CompTIA Security+ · SY0-701

Objective 4.1: Given a scenario, apply common security techniques to computing resources

Practice questions for Security+ objective 4.1, Given a scenario, apply common security techniques to computing resources.” Every question is original, written to the SY0-701 exam objectives, and comes with a full explanation — answer them below to see instant grading.

This objective sits in Domain 4.0: Security Operations, which is about 28% of the exam — so mastering it moves your readiness score meaningfully.

1.A security analyst is reviewing an embedded RTOS device used in a medical infusion pump. The device has no user interface and communicates only via a proprietary protocol over a local network. Which security control is MOST feasible to implement on this device?

2.A security engineer is hardening a Linux web server that will serve static content over HTTPS. After installing the OS and required packages, the engineer reviews the default configuration and finds that the server is running with the root account as the web server process owner, SSH password authentication is enabled on port 22, and the OS kernel has not been updated since the base image was created six months ago. The engineer must address all three findings. Which set of remediations correctly addresses each finding with the most appropriate control?

3.A hospital deploys embedded medical devices that run a fixed firmware version and cannot receive security updates. Which BEST describes the risk classification of these devices?

4.A systems administrator is hardening a new Windows Server deployment that will function as an internal file server with no public-facing services. After applying the vendor security baseline, which action most directly reduces the server's attack surface without impacting its intended function?

5.A security analyst discovers that a cloud-hosted virtual machine has several unused open ports and an overly permissive security group policy. Which hardening action should be taken FIRST?

Practice every objective, adaptively

CertBench tracks your score on 4.1 and every other objective, then builds a daily plan that targets your weakest spots. Start with the free diagnostic.

Take the free diagnostic

More objectives in Domain 4.0

← All Security+ practice questions