All Vendors

CompTIA SY0-701 Exam Questions

CompTIA SY0-701 Exam Topics – Detailed Study Guide

Topic 1: General Security Concepts

This topic covers the foundational principles of cybersecurity. Candidates learn about different types of security controls, including administrative, technical, and physical controls. Additionally, it emphasizes the importance of change management processes and the use of appropriate cryptographic solutions to protect sensitive information. Understanding these concepts helps professionals establish a secure framework for enterprise environments.

Topic 2: Threats, Vulnerabilities, and Mitigations

This section focuses on identifying and addressing cybersecurity risks. Candidates explore various threat actors, their motivations, and common attack vectors. The topic also covers vulnerability types and analysis of indicators of compromise in real-world scenarios. Furthermore, it emphasizes mitigation techniques and best practices to protect networks, systems, and data from malicious activities effectively.

Topic 3: Security Architecture

This topic examines security considerations across enterprise architecture models. Candidates learn to apply security principles to design resilient infrastructure and protect critical assets. It also covers data protection strategies, including encryption and access controls, and the importance of disaster recovery and resilience planning to maintain business continuity in case of incidents.

Topic 4: Security Operations

This section addresses day-to-day security management practices. Candidates are trained to apply security techniques to hardware, software, and data assets while managing vulnerabilities efficiently. Key concepts include security monitoring, alerting, identity and access management (IAM), and using automation and orchestration to improve operational security effectiveness across enterprise environments.

Topic 5: Security Program Management and Oversight

This topic emphasizes governance, risk management, and compliance. Candidates learn about effective security program management, third-party risk assessments, and regulatory compliance requirements. It also covers auditing processes, assessments, and implementing SY0-701 exam  security awareness programs to reduce human-related risks in organizations.

Topic 6: Emerging Technologies and Security Trends

This SY0-701 exam topic covers the latest trends and innovations in cybersecurity. Candidates learn about cloud security best practices, Internet of Things (IoT) risks, mobile device security, and artificial intelligence in threat detection. Additionally, it addresses emerging compliance challenges and modern security frameworks, preparing professionals to adapt to evolving technology landscapes and protect organizations from future cyber threats.

Exam Name:

CompTIA Security+ Certification Exam

Registration Code:

CompTIA SY0-701

Related Certification:

CompTIA Security+ Certification

Certification Provider:

CompTIA

Get Full Version

Total Questions

735

Regular Update

Exam Duration

90 Minutes

Get Premium

Full PDF

Question 1: Following a government-mandated ban on a specific hardware manufacturer, which legal risk must a company's general counsel prioritize to ensure the organization remains eligible for federal contracts?
Correct Answer: A

When the government bans a vendor, the primary concern for the company’s general counsel is sanctions, which are legal restrictions that prohibit the purchase, use, import, or continued operation of products associated with restricted entities. Security+ SY0-701 stresses that compliance with government regulations and legal mandates is a critical oversight responsibility. Failure to comply may result in severe penalties, including fines, loss of contracting eligibility, and reputational damage.

During a hardware refresh, general counsel will ensure the organization is not violating federal trade sanctions, procurement laws, or export/import restrictions. Even if devices are already purchased, continued use may still violate the sanctions, creating legal liability.

Data sovereignty (B) relates to storage location requirements, not vendor bans. Cost of replacement (C) is an operational and financial concern, not a legal one. Loss of license (D) typically applies to software but is not the primary legal concern tied to a government-issued vendor ban.

Therefore, sanctions are the general counsel’s primary focus.

Question 2: Which pillar of the CIA Triad (Confidentiality, Integrity, and Availability) is a network administrator primarily reinforcing by deploying a DDoS mitigation solution?
Correct Answer: C
Question 3: To determine the true organizational impact of a newly discovered zero-day vulnerability, which resource must a security analyst consult to identify affected systems and their business criticality?
Correct Answer: A

A full inventory of all hardware and software is essential for measuring the overall risk to an organization when a new vulnerability is disclosed, because it allows the security analyst to identify which systems are affected by the vulnerability and prioritize the remediation efforts. Without a full inventory, the security analyst may miss some vulnerable systems or waste time and resources on irrelevant ones.Documentation of system classifications, a list of system owners and their departments, and third-party risk assessment documentation are all useful for risk management, but they are not sufficient to measure the impact of a new vulnerability.:CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 1221; Risk Assessment and Analysis Methods: Qualitative and Quantitative3

Question 4: Which of the following Access Control List (ACL) entries would successfully prevent all inbound traffic from the malicious host 10.1.4.9?
Correct Answer: B

A firewall rule is a set of criteria that determines whether to allow or deny a packet to pass through the firewall. A firewall rule consists of several elements, such as the action, the protocol, the source address, the destination address, and the port number. The syntax of a firewall rule may vary depending on the type and vendor of the firewall, but the basic logic is the same. In this question, the security analyst is creating an inbound firewall rule to block the IP address 10.1.4.9 from accessing the organization’s network. This means that the action should be deny, the protocol should be any (or ig for IP), the source address should be 10.1.4.9/32 (which means a single IP address), the destination address should be 0.0.0.0/0 (which means any IP address), and the port number should be any. Therefore, the correct firewall rule is:

access-list inbound deny ig source 10.1.4.9/32 destination 0.0.0.0/0

This rule will match any packet that has the source IP address of 10.1.4.9 and drop it. The other options are incorrect because they either have the wrong action, the wrong source address, or the wrong destination address. For example, option A has the source and destination addresses reversed, which means that it will block any packet that has the destination IP address of 10.1.4.9, which is not the intended goal. Option C has the wrong action, which is permit, which means that it will allow the packet to pass through the firewall, which is also not the intended goal. Option D has the same problem as option A, with the source and destination addresses reversed.

Reference=Firewall Rules — CompTIA Security+ SY0-401: 1.2,Firewalls — SY0-601 CompTIA Security+ : 3.3,Firewalls — CompTIA Security+ SY0-501,Understanding Firewall Rules — CompTIA Network+ N10-005: 5.5,Configuring Windows Firewall — CompTIA A+ 220-1102 — 1.6.

Relevant Exams

ISC2 Certified in Cybersecurit Questions and Free Exams
ISC2 Cybersecurity Certifications
ISC2 CCSP Exam Questions
Certified Cloud Security Professional
PMI PMP Exam Questions
Project Management Professional (2025 Version)
Fortinet FCP_FGT_AD-7.6 Exam Dumps
FCP - FortiGate 7.6 Administrator
Amazon SCS-C02 Exam Questions
AWS Certified Security - Specialty (old)
Amazon AIF-C01 Exam questions
Amazon AWS Certified AI Practitioner