CompTIA SY0-701 Practice Test

Prepare smarter and boost your chances of success with our CompTIA SY0-701 Practice test. This test helps you assess your knowledge, pinpoint strengths, and target areas for improvement. Surveys and user data from multiple platforms show that individuals who use SY0-701 practice exam are 40–50% more likely to pass on their first attempt.

Start practicing today and take the fast track to becoming CompTIA SY0-701 certified.

13890 already prepared
Updated On : 16-Jul-2025
389 Questions
4.8/5.0

Page 1 out of 39 Pages

Which of the following enables the use of an input field to run commands that can view or manipulate data?

A. Cross-site scripting

B. Side loading

C. Buffer overflow

D. SQL injection

D.   SQL injection

SQL injection is a type of attack that enables the use of an input field to run commands that can view or manipulate data in a database. SQL stands for Structured Query Language, which is a language used to communicate with databases. By injecting malicious SQL statements into an input field, an attacker can bypass authentication, access sensitive information, modify or delete data, or execute commands on the server. SQL injection is one of the most common and dangerous web application vulnerabilities.

References
CompTIA Security+ Study Guide with over 500 Practice Test Questions: Exam SY0-701, 9th Edition, Chapter 5, page 195.
CompTIA Security+ SY0-701 Exam Objectives, Domain 1.1, page 8.

A company’s legal department drafted sensitive documents in a SaaS application and wants to ensure the documents cannot be accessed by individuals in high-risk countries. Which of the following is the most effective way to limit this access?

A. Data masking

B. Encryption

C. Geolocation policy

D. Data sovereignty regulation

C.   Geolocation policy

A geolocation policy is a policy that restricts or allows access to data or resources based on the geographic location of the user or device. A geolocation policy can be implemented using various methods, such as IP address filtering, GPS tracking, or geofencing. A geolocation policy can help the company’s legal department to prevent unauthorized access to sensitive documents from individuals in high-risk countries12. The other options are not effective ways to limit access based on location:
Data masking: This is a technique of obscuring or replacing sensitive data with fictitious or anonymized data. Data masking can protect the privacy and confidentiality of data, but it does not prevent access to data based on location3.
Encryption: This is a process of transforming data into an unreadable format using a secret key or algorithm. Encryption can protect the integrity and confidentiality of data, but it does not prevent access to data based on location. Encryption can also be bypassed by attackers who have the decryption key or method4.
Data sovereignty regulation: This is a set of laws or rules that govern the storage, processing, and transfer of data within a specific jurisdiction or country. Data sovereignty regulation can affect the availability and compliance of data, but it does not prevent access to data based on location. Data sovereignty regulation can also vary depending on the country or region.
References = 1: CompTIA Security+ SY0-701 Certification Study Guide, page 972: Account Policies – SY0-601 CompTIA Security+ : 3.7, video by Professor Messer3: CompTIA Security+ SY0-701 Certification Study Guide, page 1004: CompTIA Security+ SY0-701 Certification Study Guide, page 101. : CompTIA Security+ SY0-701 Certification Study Guide, page 102.

A technician needs to apply a high-priority patch to a production system. Which of the following steps should be taken first?

A. Air gap the system.

B. Move the system to a different network segment.

C. Create a change control request.

D. Apply the patch to the system.

C.   Create a change control request.

A change control request is a document that describes the proposed change to a system, the reason for the change, the expected impact, the approval process, the testing plan, the implementation plan, the rollback plan, and the communication plan. A change control request is a best practice for applying any patch to a production system, especially a high-priority one, as it ensures that the change is authorized, documented, tested, and communicated. A change control request also minimizes the risk of unintended consequences, such as system downtime, data loss, or security breaches. 

References = CompTIA Security+ Study Guide with over 500 Practice Test Questions: Exam SY0-701, 9th Edition, Chapter 6, page 235. CompTIA Security+ SY0-701 Exam Objectives, Domain 4.1, page 13.

Which of the following is used to add extra complexity before using a one-way data transformation algorithm?

A. Key stretching

B. Data masking

C. Steganography

D. Salting

D.   Salting

Salting is the process of adding extra random data to a password or other data before applying a one-way data transformation algorithm, such as a hash function. Salting increases the complexity and randomness of the input data, making it harder for attackers to guess or crack the original data using precomputed tables or brute force methods. Salting also helps prevent identical passwords from producing identical hash values, which could reveal the passwords to attackers who have access to the hashed data. Salting is commonly used to protect passwords stored in databases or transmitted over networks. References

Passwords technical overview 

Encryption, hashing, salting – what’s the difference?

Salt (cryptography)

During a security incident, the security operations team identified sustained network traffic from a malicious IP address:

10.1.4.9. A security analyst is creating an inbound firewall rule to block the IP address  from accessing the organization’s network. Which of the following fulfills this request?

A. access-list inbound deny ig source 0.0.0.0/0 destination 10.1.4.9/32

B. access-list inbound deny ig source 10.1.4.9/32 destination 0.0.0.0/0

C. access-list inbound permit ig source 10.1.4.9/32 destination 0.0.0.0/0

D. access-list inbound permit ig source 0.0.0.0/0 destination 10.1.4.9/32

B.   access-list inbound deny ig source 10.1.4.9/32 destination 0.0.0.0/0

A firewall rule is a set of criteria that determines whether to allow or deny a packet to pass through the firewall. A firewall rule consists of several elements, such as the action, the protocol, the source address, the destination address, and the port number. The syntax of a firewall rule may vary depending on the type and vendor of the firewall, but the basic logic is the same. In this question, the security analyst is creating an inbound firewall rule to block the IP address 10.1.4.9 from accessing the organization’s network. This means that the action should be deny, the protocol should be any (or ig for IP), the source address should be 10.1.4.9/32 (which means a single IP address), the destination address should be 0.0.0.0/0 (which means any IP address), and the port number should be any.

Therefore, the correct firewall rule is: access-list inbound deny ig source 10.1.4.9/32 destination 0.0.0.0/0 This rule will match any packet that has the source IP address of 10.1.4.9 and drop it. The other options are incorrect because they either have the wrong action, the wrong source address, or the wrong destination address. For example, option A has the source and destination addresses reversed, which means that it will block any packet that has the destination IP address of 10.1.4.9, which is not the intended goal. Option C has the wrong action, which is permit, which means that it will allow the packet to pass through the firewall, which is also not the intended goal. Option D has the same problem as option A, with the source and destination addresses reversed. 

References = Firewall Rules – CompTIA Security+ SY0-401: 1.2, Firewalls – SY0-601 CompTIA Security+ : 3.3, Firewalls – CompTIA Security+ SY0-501, Understanding Firewall Rules – CompTIA Network+ N10-005: 5.5, Configuring Windows Firewall – CompTIA A+ 220-1102 – 1.6.

A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?

A. Default credentials

B. Non-segmented network

C. Supply chain vendor

D. Vulnerable software

C.   Supply chain vendor




Explanation:

A supply chain vendor is a third-party entity that provides goods or services to an organization, such as a SaaS provider. A supply chain vendor can pose a risk to the new system if the vendor has poor security practices, breaches, or compromises that could affect the confidentiality, integrity, or availability of the system or its data. The organization should perform due diligence and establish a service level agreement with the vendor to mitigate this risk. The other options are not specific to the scenario of using a SaaS provider, but rather general risks that could apply to any system.

An attacker posing as the Chief Executive Officer calls an employee and instructs the employee to buy gift cards. Which of the following techniques is the attacker using?

A. Smishing

B. Disinformation

C. Impersonating

D. Whaling

C.   Impersonating

Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?

A. Compensating control

B. Network segmentation

C. Transfer of risk

D. SNMP traps

A.   Compensating control

Which of the following is the most likely outcome if a large bank fails an internal PCI DSS compliance assessment?

A. Fines

B. Audit findings

C. Sanctions

D. Reputation damage

B.   Audit findings

A system administrator is assessing the broader context of the company's IT security posture in light of recent expansions in both workstations and servers. This assessment includes understanding the impact of various external and internal factors on the organization's IT infrastructure. Aside from the organization's IT infrastructure itself, what are two other significant factors that should be considered in this assessment? (Select the two best options.)

A. External threat landscape

B. Regulatory/compliance environment

C. Employee cybersecurity awareness

D. Business continuity planning

A.   External threat landscape
B.   Regulatory/compliance environment
Page 1 out of 39 Pages

Your Path to Security+ SY0-701 Certification Success

Earning your CompTIA Security+ SY0-701 certification validates your core cybersecurity skills and opens doors to rewarding IT security careers. Our high-quality practice tests are designed to help you master the latest exam objectives and pass on your first attempt.

Exam Code: SY0-701
Exam Name: CompTIA Security+ Exam
Certification Name: Security+
Certification Provider: CompTIA
Exam Questions: 90
Type of Questions: MCQs
Exam Time: 90 minutes
Passing Score: 750

Whats New in Security+ SY0-701 (2024 Update)?


Expanded cloud security coverage (AWS, Azure, SaaS security)
Greater emphasis on zero trust architecture
Updated cryptography standards (post-quantum crypto, blockchain)
Enhanced focus on automation/SOC workflows
New social engineering attack techniques

Security+ SY0-701 Exam Domains Breakdown


Domain
Weighting
Threats, Attacks & Vulnerabilities
24%
Architecture & Design
21%
Implementation
25%
Operations & Incident Response
16%
Governance, Risk & Compliance
14%


Why Choose Our Security+ SY0-701 Practice Tests?


✔ 100% aligned with latest CompTIA objectives
✔ Performance-based questions (PBQs) like the real exam
✔ Detailed explanations for every answer
✔ Mobile-friendly interface for on-the-go studying
✔ Progress tracking to identify weak areas

Who Should Take Security+ SY0-701?


This certification is ideal for:

Aspiring cybersecurity professionals
IT administrators moving into security roles
Military personnel pursuing DoD 8570 compliance
College students building IT credentials

Join 8,000+ Students Who Aced Their Exam with PrepTIA!

I was overwhelmed by the SY0-701 exam topics until I found these practice questions. The scenarios on cloud security and threat detection were spot-on—just like the real exam! After drilling 50 questions daily, I passed with an 832/900. The detailed explanations saved me hours of guesswork.
Jake R., Cybersecurity Analyst