logo

CompTIA SY0-701 - CompTIA Security+ 2023 Exam

Download Exam View Entire Exam Collapse/Expand All Expose All Answers
Page: 2 / 123
Total 611 questions
Question #6 (Topic: Exam A)
Which of the following scenarios describes a possible business email compromise attack?
A. An employee receives a gift card request in an email that has an executive’s name in the display field of the email. B. Employees who open an email attachment receive messages demanding payment in order to access files. C. A service desk employee receives an email from the HR director asking for log-in credentials to a cloud administrator account. D. An employee receives an email with a link to a phishing site that is designed to look like the company’s email portal.
Answer: C
Question #7 (Topic: Exam A)
A company prevented direct access from the database administrators’ workstations to the network segment that contains database servers. Which of the following should a database administrator use to access the database servers?
A. Jump server B. RADIUS C. HSM D. Load balancer
Answer: A
Question #8 (Topic: Exam A)
An organization’s internet-facing website was compromised when an attacker exploited a buffer overflow. Which of the following should the organization deploy to best protect against similar attacks in the future?
A. NGFW B. WAF C. TLS D. SD-WAN
Answer: B
Question #9 (Topic: Exam A)
An administrator notices that several users are logging in from suspicious IP addresses. After speaking with the users, the administrator determines that the employees were not logging in from those IP addresses and resets the affected users’ passwords. Which of the following should the administrator implement to prevent this type of attack from succeeding in the future?
A. Multifactor authentication B. Permissions assignment C. Access management D. Password complexity
Answer: A
Question #10 (Topic: Exam A)
An employee receives a text message that appears to have been sent by the payroll department and is asking for credential verification. Which of the following social engineering techniques are being attempted? (Choose two.)
A. Typosquatting B. Phishing C. Impersonation D. Vishing E. Smishing F. Misinformation
Answer: CE
Download Exam
Page: 2 / 123
Total 611 questions