retention length reduced?

（A）Vulnerability scan

（B）Packet capture

（C）OS security logs

（D）Endpoint logs

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

The security operations center is researching an event concerning a suspicious IP address A security analyst looks at the following event logs and discovers that a significant portion of the user accounts have experienced faded log-In attempts when authenticating from the same IP address:

Which of the following most likely describes attack that took place?

（A）Rainbow table

（B）Dictionary

（C）Spraying

（D）Brute-force

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

Which of the following security concepts is accomplished when granting access after an individual has logged into a computer network?

（A）Non-repudiation

（B）Authentication

（C）Identification

（D）Authorization

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 12

A company has yearly engagements with a service provider. The general terms and conditions are the same for all engagements. The company wants to simplify the process and revisit the general terms every three years. Which of the following documents would provide the best way to set the general terms?

（A）SLA

（B）MOU

（C）NDA

（D）MSA

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 13

Which of the following would be the best way to test resiliency in the event of a primary power failure?

（A）Tabletop exercise

（B）Parallel processing

（C）Production failover

（D）Simulation testing

正解：C 解答を投票する

質問 14

Which of the following is a primary security concern for a company setting up a BYOD program?

（A）End of life

（B）VM escape

（C）Buffer overflow

（D）Jailbreaking

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 15

Which of the following is the main consideration when a legacy system that is a critical part of a company's infrastructure cannot be replaced?

（A）Resource provisioning

（B）Single point of failure

（C）Cost

（D）Complexity

正解：B 解答を投票する

SY0-701 無料問題集「CompTIA Security+ Certification」

弊社を連絡する

関連リンク

トップ試験