Security+ SYO-701 Practice Tests latest upload, Exams of Advanced Education

Security+ SYO-701 Practice Tests latest upload

Typology: Exams

2025/2026

Available from 06/04/2026

tizian-mwangi
tizian-mwangi 🇺🇸

4.1

(8)

29K documents

1 / 76

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1 / 76
Security+ SYO-701 Practice Tests latest upload
1.
b. Sometimes called logical security controls
c. Executed by computer systems (instead of people)
e.
Implemented
with
technology:
Which of the following answers can be used to describe
technical
security controls? (Select 3 answers)
a.
Focused
on
protecting
material
assets
b.
Sometimes
called
logical
security
controls
c.
Executed
by
computer
systems
(instead
of
people)
d.
Also
known
as
administrative
controls
e.
Implemented
with
technology
f.
Primarily
implemented
and
executed
by
people
(as
opposed
to
computer
systems)
2.
b. Encryption
d. IDSs
f.
Firewalls:
Which of the answers listed below refer to examples of technical security controls?
(Select 3
answers)
a.
Security
audits
b.
Encryption
c.
Organizational
security
policy
d.
IDSs
e.
Configuration
management
f.
Firewalls
3.
a. Also known as administrative controls
c.
Focused on reducing the risk of security incidents
e. Documented in written policies:
Which of the following answers refer to the
characteristic features
of managerial security controls? (Select 3 answers)
a.
Also
known
as
administrative
controls
b.
Sometimes
referred
to
as
logical
security
controls
c.
Focused
on
reducing
the
risk
of
security
incidents
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c

Partial preview of the text

Download Security+ SYO-701 Practice Tests latest upload and more Exams Advanced Education in PDF only on Docsity!

1 / 76

Security+ SYO-701 Practice Tests latest upload

  1. b. Sometimes called logical security controls c. Executed by computer systems (instead of people) e. Implemented with technology: Which of the following answers can be used to describe technical security controls? (Select 3 answers) a. Focused on protecting material assets b. Sometimes called logical security controls c. Executed by computer systems (instead of people) d. Also known as administrative controls e. Implemented with technology f. Primarily implemented and executed by people (as opposed to computer systems)
  2. b. Encryption d. IDSs f. Firewalls: Which of the answers listed below refer to examples of technical security controls? (Select 3 answers) a. Security audits b. Encryption c. Organizational security policy d. IDSs e. Configuration management f. Firewalls
  3. a. Also known as administrative controls c. Focused on reducing the risk of security incidents e. Documented in written policies: Which of the following answers refer to the characteristic features of managerial security controls? (Select 3 answers) a. Also known as administrative controls b. Sometimes referred to as logical security controls c. Focused on reducing the risk of security incidents

2 / 76 d. Executed by computer systems (instead of people) e. Documented in written policies f. Focused on protecting material assets

  1. c. Organizational security policy d. Risk assessments e. Security awareness training: Examples of managerial security controls include: (Select 3 answers) a. Configuration management b. Data backups c. Organizational security policy d. Risk assessments e. Security awareness training
  2. b. Focused on the day-to-day procedures of an organization d. Used to ensure that the equipment continues to work as specified f. Primarily implemented and executed by people (as opposed to computer systems): Which of the answers listed below can be used to describe operational security controls (Select 3 answers) a. Also known as administrative controls b. Focused on the day-to-day procedures of an organization c. Executed by computer systems (instead of people) d. Used to ensure that the equipment continues to work as specified e. Focused on managing risk f. Primarily implemented and executed by people (as opposed to computer systems)
  3. b. Configuration management c. System backups e. Patch management: Which of the following examples fall into the category of operational security controls? (Select 3 answers) a. Risk assessments b. Configuration management c. System backups d. Authentication protocols e. Patch management

4 / 76 c. Lighting d. Video surveillance e. Security audits f. Fencing/Bollards

  1. b. Log monitoring d. Security audits e. CCTV f. IDS g. Vulnerability scanning: Which of the answers listed below refer(s) to detective security control(s)? (Select 5 answers) a. Lighting b. Log monitoring c. Sandboxing d. Security audits e. CCTV f. IDS g. Vulnerability scanning
  2. a. IRPs c. Backups and system recovery d. DRPs e. Forensic analysis: Which of the following answers refer(s) to corrective security control(s)? (Select 4 answers) a. IRPs b. Log monitoring c. Backups and system recovery d. DRPs e. Forensic analysis
  3. a. Temporary service disablement c. MFA d. Backup power systems e. Sandboxing f. Temporary port blocking: Which of the answers listed below refer(s) to

5 / 76 compensating security control(s)? (Select 5 answers) a. Temporary service disablement b. Video surveillance c. MFA d. Backup power systems e. Sandboxing f. Temporary port blocking

  1. a. True: The term "Directive security controls" refers to the category of security controls that are implemented through policies and procedures. a. True b. False
  2. a. IRP (incident response plan) b. AUP (acceptable use policy): Which of the following terms fall into the category of directive security controls? (Select 2 answers) a. IRP b. AUP c. IDS d. MFA e. IPS
  3. d. CIA (Confidentiality, Integrity and Availability): Which of the terms listed below can be used to describe the basic principles of information security? a. PKI b. AAA c. GDPR d. CIA
  4. b. False: The term "Non-repudiation" describes the inability to deny responsibility for performing a specific action. In the context of data security, non-repudiation ensures data confidentiality, provides proof of data integrity, and proof of data origin. a. True b. False
  5. a. Digital certificate: Which of the following best applies to the concept of non- repudiation?

7 / 76

  1. b. Usernames and passwords d. Biometrics e. MFA: In the context of the AAA framework, common methods for authenticating people include: (Select 3 answers) a. IP addresses b. Usernames and passwords c. MAC addresses d. Biometrics e. MFA
  2. b. Digital certificates c. IP addresses f. MAC addresses: Which of the answers listed below refer to common methods of device authentication used within the AAA framework? (Select 3 answers) a. Usernames and passwords b. Digital certificates c. IP addresses d. MFA e. Biometric authentication f. MAC addresses
  3. b. Gap analysis: Which of the following terms describes the process of identifying ditterences between an organization's current security posture and its desired security posture? a. Tabletop exercise b. Gap analysis c. Security awareness training d. Risk assessment
  4. b. False: The term "Zero Trust security" refers to a cybersecurity model that eliminates implicit trust from networks and requires all users and devices to be continuously verified before being granted access to resources. The implementation of the Zero Trust security involves two distinct components: a Data Plane, responsible for defining and managing security policies, and a Control Plane, responsible for enforcing the security policies established by the Data Plane. a. True b. False

8 / 76

  1. c. Adaptive identity: Which of the answers listed below refers to a Zero Trust Control Plane security approach that takes into account user identity, device security, network conditions, and other contextual information to enable dynamic access decisions? a. Implicit trust b. Monitoring and logging c. Adaptive identity d. Microsegmentation
  2. a. Policy Engine (PE) f. Policy Administrator (PA): What are the key components of the Zero Trust Control Plane's Policy Decision Point (PDP)? (Select 2 answers) a. Policy Engine (PE) b. Monitoring and logging c. Policy Enforcement Point (PEP) e. Microsegmentation f. Policy Administrator (PA)
  3. a. True: In the Zero Trust security architecture, the Policy Enforcement Point (PEP) is a Data Plane component that enforces the security policies defined at the Control Plane by the Policy Decision Point (PDP). a. True b. False
  4. a. True: An access control vestibule (a.k.a. mantrap) is a physical security access control system used to prevent unauthorized users from gaining access to restricted areas. An example mantrap could be a two-door entrance point connected to a guard station wherein a person entering from the outside remains locked inside until he/she provides authentication token required to unlock the inner door. a. True b. False
  5. b. Honeypots mimic real systems to attract cyber attackers d. Honeypots contain apparent vulnerabilities that are closely monitored by a security team: Which of the following statements about honeypots are true? (Select 2 answers) a. Honeypots are always part of a honeynet

10 / 76 d. A unique identifier that is designed to track attackers

  1. a. Active user account credentials c. Actual URLs to live websites or resources: Which of the following should not be used as honeytokens? (Select all that apply) a. Active user account credentials b. Database entries mimicking real data c. Actual URLs to live websites or resources d. Dummy server logs with enticing information e. Fake identifiers, including usernames, passwords, email addresses, and IP addresses
  2. b. BIA (Business Impact Analysis): A process used by organizations to assess and evaluate the potential impact of disruptive incidents or disasters on their critical business functions and operations is referred to as: a. BPA b. BIA c. SLE d. BCP
  3. a. PKI (Public Key Infrastructure): A hierarchical system for the creation, management, storage, distribution, and revocation of digital certificates is known as: a. PKI b. RA c. PKCS d. CA
  4. c. A pair of keys where one is used for encryption and the other for decryp- tion: Which of the answers listed below best describes the characteristics of a public-private key pair? a. Both keys are examples of a symmetrical key b. Two keys that are identical c. A pair of keys where one is used for encryption and the other for decryption d. Both keys are examples of a shared key
  5. a. Data encryption: What is the typical use of a public key? a. Data encryption b. Data decryption

11 / 76 c. User/device authentication d. All of the above

  1. b. False: Key escrow is a cryptographic technique that enables storing copies of encryption keys with a trusted third party. A Recovery Agent (RA) is a trusted third party (an individual, entity, or system) who is authorized to assist in the retrieval of encryption keys and data on behalf of the data owner. Key escrow and RA are both used to ensure that encrypted data can be decrypted even if the data owner loses access to their encryption key. Since key escrow and RAs are both components of a single security solution, the only way to implement key escrow systems is with the use of RAs. a. True b. False
  2. d. SED: Which of the following answers refers to a data storage device equipped with hardware-level encryption functionality? a. HSM b. TPM c. EFS d. SED
  3. B. FDE (Full Disk Encryption ): Which of the answers listed below refers to software technology designed to provide confidentiality for an entire data storage device? a. TPM b. FDE c. EFS d. HSM
  4. b. EFS (Encryption File System): An MS Windows component that enables encryption of individual files is called: a. SED b. EFS c. BitLocker d. FDE
  5. b. GPG (Gnu Privacy Guard) e. PGP (Pretty Good Privacy): Which of the following software application tools are specifically designed for implementing encryption algorithms to secure data communication and storage?

13 / 76 b. SFTP c. Telnet d. FTPS

  1. b. False: SFTP is an extension of the FTP protocol that adds support for SSL/TLS encryption. a. True b. False
  2. b. SSH: A type of cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers is known as: a. RDP b. SSH c. Telnet d. SCP
  3. c. IPsec: Which of the answers listed below refers to a suite of protocols and technologies providing encryption, authentication, and data integrity for network traflc? a. TLS b. SSH c. IPsec d. VPN
  4. d. ESP (Encapsulating Security Payload): Which part of IPsec provides authentication, integrity, and confidentiality? a. SPD b. PFS c. AH d. ESP
  5. b. VPN (Virtual Private Network): A system that uses public network (such as the Internet) as a means for creating private encrypted connections between remote locations is referred to as: a. WWAN b. VPN c. PAN

14 / 76 d. VLAN

  1. d. SRTP (Secure Real-time Transport Protocol): Which protocol enables secure, real-time delivery of audio and video over an IP network? a. S/MIME b. RTP c. SIP d. SRTP
  2. b. CCMP: An encryption protocol primarily used in Wi-Fi networks implementing the WPA security standard is called: a. TKIP b. CCMP c. SSL d. IPsec
  3. d. TKIP: A security protocol designed to improve the security of existing WEP implementations is known as: a. WPA b. RC c. CCMP d. TKIP

16 / 76 b. DES

17 / 76 c. DHE d. ECC e. IDEA f. RC g. RSA

  1. a. AES b. DES e. IDEA f. RC4: Which of the following algorithms do(es) not fall into the category of asymmetric encryption? (Select 4 answers that apply) a. AES b. DES c. DHE d. ECC e. IDEA f. RC g. RSA
  2. a. True: The term "KEK" refers to a type of cryptographic key often used in key management systems to add an additional layer of security when encrypting and decrypting other cryptographic keys. a. True b. False
  3. a. PSK: Which of the answers listed below refers to a shared secret authentication method used in WPA, WPA2, and EAP? a. PSK b. 802.1X c. SAE d. TKIP
  4. b. IKE: Which of the following answers refers to a protocol used to set up secure connections and exchange of cryptographic keys in IPsec VPNs? a. SSL b. IKE

19 / 76 c. RSA d. AES

  1. a. AES: Which of the cryptographic algorithms listed below is the least vulnerable to attacks? a. AES b. DES c. RC d. 3DES
  2. b. DES: Which of the following answers refers to a legacy symmetric-key block cipher encryption algorithm? a. RC b. DES c. RSA d. DSA
  3. d. RC4: Which of the answers listed below refers to a deprecated stream cipher used in some legacy applications, such as WEP? a. RSA b. DES c. SSL d. RC
  4. c. IDEA: Which of the following answers refers to a deprecated (largely replaced by AES) symmetric-key block cipher encryption algorithm? a. ECDSA b. RSA c. IDEA d. DSA
  5. d. AES: What is the recommended replacement for DES? a. DSA b. RSA c. RC d. AES
  6. a. True: An IV is a random or pseudorandom value used in cryptography to ensure that the

20 / 76 same plaintext input does not produce the same ciphertext output, even when the same encryption key is used. The IV is typically used with encryption algorithms in block cipher modes to enhance security by introducing randomness to the encryption