Text preview & study summary

CompTIA Security+ SY0-701 - Domains 1 and 2 Threats Attacks Cryptography

A free sample of 5 questions from this quiz, shown in full with answer choices and explanations. No interactivity — everything is visible on this page for study and review.

Want to test your knowledge? Launch the Interactive Exam Simulator

Question 1

A company uses TLS 1.3 to encrypt web traffic. Which of the following BEST describes the purpose of TLS in this context?

Answer choices

  • A. Authentication only

  • B. Encryption of data in transit, with server authentication and optionally mutual authentication (Correct)

  • C. Encryption of data at rest

  • D. VPN tunnel creation between two offices

Explanation

TLS (Transport Layer Security) provides: 1) Encryption of data in transit (confidentiality), 2) Server authentication via certificates (integrity/authenticity), 3) Optional mutual authentication (client + server certificates). TLS 1.3 is the current standard, removing support for weak ciphers.

Question 2

A company is moving to a zero-trust architecture. An employee on the internal network requests access to a sensitive database. Under zero trust, what must happen before access is granted?

Answer choices

  • A. Access is granted automatically because the user is on the internal network

  • B. The user and device must be verified, the request must be authorized against policy, and access should be granted least-privilege for only that specific resource (Correct)

  • C. The user only needs to authenticate once at network login

  • D. Zero trust only applies to external users

Explanation

Zero trust rejects the "trust but verify" model. Under zero trust: 1) Verify explicitly (authenticate identity every request), 2) Use least privilege access (just enough access, just in time), 3) Assume breach (monitor and log everything). Location on internal network grants no inherent trust.

Question 3

During a penetration test, a tester exploits a vulnerability that was publicly disclosed 3 years ago with a CVSS score of 9.8. The system was not patched because it was "on an isolated network." The tester reached it via a misconfigured jump server. What vulnerability management failure does this represent?

Answer choices

  • A. A zero-day exploit

  • B. Defense in depth failure: unpatched critical vulnerability combined with network segmentation failure (Correct)

  • C. A supply chain attack

  • D. Insider threat

Explanation

This represents multiple security failures: 1) An unpatched, publicly-known critical vulnerability (CVSS 9.8) — patch management failure, and 2) A network assumed isolated that was reachable via a misconfigured jump server — defense in depth/network segmentation failure.

Question 4

A company is concerned about sensitive data being exfiltrated through DNS queries. An attacker could encode stolen data in DNS lookup requests. What is this technique called?

Answer choices

  • A. DNS spoofing

  • B. DNS tunneling (Correct)

  • C. DNS amplification

  • D. Zone transfer

Explanation

DNS tunneling encodes data (malware commands, exfiltrated files) within DNS query and response packets to communicate covertly. DNS traffic is often allowed through firewalls without deep inspection, making it a common C2 and data exfiltration channel.

Question 5

A security analyst is reviewing a web server and finds that the server responds to HTTP OPTIONS requests, revealing supported methods including PUT and DELETE. What is the security risk?

Answer choices

  • A. No risk — OPTIONS is a standard informational response

  • B. Attackers can use the information to identify exploitable HTTP methods (PUT/DELETE can allow unauthorized file upload or deletion) (Correct)

  • C. OPTIONS responses expose API keys

  • D. OPTIONS requests cause denial of service

Explanation

Exposing HTTP methods like PUT (upload files) and DELETE (delete files) via the OPTIONS method reveals attack vectors. If the server doesn't properly restrict these methods, attackers can upload malicious files or delete web content. HTTP methods should be restricted to only what's needed.