CompTIA SY0-701 Security+ based Practise Questions
I.
V.
Self-made Assessment Questions
— — — — — — — — Page 1 ~
II.
Online Practise Questions
III.
Official SY0-701 Practise Tests (Mistakes)
IV.
Practise Questions from paperback question collections
Knowledge-based understanding-level questions from Coursera (Mistakes)
VI.
Doubts and Confusions Explained
Covered Topics:
● Hashing
● Digital Signatures
● Salting
● Blockchains
● Certificates
Checklist:
● Number of correct answer need to select
● Choose true options/ false options
● Acronyms sheet
●
●
True or False Questions:
1. Hash functions can be used to reverse engineer hashes back into plain text.
2. With SHA 256, varying the length of plain text input will change the string size of the
hash created.
3. You can input a .iso (operation sys. file) into a hash function use the string it
generates to verify the integrity of the file.
4. Salting counters the vulnerability of rainbow table threats by adding random value to
the password. This would create unique hashes even for homogeneous passwords.
5. Decrypting digital signatures using public keys will result in a copy of the hashes in
plain text.
6. In the blockchain process, transaction information is distributed to every node on a
network. The integrity of which is verified using hashes.
7. Internal and external certificates both need to be signed by a public CA.
8. When decommissioning a web service or when a web service is compromised, the
website domain name will be removed from the CRL.
9. The OCSP stapling embeds the status of the certificate within the first SSH
handshake. Which is an alternative of using CRL to check the current integrity of
services.
10. OCSP uses a digital signature by the third-party-browser to validate its status.
11.
Fill-in-the-blanks Questions:
1. The applicant’s ___ and ___ would be requested for creating a CSR.
2. The applicant’s ___ and CA’s ___ would be required for creating a digital certificate
for a website.
3. A SAN in the ___ section of a certificate would allow the certificate to support many
different DNS names.
V. Coursera Mistakes
1. A malicious actor impersonates a web browser or web server by placing themselves
between two devices, then sniffing the packet information to discover the IP and MAC
addresses. Which type of attack is this?
a.
b.
c.
d.
Packet flooding attack
Smurf attack
Malware attack
On-path attack
VI. Real Exam Questions
An organisation has hired a red team to simulate attacks
on its security pos-ture, which Of following will the blue
team do after detecting an IOC?
A. Reimage the impacted workstations.
B. Activate runbooks for incident response.
C. Conduct forensics on the compromised system,
D. Conduct passive reconnaissance to gather
information
Recent changes to a company's BYOD policy require all
personal mobile devices to use a two-factor
authentication method that is not something you know or
have.
Which of the following will meet this requirement?
A. Facial recognition
B. Six-digit PIN
C. PKI certificate
D. Smart card
During an incident, an EDR system detects an increase
in the number of encrypted outbound connections from
multiple hosts. A firewall is also reporting an increase in
outbound connections that use random high ports. An
analyst plans to review the correlated logs to find the
source of the incident.
Which of the following tools will best assist the analyst?
A. A vulnerability scanner
B. A NGFW
C. The Windows Event Viewer
D. A SIEM
4. Developers are writing code and merging it into
shared repositories several times a day. where it is
tested automatically.
Which of the following concepts does this best
represent?
A. Functional testing
B. Stored procedures
C. Elasticity
D. Continuous Integration
5. A security analyst receives alerts about an internal
system sending a large amount of unusual DNS queries
to systems on the internet over short periods of time
during non-business hours.
Which of the following is most likely occurring?
A. A worm is propagating across the network.
B. Data is being exfiltrated.
C. A logic bomb is deleting data.
D. Ransomware is encrypting files.
Additional Resources:
List of acronyms: https://www.test-guide.com/comptia-acronyms.html