SY0-701 CompTIA Exam Lab Questions

The most likely way a rogue device was able to connect to the network is through a MAC cloning attack. In this attack, a personal device copies the MAC address of an authorized device, bypassing the 802.1X access control that relies on known hardware addresses for network access. The matching MAC addresses in the audit report suggest that this technique was used to gain unauthorized network access.

References =

CompTIA Security+ SY0-701 Course Content: Domain 03 Security Architecture​.

CompTIA Security+ SY0-601 Study Guide: Chapter on Network Security and MAC Address Spoofing​.

The best answer is A. 2 .

ARO (Annualized Rate of Occurrence) is the expected number of times an incident will occur per year .

The company expects:

10 incidents

over 5 years

So:

ARO = 10 / 5 = 2

That means the equipment is expected to experience 2 incidents per year .

Why the other options are incorrect:

B. 5 This does not match the yearly average from the scenario.

C. 10 This is the total number of incidents over five years, not the annualized value.

D. 50 This is not supported by the information given.

From a SY0-701 perspective, ARO is a standard quantitative risk calculation used to estimate how frequently an event occurs in a year.

Situational awareness refers to being mindful of security risks in one ' s environment and taking proactive measures to mitigate them. In this scenario, employees are failing to display their identification badges and allowing unauthorized personnel to follow them into restricted areas (tailgating). These behaviors pose significant security risks, such as unauthorized access to sensitive locations.

Security training focused on situational awareness will educate employees on the importance of remaining vigilant about security practices, recognizing potential threats, and enforcing access control measures.

Social engineering involves manipulating individuals to gain unauthorized access, but this scenario highlights poor adherence to security protocols rather than deception.

Phishing is an email-based attack aimed at stealing sensitive information, which is unrelated to physical security lapses.

Acceptable use policy governs the proper use of company resources but does not specifically address tailgating or badge display issues.

Thus, situational awareness is the most relevant security training topic for addressing these concerns.