SY0-701
Free trial
Verified
Question 1
Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?
- A: Hacktivist
- B: Whistleblower
- C: Organized crime
- D: Unskilled attacker
Question 2
An organization is leveraging a VPN between its headquarters and a branch location. Which of the following is the VPN protecting?
- A: Data in use
- B: Data in transit
- C: Geographic restrictions
- D: Data sovereignty
Question 3
After reviewing the following vulnerability scanning report:
A security analyst performs the following test:
Which of the following would the security analyst conclude for this reported vulnerability?
- A: It is a false positive.
- B: A rescan is required.
- C: It is considered noise.
- D: Compensating controls exist.
Question 4
An organization disabled unneeded services and placed a firewall in front of a business-critical legacy system. Which of the following best describes the actions taken by the organization?
- A: Exception
- B: Segmentation
- C: Risk transfer
- D: Compensating controls
Question 5
A security consultant needs secure, remote access to a client environment. Which of the following should the security consultant most likely use to gain access?
- A: EAP
- B: DHCP
- C: IPSec
- D: NAT
Question 6
Which of the following should a systems administrator use to ensure an easy deployment of resources within the cloud provider?
- A: Software as a service
- B: Infrastructure as code
- C: Internet of Things
- D: Software-defined networking
Question 7
After a security awareness training session, a user called the IT help desk and reported a suspicious call. The suspicious caller stated that the Chief Financial Officer wanted credit card information in order to close an invoice. Which of the following topics did the user recognize from the training?
- A: Insider threat
- B: Email phishing
- C: Social engineering
- D: Executive whaling
Question 8
A security administrator is deploying a DLP solution to prevent the exfiltration of sensitive customer data. Which of the following should the administrator do first?
- A: Block access to cloud storage websites.
- B: Create a rule to block outgoing email attachments.
- C: Apply classifications to the data.
- D: Remove all user permissions from shares on the file server.
Question 9
An administrator assists the legal and compliance team with ensuring information about customer transactions is archived for the proper time period. Which of the following data policies is the administrator carrying out?
- A: Compromise
- B: Retention
- C: Analysis
- D: Transfer
- E: Inventory
Question 10
A company is working with a vendor to perform a penetration test. Which of the following includes an estimate about the number of hours required to complete the engagement?
- A: SOW
- B: BPA
- C: SLA
- D: NDA
Question 11
A Chief Information Security Officer (CISO) wants to explicitly raise awareness about the increase of ransomware-as-a-service in a report to the management team. Which of the following best describes the threat actor in the CISO’s report?
- A: Insider threat
- B: Hacktivist
- C: Nation-state
- D: Organized crime
Question 12
Several employees received a fraudulent text message from someone claiming to be the Chief Executive Officer (CEO). The message stated:
“I’m in an airport right now with no access to email. I need you to buy gift cards for employee recognition awards. Please send the gift cards to following email address.”
Which of the following are the best responses to this situation? (Choose two).
- A: Cancel current employee recognition gift cards.
- B: Add a smishing exercise to the annual company training.
- C: Issue a general email warning to the company.
- D: Have the CEO change phone numbers.
- E: Conduct a forensic investigation on the CEO’s phone.
- F: Implement mobile device management.
Question 13
Which of the following practices would be best to prevent an insider from introducing malicious code into a company's development process?
- A: Code scanning for vulnerabilities
- B: Open-source component usage
- C: Quality assurance testing
- D: Peer review and approval
Question 14
Which of the following can best protect against an employee inadvertently installing malware on a company system?
- A: Host-based firewall
- B: System isolation
- C: Least privilege
- D: Application allow list
Question 15
A company is adding a clause to its AUP that states employees are not allowed to modify the operating system on mobile devices. Which of the following vulnerabilities is the organization addressing?
- A: Cross-site scripting
- B: Buffer overflow
- C: Jailbreaking
- D: Side loading
Question 16
Which of the following would be the best ways to ensure only authorized personnel can access a secure facility? (Choose two.)
- A: Fencing
- B: Video surveillance
- C: Badge access
- D: Access control vestibule
- E: Sign-in sheet
- F: Sensor
Question 17
An organization would like to store customer data on a separate part of the network that is not accessible to users on the main corporate network. Which of the following should the administrator use to accomplish this goal?
- A: Segmentation
- B: Isolation
- C: Patching
- D: Encryption
Question 18
Which of the following is the most common data loss path for an air-gapped network?
- A: Bastion host
- B: Unsecured Bluetooth
- C: Unpatched OS
- D: Removable devices
Question 19
Malware spread across a company's network after an employee visited a compromised industry blog. Which of the following best describes this type of attack?
- A: Impersonation
- B: Disinformation
- C: Watering-hole
- D: Smishing
Question 20
An organization is struggling with scaling issues on its VPN concentrator and internet circuit due to remote work. The organization is looking for a software solution that will allow it to reduce traffic on the VPN and internet circuit, while still providing encrypted tunnel access to the data center and monitoring of remote employee internet traffic. Which of the following will help achieve these objectives?
- A: Deploying a SASE solution to remote employees
- B: Building a load-balanced VPN solution with redundant internet
- C: Purchasing a low-cost SD-WAN solution for VPN traffic
- D: Using a cloud provider to create additional VPN concentrators
Question 21
Which of the following is the best reason to complete an audit in a banking environment?
- A: Regulatory requirement
- B: Organizational change
- C: Self-assessment requirement
- D: Service-level requirement
Question 22
Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?
- A: Integrity
- B: Availability
- C: Confidentiality
- D: Non-repudiation
Question 23
A company is required to use certified hardware when building networks. Which of the following best addresses the risks associated with procuring counterfeit hardware?
- A: A thorough analysis of the supply chain
- B: A legally enforceable corporate acquisition policy
- C: A right to audit clause in vendor contracts and SOWs
- D: An in-depth penetration test of all suppliers and vendors
Question 24
Which of the following are cases in which an engineer should recommend the decommissioning of a network device? (Choose two.)
- A: The device has been moved from a production environment to a test environment.
- B: The device is configured to use cleartext passwords.
- C: The device is moved to an isolated segment on the enterprise network.
- D: The device is moved to a different location in the enterprise.
- E: The device's encryption level cannot meet organizational standards.
- F: The device is unable to receive authorized updates.
Question 25
A company is required to perform a risk assessment on an annual basis. Which of the following types of risk assessments does this requirement describe?
- A: Continuous
- B: Ad hoc
- C: Recurring
- D: One time
Free preview mode
Enjoy the free questions and consider upgrading to gain full access!