Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

SY0-701 CompTIA Exam Lab Questions

Page: 5 / 67
Total 887 questions

CompTIA Security+ Exam 2026 Questions and Answers

Question 17

A security administrator wants to implement a security information and event management system. The administrator must first collect network traffic on the switch to gain visibility of the network. Which of the following is the most appropriate method?

Options:

A.

Syslog

B.

Port mirroring

C.

Port forwarding

D.

Load balancer logs

Question 18

A security analyst is reviewing the following logs about a suspicious activity alert for a user ' s VPN log-ins. Which of the following malicious activity indicators triggered the alert?

✅Log Summary:

User logs in fromChicago, ILmultiple times, then suddenly a successful login appears fromRome, Italy, followed again by Chicago logins — all within ashort time span.

Options:

A.

Impossible travel

B.

Account lockout

C.

Blocked content

D.

Concurrent session usage

Question 19

A penetration tester visits a client’s website and downloads the site ' s content. Which of the following actions is the penetration tester performing?

Options:

A.

Unknown environment testing

B.

Vulnerability scan

C.

Due diligence

D.

Passive reconnaissance

Question 20

Which of the following would a security administrator use to comply with a secure baseline during a patch update?

Options:

A.

Information security policy

B.

Service-level expectations

C.

Standard operating procedure

D.

Test result report

Page: 5 / 67
Total 887 questions