CompTIA Updated SY0-701 Exam Questions and Answers by soraya

Code repositories are a common source of unintentional corporate credential leakage, especially in cloud environments. Developers may accidentally commit and push sensitive information, such as API keys, passwords, and other credentials, to public or poorly secured repositories. These credentials can then be accessed by unauthorized users, leading to security breaches. Ensuring that repositories are properly secured and that sensitive data is never committed is critical for protecting against this type of leakage.

References =

CompTIA Security+ SY0-701 Course Content: Domain 03 Security Architecture​.

CompTIA Security+ SY0-601 Study Guide: Chapter on Threats and Vulnerability Management​.

OSINT stands for open source intelligence and is commonly used to gather information from publicly available sources to support security activities such as reconnaissance, threat intelligence, and identifying exposures (for example, leaked credentials, exposed infrastructure details, or public references to vulnerabilities). The Practice Tests book defines OSINT directly: “OSINT, or open source intelligence, is intelligence information obtained from public sources like search engines, websites, domain name registrars, and a host of other locations.” That definition aligns precisely with option C’s “collecting information from public platforms.”

The Study Guide similarly explains OSINT in the threat intelligence context: “Open source threat intelligence is threat intelligence that is acquired from publicly available sources.” This supports the idea that OSINT is used to discover relevant information that may affect security posture—such as indicators, exposed assets, or details useful for defensive planning. The other options describe different operational activities: A is internal monitoring (SIEM/IDS/EDR style), B is patch management, and D is encryption/storage strategy—none are “open source intelligence.”

Recovery Point Objective (RPO) defines the maximum acceptable amount of data loss measured in time. It directly impacts how frequently backups should occur to ensure data can be restored to a point no older than the RPO after a disruption.

Recovery Time Objective (RTO) (A) defines how quickly systems must be restored but does not dictate backup frequency. Mean Time To Repair (MTTR) (C) and Mean Time Between Failures (MTBF) (D) relate to system repair and reliability metrics, not backup schedules.

Understanding and defining RPO is a key part of the Business Impact Analysis (BIA) process covered in the Risk Management domain【6:Chapter 17†CompTIA Security+ Study Guide】.

Software-defined networking (SDN) enables microsegmentation by allowing administrators to create fine-grained, dynamic network segments at the software layer independent of physical network topology. This capability isolates workloads and controls traffic flows between segments, enhancing security within data centers and cloud environments.

Next-generation firewalls (A) provide advanced filtering and inspection but do not inherently deliver the granular segmentation flexibility of SDN. Embedded systems (C) and air-gapped systems (D) refer to specific hardware or physical isolation techniques but do not implement microsegmentation as a network control method.

The concept of microsegmentation through SDN is detailed in the Security Architecture domain of the SY0-701 exam【6:Chapter 3†CompTIA Security+ Study Guide】.