CompTIA Updated SY0-701 Exam Questions and Answers by harlen

A VPN is a virtual private network that creates a secure tunnel between two or more devices over a public network. A VPN can encrypt and authenticate the data, as well as hide the IP addresses and locations of the devices. A jump server is a server that acts as an intermediary between a user and a target server, such as a production server. A jump server can provide an additional layer of security and access control, as well as logging and auditing capabilities. A firewall is a device or software that filters and blocks unwanted network traffic based on predefined rules. A firewall can protect the internal network from external threats and limit the exposure of sensitive services and ports. A security analyst should recommend setting up a VPN and placing the jump server inside the firewall to improve the security of the remote desktop access to the production network. This way, the remote desktop service will not be exposed to the public network, and only authorized users with VPN credentials can access the jump server and then the production server. References: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 8: Secure Protocols and Services, page 382-383 1; Chapter 9: Network Security, page 441-442 1

Comprehensive and Detailed Explanation From Exact Extract:

Key escrow is the process of storing encryption keys (or copies of them) with a trusted third party so data can be recovered if the primary decryption key is lost. In Security+ SY0-701, escrow is emphasized as a required safeguard for organizations that rely heavily on encryption, especially for regulated data or systems requiring guaranteed recoverability.

A CSR (A) is a Certificate Signing Request and does not store keys. Salting (B) is used with hashing to prevent password attacks and does not assist in data recovery. A root of trust (C) ensures secure hardware initialization but does not store backup decryption keys.

Key escrow directly addresses scenarios where encryption keys are misplaced, corrupted, deleted, or lost due to employee departure or system failure. Without escrow, encrypted data could become permanently inaccessible.

Thus, the correct answer is Escrow, the only mechanism specifically designed to allow recovery when decryption keys are unavailable.

Containmentis the phase wherean organization attempts to minimize the damage caused by a security incident. This may involve isolating affected systems, blocking malicious traffic, or temporarily shutting down compromised services to prevent further impact.

Recovery (A)focuses on restoring normal operations after an incident.

Preparation (C)involves planning and readiness before an incident occurs.

Analysis (D)involvesinvestigating the root causeand assessing the damage.