CompTIA Security+ · SY0-701
Objective 4.5: Given a scenario, modify enterprise capabilities to enhance security
Practice questions for Security+ objective 4.5, “Given a scenario, modify enterprise capabilities to enhance security.” Every question is original, written to the SY0-701 exam objectives, and comes with a full explanation — answer them below to see instant grading.
This objective sits in Domain 4.0: Security Operations, which is about 28% of the exam — so mastering it moves your readiness score meaningfully.
1.A Windows domain administrator wants to enforce a consistent security configuration across all workstations, including disabling USB storage and enforcing screensaver locks. Which tool is MOST appropriate?
2.A security team wants to detect and prevent email phishing attacks, spam, and malicious attachments before they reach users' inboxes. Which control should be implemented?
3.A company's firewall ruleset has grown to over 500 rules accumulated over years. An audit finds many rules are redundant, contradictory, or permit overly broad traffic. What should be done?
4.An organization's email security gateway currently performs the following checks on inbound email: spam filtering, antivirus scanning of attachments, and URL rewriting that redirects links through a proxy for reputation checking at click time. A red team exercise reveals that the gateway can be bypassed by sending emails containing password-protected ZIP attachments (which the AV scanner cannot inspect) containing malicious Office documents with macros, and by including URLs that point to clean pages at delivery time but redirect to malicious content 48 hours after delivery — after the reputation check has already cached a clean verdict. Which two capability enhancements most directly address these specific bypass techniques?
5.A network security engineer is tasked with reducing the risk of lateral movement across the organization's flat internal network. The organization has 2,000 endpoints across three business functions: finance, engineering, and corporate. Currently all endpoints share a single /16 subnet and can communicate directly with one another without restriction. Which architectural change most directly addresses the lateral movement risk, and what technology implements the enforcement boundary?
Practice every objective, adaptively
CertBench tracks your score on 4.5 and every other objective, then builds a daily plan that targets your weakest spots. Start with the free diagnostic.
Take the free diagnostic