CompTIA Security+ (SY0-701) · Difficulty

Easy SY0-701 practice questions

Direct recall — confirm you know the core facts and definitions. 4 easy questions available — no sign-up, always free.

Question 1 of 4

A security analyst reviews a crash report for a custom C application. The report shows that when a user submitted 300 characters into a field designed to accept a 64-character username, the program crashed and the instruction pointer was overwritten with attacker-supplied data, allowing arbitrary code execution. Which vulnerability does this describe?

Reviewed for accuracy · Report an issue
Question 2 of 4

During a scheduled maintenance window, a systems administrator deploys a major update to a production application. Shortly after the update completes, users report that the application crashes on login and the issue cannot be resolved within the remaining window. Which element of the change management process should the administrator rely on to restore service to its previous working state?

Reviewed for accuracy · Report an issue
Question 3 of 4

A customer in the EU submits a formal request to an online retailer, demanding that all of their personal data be permanently erased from the company's systems. The privacy team confirms there is no ongoing legal or contractual obligation to retain the data. Which privacy principle obligates the company to honor this request?

Reviewed for accuracy · Report an issue
Question 4 of 4

An employee receives a text message on their personal cell phone claiming to be from the company's IT help desk. The message states that their account will be locked in one hour and includes a link to a login page to 'verify credentials.' The employee notices the link points to a domain that does not match the company's official site. What type of attack is this?

Reviewed for accuracy · Report an issue