CompTIA Security+ SY0-701 - Domain 4.0
Security Operations Exam Questions and
Answers (Latest 2025)
A proprietary software remains mission-critical ten years after
its in-house creation. The software requires an exception to
the rules as it cannot use the latest in-use operating system
(OS) version. How can the IT department protect this mission-
critical software and reduce its exposure factor? (Select the
two best options.) - Correct Answers ✅Network
Segmentation & Compensating Controls
A technology firm's network security specialist notices a
sudden increase in unidentified activities on the firm's
Security Information and Event and Management (SIEM)
incident tracking system. An unknown entity or process also
increases the number of reported incidents. The specialist
decides to investigate these incidents. Which combination of
data sources would provide a balanced perspective to
support the investigation? - Correct Answers ✅System-
specific security logs, which track system-level operations;
logs generated by applications running on hosts; and real-
time reports from the SIEM solution, summarizing incidents.
A forensic analyst at an international law enforcement agency
investigates a sophisticated cyber-espionage case. The
analyst must uncover the timeline of document interactions,
detect concealed or system-protected files, interpret
categories of digital events, and trace digital breadcrumbs
left behind during media uploads on social platforms. What
combination of data sources would provide the MOST
comprehensive information for this multifaceted
,CompTIA Security+ SY0-701 - Domain 4.0
Security Operations Exam Questions and
Answers (Latest 2025)
investigation? - Correct Answers ✅File metadata with
extended attributes and network transaction logs
In a medium-sized organization, the IT department manages
a wide range of applications employees use. Recently, the IT
security team identified a growing number of security
incidents related to malware infections and unauthorized
access to sensitive data. They suspect that certain
applications may be the entry point for these attacks. To
mitigate the risks, the team wants to implement a security
measure that isolates applications from the rest of the
system to prevent potential threats from spreading. They aim
to achieve this without affecting the overall performance and
usability of the applications. Which security measure should
the IT security team consider implementing to isolate
applications from the rest of the system, reduce the impact of
potential security threats, and maintain optimal performance
and usability? - Correct Answers ✅Sandboxing
A company's network has experienced increased infiltration
due to employees accessing dangerous websites from
different content categories. The company has decided to
enhance its security by implementing reputation-based
filtering and content categorization in its web filtering
system. Which of the following BEST compares these
features? - Correct Answers ✅Reputation-based filtering
evaluates sites by past behavior; content categorization sorts
by themes like adult content.
, CompTIA Security+ SY0-701 - Domain 4.0
Security Operations Exam Questions and
Answers (Latest 2025)
In a medium-sized tech company, employees have different
roles and responsibilities requiring access to specific
resources and data. The IT team is implementing security
measures to control access effectively and reduce the risk of
unauthorized activities. What security measure could the IT
team implement in the tech company to control access
effectively and minimize the risk of unauthorized activities? -
Correct Answers ✅The principle of least privilege to grant
employees the minimum needed access based on job roles
The network administrator of a small business needs to
enhance the security of the business's wireless network. The
primary goal is to implement Wi-Fi Protected Access 3 (WPA3)
as the main security measure but recognize the need to
adjust other wireless security settings to effectively
complement WPA3 and create a robust network for all
employees to access critical company resources securely.
What considerations should the network administrator
consider when implementing WPA3 and adjusting wireless
security settings? (Select the two best options.) - Correct
Answers ✅Implementing 802.1X authentication for user
devices & Enabling media access control address filtering to
restrict access to authorized devices
An IT auditor is responsible for ensuring compliance with best
practice frameworks. The auditor conducts a compliance
scan, using the security content automation protocol (SCAP),
Security Operations Exam Questions and
Answers (Latest 2025)
A proprietary software remains mission-critical ten years after
its in-house creation. The software requires an exception to
the rules as it cannot use the latest in-use operating system
(OS) version. How can the IT department protect this mission-
critical software and reduce its exposure factor? (Select the
two best options.) - Correct Answers ✅Network
Segmentation & Compensating Controls
A technology firm's network security specialist notices a
sudden increase in unidentified activities on the firm's
Security Information and Event and Management (SIEM)
incident tracking system. An unknown entity or process also
increases the number of reported incidents. The specialist
decides to investigate these incidents. Which combination of
data sources would provide a balanced perspective to
support the investigation? - Correct Answers ✅System-
specific security logs, which track system-level operations;
logs generated by applications running on hosts; and real-
time reports from the SIEM solution, summarizing incidents.
A forensic analyst at an international law enforcement agency
investigates a sophisticated cyber-espionage case. The
analyst must uncover the timeline of document interactions,
detect concealed or system-protected files, interpret
categories of digital events, and trace digital breadcrumbs
left behind during media uploads on social platforms. What
combination of data sources would provide the MOST
comprehensive information for this multifaceted
,CompTIA Security+ SY0-701 - Domain 4.0
Security Operations Exam Questions and
Answers (Latest 2025)
investigation? - Correct Answers ✅File metadata with
extended attributes and network transaction logs
In a medium-sized organization, the IT department manages
a wide range of applications employees use. Recently, the IT
security team identified a growing number of security
incidents related to malware infections and unauthorized
access to sensitive data. They suspect that certain
applications may be the entry point for these attacks. To
mitigate the risks, the team wants to implement a security
measure that isolates applications from the rest of the
system to prevent potential threats from spreading. They aim
to achieve this without affecting the overall performance and
usability of the applications. Which security measure should
the IT security team consider implementing to isolate
applications from the rest of the system, reduce the impact of
potential security threats, and maintain optimal performance
and usability? - Correct Answers ✅Sandboxing
A company's network has experienced increased infiltration
due to employees accessing dangerous websites from
different content categories. The company has decided to
enhance its security by implementing reputation-based
filtering and content categorization in its web filtering
system. Which of the following BEST compares these
features? - Correct Answers ✅Reputation-based filtering
evaluates sites by past behavior; content categorization sorts
by themes like adult content.
, CompTIA Security+ SY0-701 - Domain 4.0
Security Operations Exam Questions and
Answers (Latest 2025)
In a medium-sized tech company, employees have different
roles and responsibilities requiring access to specific
resources and data. The IT team is implementing security
measures to control access effectively and reduce the risk of
unauthorized activities. What security measure could the IT
team implement in the tech company to control access
effectively and minimize the risk of unauthorized activities? -
Correct Answers ✅The principle of least privilege to grant
employees the minimum needed access based on job roles
The network administrator of a small business needs to
enhance the security of the business's wireless network. The
primary goal is to implement Wi-Fi Protected Access 3 (WPA3)
as the main security measure but recognize the need to
adjust other wireless security settings to effectively
complement WPA3 and create a robust network for all
employees to access critical company resources securely.
What considerations should the network administrator
consider when implementing WPA3 and adjusting wireless
security settings? (Select the two best options.) - Correct
Answers ✅Implementing 802.1X authentication for user
devices & Enabling media access control address filtering to
restrict access to authorized devices
An IT auditor is responsible for ensuring compliance with best
practice frameworks. The auditor conducts a compliance
scan, using the security content automation protocol (SCAP),
