SY0-701 Practice Test

Explanation: A disaster recovery plan (DRP) is a set of policies and procedures that aim to restore the normal operations of an organization in the event of a system failure, natural disaster, or other emergency. A DRP typically includes the following elements:
A risk assessment that identifies the potential threats and impacts to the organization’s critical assets and processes.
A business impact analysis that prioritizes the recovery of the most essential functions and data. A recovery strategy that defines the roles and responsibilities of the recovery team, the resources and tools needed, and the steps to follow to restore the system.
A testing and maintenance plan that ensures the DRP is updated and validated regularly. A DRP is required for an organization to properly manage its restore process in the event of system failure, as it provides a clear and structured framework for recovering from a disaster and minimizing the downtime and data loss.
References = CompTIA Security+ Study Guide (SY0-701), Chapter 7: Resilience and Recovery, page 325.

Explanation: Deploying a load balancer in the company's cloud environment primarily fulfills the fundamental security requirement of availability. A load balancer distributes incoming network traffic across multiple servers, ensuring that no single server becomes overwhelmed and that the service remains available even if some servers fail.
Availability: Ensures that services and resources are accessible when needed, which is directly supported by load balancing.
Privacy: Protects personal and sensitive information from unauthorized access but is not directly related to load balancing.
Integrity: Ensures that data is accurate and has not been tampered with, but load balancing is not primarily focused on data integrity.
Confidentiality: Ensures that information is accessible only to authorized individuals, which is not the primary concern of load balancing.
Reference: CompTIA Security+ SY0-701 Exam Objectives, Domain 1.2 - Summarize fundamental security concepts (Availability).

Explanation: A nation-state is a threat actor that is sponsored by a government or a political entity to conduct cyberattacks against other countries or organizations. Nation- states have large financial resources, advanced technical skills, and strategic objectives that may target critical systems such as military, energy, or infrastructure. Nation-states are often motivated by espionage, sabotage, or warfare12. References = 1: CompTIA Security+ SY0-701 Certification Study Guide, page 542: Threat Actors – CompTIA Security+ SY0-701 – 2.1, video by Professor Messer.

Explanation: The most likely access control causing the lack of access is role-based access control (RBAC). In RBAC, access to resources is determined by the roles assigned to users. Since the engineer's account was not moved to the new group's role, the engineer does not have the necessary permissions to access the new team's shared folders.
Role-based access control (RBAC): Assigns permissions based on the user's role within the organization. If the engineer's role does not include the new group's permissions, access will be denied.
Discretionary access control (DAC): Access is based on the discretion of the data owner, but it is not typically related to group membership changes.
Time of day: Restricts access based on the time but does not affect group memberships. Least privilege: Ensures users have the minimum necessary permissions, but the issue here is about group membership, not the principle of least privilege.
Reference: CompTIA Security+ SY0-701 Exam Objectives, Domain 4.6 - Implement and maintain identity and access management (Role-based access control).

Explanation: The company should implement Security Assertion Markup Language (SAML) to integrate the vendor's security tool with their existing user directory. SAML is an open standard that allows identity providers (IdP) to pass authorization credentials to service providers (SP), enabling Single Sign-On (SSO). This allows the company to use its existing directory services for authentication, avoiding the need to manage a separate set of user credentials for the new tool.
References: CompTIA Security+ SY0-701 Course Content: Domain 4: Identity and Access Management, which includes SAML as a key identity federation standard for SSO. CompTIA Security+ Study Guide (SY0-601): Chapter 8, "Identity and Access Management," details the role of SAML in enabling SSO by utilizing an existing identity provider.