CompTIA SY0-701 Free Practice Questions — Page 1

Q: Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?

C. Organized crime. Organized crime groups are often hired by foreign governments for deniability in state-sponsored attacks. Hacktivists are motivated by ideology, not contracts. Whistleblowers expose information, they don't conduct attacks. Unskilled attackers lack the capability for critical infrastructure targeting. Organized crime has the skills, resources, and motivation to operate for hire.

Q: Which of the following is used to add extra complexity before using a one-way data transformation algorithm?

D. Salting. Salting adds a random value to data before hashing to prevent rainbow table attacks. Key stretching increases computation time for hashing (e.g., PBKDF2), it doesn't add random complexity. Data masking hides data for privacy, not hashing. Steganography hides data inside other files, unrelated to hashing. Salting directly addresses the "extra complexity before a one-way transformation" description.

Q: An employee clicked a link in an email from a payment website that asked the employee to update contact information. The employee entered the log-in information but received a “page not found” error message. Which of the following types of social engineering attacks occurred?

D. Phishing. Phishing uses fraudulent emails to steal credentials via fake websites. The attacker impersonated a payment site, harvested credentials, then showed an error. Brand impersonation is a component of phishing, not a standalone answer here. Pretexting involves fabricating a scenario to manipulate — it's a technique, not the attack type. Typosquatting uses misspelled URLs, not mentioned here.

Q: A data administrator is configuring authentication for a SaaS application and would like to reduce the number of credentials employees need to maintain. The company prefers to use domain credentials to access new SaaS applications. Which of the following methods would allow this functionality?

A. SSO. SSO (Single Sign-On) lets users authenticate once with domain credentials and access multiple applications. LEAP and PEAP are wireless authentication protocols, unrelated to SaaS access. MFA adds extra verification factors but doesn't reduce credential count. SSO directly solves the goal of using one set of domain credentials across apps.

Question 1

Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?

Answer

Show Answer & Explanation

Correct Answer: C. Organized crime

Organized crime groups are often hired by foreign governments for deniability in state-sponsored attacks. Hacktivists are motivated by ideology, not contracts. Whistleblowers expose information, they don't conduct attacks. Unskilled attackers lack the capability for critical infrastructure targeting. Organized crime has the skills, resources, and motivation to operate for hire.

Question 2

Which of the following is used to add extra complexity before using a one-way data transformation algorithm?

Answer

Show Answer & Explanation

Correct Answer: D. Salting

Salting adds a random value to data before hashing to prevent rainbow table attacks. Key stretching increases computation time for hashing (e.g., PBKDF2), it doesn't add random complexity. Data masking hides data for privacy, not hashing. Steganography hides data inside other files, unrelated to hashing. Salting directly addresses the "extra complexity before a one-way transformation" description.

Question 3

An employee clicked a link in an email from a payment website that asked the employee to update contact information. The employee entered the log-in information but received a “page not found” error message. Which of the following types of social engineering attacks occurred?

Answer

Show Answer & Explanation

Correct Answer: D. Phishing

Phishing uses fraudulent emails to steal credentials via fake websites. The attacker impersonated a payment site, harvested credentials, then showed an error. Brand impersonation is a component of phishing, not a standalone answer here. Pretexting involves fabricating a scenario to manipulate — it's a technique, not the attack type. Typosquatting uses misspelled URLs, not mentioned here.

Question 4

An enterprise is trying to limit outbound DNS traffic originating from its internal network. Outbound DNS requests will only be allowed from one device with the IP address 10.50.10.25. Which of the following firewall ACLs will accomplish this goal?

Answer

Show Answer & Explanation

Correct Answer: D. Access list outbound permit 10.50.10.25/32 0.0.0.0/0 port 53 Access list outbound deny 0.0.0.0/0 0.0.0.0/0 port 53

ACL rules are processed top-down; the first match wins. Option D first permits DNS (port 53) only from 10.50.10.25, then denies all others. Option A permits all first, making the deny irrelevant. Option B permits all destinations from any source, which is wrong. Option C permits all sources first, which overrides everything after it.

Question 5

A data administrator is configuring authentication for a SaaS application and would like to reduce the number of credentials employees need to maintain. The company prefers to use domain credentials to access new SaaS applications. Which of the following methods would allow this functionality?

Answer

Show Answer & Explanation

Correct Answer: A. SSO

SSO (Single Sign-On) lets users authenticate once with domain credentials and access multiple applications. LEAP and PEAP are wireless authentication protocols, unrelated to SaaS access. MFA adds extra verification factors but doesn't reduce credential count. SSO directly solves the goal of using one set of domain credentials across apps.

CompTIA SY0-701 Free Practice Questions — Page 1

Ready for the Full SY0-701 Experience?