Actual4Test

http://www.actual4test.com
Actual4test - actual test exam dumps-pass for IT exams
 SY0-701 actual exam dumps, CompTIA SY0-701 practice test
IT Certification Guaranteed, The Easy Way!

Exam : SY0-701

Title : CompTIA Security+

Certification Exam

Vendor : CompTIA

Version : DEMO

CompTIA SY0-701, SY0-701 actual test, SY0-701 actual1 test latest version
https://www.actual4test.com/SY0-701_examcollection.html
 SY0-701 actual exam dumps, CompTIA SY0-701 practice test
IT Certification Guaranteed, The Easy Way!

NO.1 A systems administrator is working on a solution with the following requirements:

* Provide a secure zone.
* Enforce a company-wide access control policy.
* Reduce the scope of threats.
Which of the following is the systems administrator setting up?
A. Zero Trust
B. AAA
C. Non-repudiation
D. CIA
Answer: A
Explanation:
Zero Trust is a security model that assumes no trust for any entity inside or outside the network
perimeter and requires continuous verification of identity and permissions. Zero Trust canprovide a
secure zone by isolating and protecting sensitive data and resources from unauthorized access. Zero
Trust can also enforce a company- wide access control policy by applying the principle of least
privilege and granular segmentation for users, devices, and applications. Zero Trust can reduce the
scope of threats by preventing lateral movement and minimizing the attack surface.

NO.2 A certificate authority needs to post information about expired certificates. Which of the
following would accomplish this task?
A. TPM
B. CRL
C. PKI
D. CSR
Answer: B
Explanation:
ACertificate Revocation List (CRL)is adigitally signed list maintained by a Certificate Authority (CA)
that containsrevoked or expired certificates. This prevents clients from trustingcompromised or
outdated certificates.
* TPM (A)is a hardware security module, unrelated to certificate revocation.
* PKI (C)is the overall system managing digital certificates, but it does not store revocation lists.
* CSR (D)is a request to obtain a certificate, not to revoke one.

NO.3 Which of the following must be considered when designing a high-availability network? (Select
two).
A. Ease of recovery
B. Ability to patch
C. Physical isolation
D. Responsiveness
E. Attack surface
F. Extensible authentication
Answer: A E
Explanation:
A high-availability network is a network that is designed to minimize downtime and ensure

CompTIA SY0-701, SY0-701 actual test, SY0-701 actual2 test latest version
https://www.actual4test.com/SY0-701_examcollection.html
 SY0-701 actual exam dumps, CompTIA SY0-701 practice test
IT Certification Guaranteed, The Easy Way!

continuous operation of critical services and applications. To achieve this goal, a high-availability
network must consider two important factors: ease of recovery and attack surface.
Ease of recovery refers to the ability of a network to quickly restore normal functionality after a
failure, disruption, or disaster. A high-availability network should have mechanisms such as
redundancy, failover, backup, and restore to ensure that any single point of failure does not cause a
complete network outage. A high-availability network should also have procedures and policies for
incident response, disaster recovery, and business continuity to minimize the impact of any network
issue on the organization's operations and reputation.
Attack surface refers to the exposure of a network to potential threats and vulnerabilities. A high-
availability network should have measures such as encryption, authentication, authorization,firewall,
intrusion detection and prevention, and patch management to protect the network from
unauthorized access, data breaches, malware, denial-of-service attacks, and other cyberattacks. A
high-availability network should also have processes and tools for risk assessment, threat
intelligence, vulnerability scanning, and penetration testing to identify and mitigate any weaknesses
or gaps in the network security.

NO.4 Which of the following data states applies to data that is being actively processed by a
database server?
A. In use
B. At rest
C. In transit
D. Being hashed
Answer: A

NO.5 A growing organization, which hosts an externally accessible application, adds multiple virtual
servers to improve application performance and decrease the resource usage on individual servers
Which of the following solutions is the organization most likely to employ to further increase
performance and availability?
A. Load balancer
B. Jump server
C. Proxy server
D. SD-WAN
Answer: A

NO.6 A security analyst is reviewing logs and discovers the following:

Which of the following should be used lo best mitigate this type of attack?
A. Input sanitization
B. Secure cookies
C. Static code analysis
D. Sandboxing
Answer: A

CompTIA SY0-701, SY0-701 actual test, SY0-701 actual3 test latest version
https://www.actual4test.com/SY0-701_examcollection.html
 SY0-701 actual exam dumps, CompTIA SY0-701 practice test
IT Certification Guaranteed, The Easy Way!

NO.7 A security engineer would like to enhance the use of automation and orchestration within the
SIEM. Which of the following would be the primary benefit of this enhancement?
A. It increases complexity.
B. It removes technical debt.
C. It adds additional guard rails.
D. It acts as a workforce multiplier.
Answer: D

NO.8 Which of the following risk management strategies should an enterprise adopt first if a legacy
application is critical to business operations and there are preventative controls that are not yet
implemented?
A. Mitigate
B. Accept
C. Transfer
D. Avoid
Answer: A
Explanation:
Mitigate is the risk management strategy that involves reducing the likelihood or impact of a risk. If a
legacy application is critical to business operations and there are preventative controls that are not
yet implemented, the enterprise should adopt the mitigate strategy first to address the existing
vulnerabilities and gaps in the application. This could involve applying patches, updates, or
configuration changes to the application, or adding additional layers of security controls around the
application. Accept, transfer, and avoid are other risk management strategies, but they are not the
best options for this scenario. Accept means acknowledging the risk and accepting the consequences
without taking any action. Transfer means shifting the risk to a third party, such as an insurance
company or a vendor. Avoid means eliminating the risk by removing the source or changing the
process. These strategies may not be feasible or desirable for a legacy application that is critical to
business operations and has no preventative controls in place. References: CompTIA Security+ Study
Guide: Exam SY0-701, 9th Edition, page 1221; A Risk-Based Framework for Legacy System Migration
and Deprecation2

NO.9 A systems administrator receives an alert that a company's internal file server is very slow and
is only working intermittently. The systems administrator reviews the server management software
and finds the following information about the server:

Which of the following indicators most likely triggered this alert?

A. Concurrent session usage
B. Network saturation
C. Account lockout
D. Resource consumption
Answer: D

CompTIA SY0-701, SY0-701 actual test, SY0-701 actual4 test latest version
https://www.actual4test.com/SY0-701_examcollection.html
 SY0-701 actual exam dumps, CompTIA SY0-701 practice test
IT Certification Guaranteed, The Easy Way!

NO.10 Which of the following is the best way to validate the integrity and availability of a disaster
recovery site?
A. Lead a simulated failover.
B. Conduct a tabletop exercise.
C. Periodically test the generators.
D. Develop requirements for database encryption.
Answer: A
Explanation:
Detailed Explanation:A simulated failover tests the disaster recovery site's ability to handle a full
transition of services. This ensures all systems can function as expected during an actual disaster.
Reference: CompTIA Security+ SY0-701 Study Guide, Domain 5: Security Program Management,
Section: "Disaster Recovery and Business Continuity Planning".

NO.11 The help desk receives multiple calls that machines with an outdated OS version are running
slowly. Several users are seeing virus detection alerts. Which of the following mitigation techniques
should be reviewed first?
A. Patching
B. Segmentation
C. Monitoring
D. Isolation
Answer: A
Explanation:
The best first step is to reviewpatching (A). Outdated OS versions often contain vulnerabilities that
can be exploited by malware. Ensuring systems are up-to-date is a foundational cybersecurity
practice.
This is highlighted inDomain 2.1: Given a scenario, analyze indicators of malicious activityandDomain
2.2, emphasizing the importance of"Patching" as part of system hardening and mitigation strategy.

NO.12 An accounting clerk sent money to an attacker's bank account after receiving fraudulent
instructions over the phone to use a new account. Which of the following would most likely prevent
this activity in the future?
A. Standardizing security incident reporting
B. Executing regular phishing campaigns
C. Implementing insider threat detection measures
D. Updating processes for sending wire transfers
Answer: D
Explanation:
Comprehensive and Detailed In-Depth Explanation:
Updating wire transfer processes to include verification steps (such as requiring dual approval or
verifying account changes via a secondary communication method) canprevent
fraudulenttransactions. Attackers often use business email compromise (BEC) or pretexting to trick
employees into transferring funds to fraudulent accounts.
* Standardizing security incident reportingis useful for tracking security events but does not prevent
fraud in real time.

CompTIA SY0-701, SY0-701 actual test, SY0-701 actual5 test latest version
https://www.actual4test.com/SY0-701_examcollection.html
 SY0-701 actual exam dumps, CompTIA SY0-701 practice test
IT Certification Guaranteed, The Easy Way!

* Executing regular phishing campaignsimproves awareness but does not enforce a verification
process for financial transactions.
* Implementing insider threat detectionfocuses on internal risks but does not specifically prevent
external fraud.
Amore secure wire transfer processwith additional verification steps is the most effective measure
against fraudulent transactions.

NO.13 Which of the following best explains a concern with OS-based vulnerabilities?
A. An exploit would give an attacker access to system functions that span multiple applications.
B. The OS vendor's patch cycle is not frequent enough to mitigate the large number of threats.
C. Most users trust the core operating system features and may not notice if the system has been
compromised.
D. Exploitation of an operating system vulnerability is typically easier than any other vulnerability.
Answer: A
Explanation:
Comprehensive and Detailed In-Depth Explanation:
Operating system (OS) vulnerabilitiescan allow attackers to exploit system functions that affect
multiple applications, leading towidespread compromise.
* B (patch cycle concerns)is valid but not the primary concern-many OS vendors provide regular
patches.
* C (user trust in OS features)is a risk, but the more significant issue is thatOS vulnerabilities often
affect multiple system components.
* D (ease of exploitation)is not always true, as application and human-related vulnerabilities can be
equally exploitable.
Thus,the main concern is that an OS exploit can impact multiple system functions, leading to broader
security risks.

NO.14 Which of the following activities is included in the post-incident review phase?
A. Determining the root cause of the incident
B. Developing steps to mitigate the risks of the incident
C. Validating the accuracy of the evidence collected during the investigation
D. Reestablishing the compromised system's configuration and settings
Answer: A

NO.15 A technician wants to improve the situational and environmental awareness of existing users
as they transition from remote to in-office work. Which of the following is the best option?
A. Send out periodic security reminders.
B. Update the content of new hire documentation.
C. Modify the content of recurring training.D Implement a phishing campaign
Answer: C
Explanation:
Recurring training is a type of security awareness training that is conducted periodically to refresh
and update the knowledge and skills of the users. Recurring training can help improve the situational
and environmental awareness of existing users as they transition from remote to in-office work, as it
can cover the latest threats, best practices, and policies that are relevant to their work environment.

CompTIA SY0-701, SY0-701 actual test, SY0-701 actual6 test latest version
https://www.actual4test.com/SY0-701_examcollection.html
 SY0-701 actual exam dumps, CompTIA SY0-701 practice test
IT Certification Guaranteed, The Easy Way!

Modifying the content of recurring training can ensure that the users are aware of the current
security landscape and the expectations of their roles. References = CompTIA Security+ Study Guide
with over 500 Practice Test Questions: Exam SY0-701,
9th Edition, Chapter 5, page 232. CompTIA Security+ (SY0-701) Certification Exam Objectives, Domain
5.1, page 18.

NO.16 Which of the following activities uses OSINT?

A. Social engineering testing
B. Data analysis of logs
C. Collecting evidence of malicious activity
D. Producing IOC for malicious artifacts
Answer: C

NO.17 A Chief Information Security Officer (CISO) has developed information security policies that
relate to the software development methodology. Which of the following would the CISO most likely
include in the organization's documentation?
A. Peer review requirements
B. Multifactor authentication
C. Branch protection tests
D. Secrets management configurations
Answer: A

NO.18 Which of the following is the best way to provide secure remote access for employees while
minimizing the exposure of a company's internal network?
A. VPN
B. LDAP
C. FTP
D. RADIUS
Answer: A
Explanation:
A VPN (Virtual Private Network) is a secure method to provide employees with remote access to a
company's network. It encrypts data, protecting it from interception and ensuring secure
communication between the user and the internal network.References: Security+ SY0-701 Course
Content, Security+ SY0-601 Book.

NO.19 A security analyst finds a rogue device during a monthly audit of current endpoint assets that
are connected to the network. The corporate network utilizes 002.1X for access control. To be
allowed on the network, a device must have a Known hardware address, and a valid user name and
password must be entered in a captive portal. The following is the audit report:

CompTIA SY0-701, SY0-701 actual test, SY0-701 actual7 test latest version
https://www.actual4test.com/SY0-701_examcollection.html
 SY0-701 actual exam dumps, CompTIA SY0-701 practice test
IT Certification Guaranteed, The Easy Way!

Which of the following is the most likely way a rogue device was allowed to connect?
A. A user performed a MAC cloning attack with a personal device.
B. A DMCP failure caused an incorrect IP address to be distributed
C. An administrator bypassed the security controls for testing.
D. DNS hijacking let an attacker intercept the captive portal traffic.
Answer: A

NO.20 Which of the following vulnerabilities is associated with installing software outside of a
manufacturer's approved software repository?
A. Jailbreaking
B. Memory injection
C. Resource reuse
D. Side loading
Answer: D
Explanation:
Side loading is the process of installing software outside of a manufacturer's approved software
repository.
This can expose the device to potential vulnerabilities, such as malware, spyware, or unauthorized
access.
Side loading can also bypass security controls and policies that are enforced by the manufacturer or
the organization. Side loading is often done by users who want to access applications or features that
are not available or allowed on their devices. References = Sideloading - CompTIA Security + Video
Training | Interface Technical Training, Security+ (Plus) Certification | CompTIA IT Certifications, Load
Balancers - CompTIA Security+ SY0-501 - 2.1, CompTIA Security+ SY0-601 Certification Study Guide.

NO.21 Which of the following is a reason environmental variables are a concern when reviewing
potential system vulnerabilities?
A. The contents of environmental variables could affect the scope and impact of an exploited
vulnerability.
B. In-memory environmental variable values can be overwritten and used by attackers to insert
malicious code.
C. Environmental variables define cryptographic standards for the system and could create
vulnerabilities if deprecated algorithms are used.
D. Environmental variables will determine when updates are run and could mitigate the likelihood of
vulnerability exploitation.
Answer: A
Explanation:
Environmental variables store configuration settings, paths, and other system-related information

CompTIA SY0-701, SY0-701 actual test, SY0-701 actual8 test latest version
https://www.actual4test.com/SY0-701_examcollection.html
 SY0-701 actual exam dumps, CompTIA SY0-701 practice test
IT Certification Guaranteed, The Easy Way!

that applications and processes use. If an attacker gains access to these variables, they could
manipulate them to alter application behavior, gain unauthorized access, or escalate privileges.For
example, an attacker could modify the PATH variable to execute malicious programs instead of
legitimate ones. This can significantly increase the scope and impact of an exploited vulnerability,
making it a major security concern.

NO.22 For which of the following reasons would a systems administrator leverage a 3DES hash from
an installer file that is posted on a vendor's website?
A. To test the integrity of the file
B. To validate the authenticity of the file
C. To activate the license for the file
D. To calculate the checksum of the file
Answer: A

NO.23 A company's online shopping website became unusable shortly after midnight on January 30,
2023. When a security analyst reviewed the database server, the analyst noticed the following code
used for backing up data:
Which of the following should the analyst do next?
A. Check for recently terminated DBAs.
B. Review WAF logs for evidence of command injection.
C. Scan the database server for malware.
D. Search the web server for ransomware notes.
Answer: B

NO.24 An administrator is reviewing a single server's security logs and discovers the following;
Which of the following best describes the action captured in this log file?
A. Brute-force attack
B. Privilege escalation
C. Failed password audit
D. Forgotten password by the user
Answer: A
Explanation:
A brute-force attack is a type of attack that involves systematically trying all possible combinations of
passwords or keys until the correct one is found. The log file shows multiple failed login attempts in a
short amount of time, which is a characteristic of a brute-force attack. The attacker is trying to guess
the password of the Administrator account on the server. The log file also shows the event ID 4625,
which indicates a failed logon attempt, and the status code0xC000006A, which means the user name
is correct but the password is wrong. These are indicators of compromise (IoC) that suggest a brute-
force attack is taking place. References: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition,
page 215-216 and 223 1

NO.25 Which of the following is a primary security concern for a company setting up a BYOD
program?
A. End of life

CompTIA SY0-701, SY0-701 actual test, SY0-701 actual9 test latest version
https://www.actual4test.com/SY0-701_examcollection.html
 SY0-701 actual exam dumps, CompTIA SY0-701 practice test
IT Certification Guaranteed, The Easy Way!

B. Buffer overflow
C. VM escape
D. Jailbreaking
Answer: D
Explanation:
Jailbreaking is a primary security concern for a company setting up a BYOD (Bring Your Own Device)
program. Jailbreaking is the process of removing the manufacturer's or the carrier's restrictions on a
device, such as a smartphone or a tablet, to gain root access and install unauthorized or custom
software. Jailbreaking can compromise the security of the device and the data stored on it, as well as
expose it to malware, viruses, or hacking. Jailbreaking can also violate the warranty and the terms of
service of the device, and make it incompatible with the company's security policies and standards.
Therefore, a company setting up a BYOD program should prohibit jailbreaking and enforce device
compliance and encryption. References = CompTIA Security+ Study Guide with over 500 Practice Test
Questions: Exam SY0-701, 9th Edition, Chapter 2, page
76. CompTIA Security+ SY0-701 Exam Objectives, Domain 2.4, page 11.

NO.26 Which of the following phases of an incident response involves generating reports?
A. Recovery
B. Preparation
C. Lessons learned
D. Containment
Answer: C
Explanation:
The lessons learned phase of an incident response process involves reviewing the incident and
generating reports. This phase helps identify what went well, what needs improvement, and what
changes should be made to prevent future incidents. Documentation and reporting are essential
parts of this phase to ensure that the findings are recorded and used for future planning.
Recovery focuses on restoring services and normal operations.
Preparation involves creating plans and policies for potential incidents, not reporting.
Containment deals with isolating and mitigating the effects of the incident, not generating reports.

NO.27 Which of the following can be used to identify potential attacker activities without affecting
production servers?
A. Honey pot
B. Video surveillance
C. Zero Trust
D. Geofencing
Answer: A
Explanation:
A honey pot is a system or a network that is designed to mimic a real production server and attract
potential attackers. A honey pot can be used to identify the attacker's methods, techniques, and
objectives without affecting the actual production servers. A honey pot can also divert the attacker's
attention from the real targets and waste their time and resources12.
The other options are not effective ways to identify potential attacker activities without affecting
production servers:

CompTIA SY0-701, SY0-701 actual test, SY0-701 actual10 test latest version
https://www.actual4test.com/SY0-701_examcollection.html
 SY0-701 actual exam dumps, CompTIA SY0-701 practice test
IT Certification Guaranteed, The Easy Way!

Video surveillance: This is a physical security technique that uses cameras and monitors to record and
observe the activities in a certain area. Video surveillance can help to deter, detect, and investigate
physical intrusions, but it does not directly identify the attacker's activities on the network or the
servers3.
Zero Trust: This is a security strategy that assumes that no user, device, or network is trustworthy by
default and requires strict verification and validation for every request and transaction. Zero Trust
can help to improve the security posture and reduce the attack surface of an organization, but it does
not directly identify the attacker's activities on the network or the servers4.
Geofencing: This is a security technique that uses geographic location as a criterion to restrict or
allow access to data or resources. Geofencing can help to protect the data sovereignty
andcompliance of an organization, but it does not directly identify the attacker's activities on the
network or the servers5.
References = 1: CompTIA Security+ SY0-701 Certification Study Guide, page 542: Honeypots and
Deception - SY0-601 CompTIA Security+ : 2.1, video by Professor Messer3: CompTIA Security+ SY0-701
Certification Study Guide, page 974: CompTIA Security+ SY0-701 Certification Study Guide, page 985:
CompTIA Security+ SY0-701 Certification Study Guide, page 99.

NO.28 A company is changing its mobile device policy. The company has the following requirements:
Company-owned devices
Ability to harden the devices
Reduced security risk
Compatibility with company resources
Which of the following would best meet these requirements?
A. BYOD
B. CYOD
C. COPE
D. COBO
Answer: C
Explanation:
Detailed Explanation:COPE (Corporate-Owned, Personally Enabled) devices allow companies to
manage and harden company-owned devices while still enabling limited personal use, reducing
security risks while maintaining compatibility with corporate resources. Reference: CompTIA
Security+ SY0-701 Study Guide, Domain 3: Security Architecture, Section: "Mobile Device Deployment
Models".

NO.29 A company identified the potential for malicious insiders to harm the organization. Which of
the following measures should the organization implement to reduce this risk?
A. Unified threat management
B. Web application firewall
C. User behavior analytics
D. Intrusion detection system
Answer: C
Explanation:
User Behavior Analytics (UBA)is specifically designed to detectanomalous or suspicious behaviorsby
users that may indicate insider threats. UBA toolsestablish a baseline of normalbehaviorfor users and

CompTIA SY0-701, SY0-701 actual test, SY0-701 actual11 test latest version
https://www.actual4test.com/SY0-701_examcollection.html
 SY0-701 actual exam dumps, CompTIA SY0-701 practice test
IT Certification Guaranteed, The Easy Way!

alert security teams when deviations occur (e.g., accessing sensitive files at odd hours, downloading
large volumes of data, etc.).
Malicious insiders often bypass perimeter defenses like firewalls or IDS/IPS systems because they are
legitimate users. UBA offersvisibility into internal behavior patterns, which is essential for detecting
these threats.

NO.30 A company recently decided to allow employees to work remotely. The company wants to
protect us data without using a VPN. Which of the following technologies should the company
Implement?
A. Secure web gateway
B. Virtual private cloud end point
C. Deep packet Inspection
D. Next-gene ration firewall
Answer: A
Explanation:
A Secure Web Gateway (SWG) protects users by filtering unwanted software/malware from user-
initiated web traffic and enforcing corporate and regulatory policy compliance. This technology
allows the company to secure remote users' data and web traffic without relying on a VPN, making it
ideal for organizations supporting remote work.
References = CompTIA Security+ SY0-701 study materials, particularly in the domain of network
security and remote access technologies.

NO.31 A human resources (HR) employee working from home leaves their company laptop open on
the kitchen table. A family member walking through the kitchen reads an email from the Chief
Financial Officer addressed to the HR department. The email contains information referencing
company layoffs. The family member posts the content of the email to social media. Which of the
following policies will the HR employee most likely need to review after this incident?
A. Hybrid work environment
B. Operations security
C. Data loss prevention
D. Social engineering
Answer: B
Explanation:
Comprehensive and Detailed In-Depth Explanation:
Operations security (OPSEC) focuses on identifying and protecting sensitive information to prevent
unauthorized disclosure. In this scenario, the HR employee failed to safeguard confidential company
information, leading to its exposure on social media.
Training in OPSEC would reinforce the need to maintain security best practices, such as locking
screens when away from a device and ensuring that sensitive data is not exposed in unsecured
locations.
* Hybrid work environmentpolicies relate to managing remote and in-office work but do not
specifically cover security risks like unauthorized data exposure.
* Data loss prevention (DLP)deals with technology-based solutions to prevent unauthorized data
transfers but does not address physical security practices.
* Social engineeringrefers to deceptive tactics used by attackers to manipulate individuals, which is

CompTIA SY0-701, SY0-701 actual test, SY0-701 actual12 test latest version
https://www.actual4test.com/SY0-701_examcollection.html
 SY0-701 actual exam dumps, CompTIA SY0-701 practice test
IT Certification Guaranteed, The Easy Way!

not applicable to this situation.

The HR employee should reviewoperations securitypolicies to prevent similar incidents in the future.

NO.32 Which of the following control types involves restricting IP connectivity to a router's web
management interface to protect it from being exploited by a vulnerability?
A. Corrective
B. Physical
C. Preventive
D. Managerial
Answer: C
Explanation:
Restricting access to a router's web management interface is apreventive control (C). This type of
control is implementedbefore a threat occursto reduce the likelihood of exploitation.
CompTIA Security+ SY0-701listspreventive controlssuch asIP whitelisting, ACLs, and firewallsunder
Domain 1.4: Security controls.

NO.33 A legal department must maintain a backup from all devices that have been shredded and
recycled by a third party. Which of the following best describes this requirement?
A. Data retention
B. Certification
C. Sanitation
D. Destruction
Answer: A

NO.34 Which of the following would be best suited for constantly changing environments?
A. RTOS
B. Containers
C. Embedded systems
D. SCADA
Answer: B
Explanation:
Containers are a method of virtualization that allows applications to run in isolated environments
with their own dependencies, libraries, and configurations. Containers are best suited for constantly
changing environments because they are lightweight, portable, scalable, and easy to deploy and
update. Containers can also support microservices architectures, which enable faster and more
frequent delivery of software features. References: CompTIA Security+ Study Guide: Exam SY0-701,
9th Edition, Chapter 10: Mobile Device Security, page 512 1

NO.35 An administrator assists the legal and compliance team with ensuring information about
customer transactions is archived for the proper time period. Which of the following data policies is
the administrator carrying out?
A. Compromise
B. Retention
C. Analysis

CompTIA SY0-701, SY0-701 actual test, SY0-701 actual13 test latest version
https://www.actual4test.com/SY0-701_examcollection.html
 SY0-701 actual exam dumps, CompTIA SY0-701 practice test
IT Certification Guaranteed, The Easy Way!

D. Transfer
E. Inventory
Answer: B
Explanation:
A data retention policy is a set of rules that defines how long data should be stored and when it
should be deleted or archived. An administrator assists the legal and compliance team with ensuring
information about customer transactions is archived for the proper time period by following the data
retention policy of the organization. This policy helps the organization to comply with legal and
regulatory requirements, optimize storage space, and protect data privacy and security.
References
CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 3, Section 3.4, page 1211
CompTIA Security+ Practice Tests: Exam SY0-701, 3rd Edition, Chapter 3, Question 15, page 832

CompTIA SY0-701, SY0-701 actual test, SY0-701 actual14 test latest version
https://www.actual4test.com/SY0-701_examcollection.html