SY0-701無料問題集「CompTIA Security+ Certification」

質問 1

A vendor needs to remotely and securely transfer files from one server to another using the command line. Which of the following protocols should be Implemented to allow for this type of access? (Select two).

（A）SFTP

（B）S/MIME

（C）RDP

（D）SNMP

（E）SMTP

（F）SSH

正解：A、F 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

Which of the following should a security operations center use to improve its incident response procedure?

（A）Playbooks

（B）Frameworks

（C）Baselines

（D）Benchmarks

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

A threat actor was able to use a username and password to log in to a stolen company mobile device. Which of the following provides the best solution to increase mobile data security on all employees' company mobile devices?

（A）Application management

（B）Full disk encryption

（C）Remote wipe

（D）Containerization

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

An organization wants a third-party vendor to do a penetration test that targets a specific device.
The organization has provided basic information about the device. Which of the following best describes this kind of penetration test?

（A）Partially known environment

（B）Known environment

（C）Unknown environment

（D）Integrated

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

A legacy device is being decommissioned and is no longer receiving updates or patches. Which of the following describes this scenario?

（A）End of support

（B）End of life

（C）End of business

（D）End of testing

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

An organization disabled unneeded services and placed a firewall in front of a business-critical legacy system. Which of the following best describes the actions taken by the organization?

（A）Risk transfer

（B）Exception

（C）Compensating controls

（D）Segmentation

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

A company wants to verify that the software the company is deploying came from the vendor the company purchased the software from. Which of the following is the best way for the company to confirm this information?

（A）Validate the code signature.

（B）Generate a hash of the files.

（C）Execute the code in a sandbox.

（D）Search the executable for ASCII strings.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

During a recent breach, employee credentials were compromised when a service desk employee issued an MFA bypass code to an attacker who called and posed as an employee. Which of the following should be used to prevent this type of incident in the future?

（A）Hardware token MFA

（B）Biometrics

（C）Identity proofing

（D）Least privilege

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

After a security incident, a systems administrator asks the company to buy a NAC platform.
Which of the following attack surfaces is the systems administrator trying to protect?

（A）Bluetooth

（B）NFC

（C）Wired

（D）SCADA

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

The Chief Information Security Officer (CISO) at a large company would like to gain an understanding of how the company's security policies compare to the requirements imposed by external regulators.
Which of the following should the CISO use?

（A）Internal audit

（B）External examination

（C）Penetration test

（D）Attestation

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

A security officer is implementing a security awareness program and has placed security-themed posters around the building and assigned online user training. Which of the following will the security officer most likely implement?

（A）Risk assessment

（B）Password policy

（C）Access badges

（D）Phishing campaign

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 12

A security administrator needs a method to secure data in an environment that includes some form of checks so that the administrator can track any changes. Which of the following should the administrator set up to achieve this goal?

（A）SPF

（B）GPO

（C）NAC

（D）FIM

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 13

Which of the following automation use cases would best enhance the security posture of an organization by rapidly updating permissions when employees leave a company?

（A）Disabling access

（B）Reviewing change approvals

（C）Escalating permission requests

（D）Provisioning resources

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 14

A systems administrator would like to create a point-in-time backup of a virtual machine. Which of the following should the administrator use?

（A）Snapshot

（B）Replication

（C）Containerization

（D）Simulation

正解：A 解答を投票する

質問 15

A security administrator is hardening corporate systems and applying appropriate mitigations by consulting a real-world knowledge base for adversary behavior. Which of the following would be best for the administrator to reference?

（A）SOAR

（B）CVSS

（C）MITRE ATT&CK

（D）CSIRT

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 16

A security analyst is creating base for the server team to follow when hardening new devices for deployment. Which of the following beet describes what the analyst is creating?

（A）Secure configuration guide

（B）Cybersecurity framework

（C）Information security policy

（D）Change management procedure

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 17

While performing digital forensics, which of the following is considered the most volatile and should have the contents collected first?

（A）Hard drive

（B）RAM

（C）Temporary files

（D）SSD

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

SY0-701 無料問題集「CompTIA Security+ Certification」

弊社を連絡する

関連リンク

トップ試験