CompTIA SY0-701 Actual Questions

IPSec is a protocol suite that provides secure communication over IP networks. IPSec can be used to create virtual private networks (VPNs) that encrypt and authenticate the data exchanged between two or more parties. IPSec can also provide data integrity, confidentiality, replay protection, and access control. A security consultant can use IPSec to gain secure, remote access to a client environment by establishing a VPN tunnel with the client’s network. References: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 8: Secure Protocols and Services, page 385 1

A Statement of Work (SOW) is a formal document detailing the scope, deliverables, timeline, and estimated hours for services such as penetration testing engagements.

BPA (Blanket Purchase Agreement) covers recurring purchases, SLA (Service Level Agreement) defines service quality expectations, and NDA (Non-Disclosure Agreement) protects confidentiality, none of which specify hours or detailed scope.

SOWs are fundamental in managing third-party risk and engagements, covered under Security Program Management【6:Chapter 16†CompTIA Security+ Study Guide】.

An engineer should recommend the decommissioning of a network device when the device poses a security risk or a compliance violation to the enterprise environment. A device that cannot meet the encryption standards or receive authorized updates is vulnerable to attacks and breaches, and may expose sensitive data or compromise network integrity. Therefore, such a device should be removed from the network and replaced with a more secure and updated one.

References

CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 2, Section 2.2, page 671

CompTIA Security+ Practice Tests: Exam SY0-701, 3rd Edition, Chapter 2, Question 16, page 512