Log in
Sign up for FREE
arrow_back
Library

SY0-701 Practice A

star
star
star
star
star
Last updated over 1 year ago
106 questions
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
Question 1
1.

Choose Attack Type: Attacker obtains bank account number and birth date by calling the victim.

Question 2
2.

Choose Attack Type: Attacker accesses a database directly from a web browser.

Question 3
3.

Choose Attack Type: Attacker intercepts all communication between a client and a web server.

Question 4
4.

Choose Attack Type: Multiple attackers overwhelm a web server.

Question 5
5.

Choose Attack Type: Attacker obtains a list of all login credentials used over the last 24 hours.

Question 6
6.

The security team at a manufacturing company is creating a set of security standards for employees and visitors. Select the BEST security controls for: Outside Building (Parking and visitor drop-off).

Question 7
7.

The security team at a manufacturing company is creating a set of security standards for employees and visitors. Select the BEST security controls for: Reception (Building lobby).

Question 8
8.

The security team at a manufacturing company is creating a set of security standards for employees and visitors. Select the BEST security controls for: Data Center Door (Entrance from inside building).

Question 9
9.

The security team at a manufacturing company is creating a set of security standards for employees and visitors. Select the BEST security control for: Server Administration (Authentication to server console in the data center).

Question 10
10.

Select the most appropriate category: A guard checks the identification of all visitors.

Question 11
11.

Select the most appropriate category: All returns must be approved by a Vice President.

Question 12
12.

Select the most appropriate category: A generator is used during a power outage.

Question 13
13.

Select the most appropriate category: Building doors can be unlocked with an access card.

Question 14
14.

Select the most appropriate category: System logs are transferred automatically to a SIEM.

Question 15
15.

Select the most appropriate authentication factor: During the login process, your phone receives a text message with a one-time passcode.

Question 16
16.

Select the most appropriate authentication factor: You enter your PIN to make a deposit into an ATM.

Question 17
17.

Select the most appropriate authentication factor: You can use your finger to unlock the door to the data center.

Question 18
18.

Select the most appropriate authentication factor: Your login will not work unless you are connected to the VPN.

Question 19
19.

What Protocol and Port would be used to configure the following firewall rule: Block HTTP sessions between a web server and database server.

Question 20
20.

What Protocol and Port would be used to configure the following firewall rule: Allow a storage server to transfer files to a video server over HTTPS.

Question 21
21.

What Protocol and Port would be used to configure the following firewall rule: Allow a management server to use a secure terminal on a file server.

Question 22
22.

A company has hired a third-party to gather information about the company’s servers and data. This third-party will not have direct access to the company's internal network, but they can gather information from any other source. Which of the following would BEST describe this approach?

Question 23
23.

A company's email server has received an email from a third-party, but the origination server does not match the list of authorized devices. Which of the following would determine the disposition of this message?

Question 24
24.

Which of these threat actors would be MOST likely to attack systems for direct financial gain?

Question 25
25.

A security administrator has examined a server recently compromised by an attacker, and has determined the system was exploited due to a known operating system vulnerability. Which of the following would BEST describe this finding?

Question 26
26.

A city is building an ambulance service network for emergency medical dispatching. Which of the following should have the highest priority?

Question 27
27.

A system administrator receives a text alert when access rights are changed on a database containing private customer information. Which of the following would describe this alert?

Question 28
28.

A security administrator is concerned about the potential for data exfiltration using external storage drives. Which of the following would be the BEST way to prevent this method of data exfiltration?

Question 29
29.

A company creates a standard set of government reports each calendar quarter. Which of the following would describe this type of data?

Question 30
30.

An insurance company has created a set of policies to handle data breaches. The security team has been given this set of requirements based on these policies: • Access records from all devices must be saved and archived • Any data access outside of normal working hours must be immediately reported • Data access must only occur inside of the country • Access logs and audit reports must be created from a single database Which of the following should be implemented by the security team to meet these requirements? (Select THREE)

Question 31
31.

A security engineer, is viewing this record from the firewall logs: UTC 04/05/2023 03:09:15809 AV Gateway Alert 136.127.92.171 80 -> 10.16.10.14 60818 Gateway Anti-Virus Alert: (Trojan) blocked. Which of the following can be observed from this log information?

Question 32
32.

A user connects to a third-party website and receives this message: Your connection is not private. NET::ERR_CERT_INVALID Which of the following attacks would be the MOST likely reason for this message?

Question 33
33.

Which of the following would be the BEST way to provide a website login using existing credentials from a third-party site?

Question 34
34.

A system administrator is working on a contract that will specify a minimum required uptime for a set of Internet-facing firewalls. The administrator needs to know how often the firewall hardware is expected to fail between repairs. Which of the following would BEST describe this information?

Question 35
35.

An attacker calls into a company’s help desk and pretends to be the director of the company’s manufacturing department. The attacker states that they have forgotten their password and they need to have the password reset quickly for an important meeting. What kind of attack would BEST describe this phone call?

Question 36
36.

Two companies have been working together for a number of months, and they would now like to qualify their partnership with a broad formal agreement between both organizations. Which of the following would describe this agreement?

Question 37
37.

Which of the following would explain why a company would automatically add a digital signature to each outgoing email message?

Question 38
38.

The embedded OS in a company’s time clock appliance is configured to reset the file system and reboot when a file system error occurs. On one of the time clocks, this file system error occurs during the startup process and causes the system to constantly reboot. Which of the following BEST describes this issue?

Question 39
39.

A recent audit has found that existing password policies do not include any restrictions on password attempts, and users are not required to periodically change their passwords. Which of the following would correct these policy issues? (Select TWO)

Question 40
40.

What kind of security control is associated with a login banner?

Question 41
41.

An internal audit has discovered four servers that have not been updated in over a year, and it will take two weeks to test and deploy the latest patches. Which of the following would be the best way to quickly respond to this situation in the meantime?

Question 42
42.

A business manager is documenting a set of steps for processing orders if the primary Internet connection fails. Which of these would BEST describe these steps?

Question 43
43.

A company would like to examine the credentials of each individual entering the data center building. Which of the following would BEST facilitate this requirement?

Question 44
44.

A company stores some employee information in encrypted form, but other public details are stored as plaintext. Which of the following would BEST describe this encryption strategy?

Question 45
45.

A company would like to minimize database corruption if power is lost to a server. Which of the following would be the BEST strategy to follow?

Question 46
46.

A company is creating a security policy for corporate mobile devices: • All mobile devices must be automatically locked after a predefined time period. • The location of each device needs to be traceable. • All of the user’s information should be completely separate from company data. Which of the following would be the BEST way to establish these security policy rules?

Question 47
47.

A security engineer runs a monthly vulnerability scan. The scan doesn’t list any vulnerabilities for Windows servers, but a significant vulnerability was announced last week and none of the servers are patched yet. Which of the following best describes this result?

Question 48
48.

An IT help desk is using automation to improve the response time for security events. Which of the following use cases would apply to this process?

Question 49
49.

A network administrator would like each user to authenticate with their corporate username and password when connecting to the company's wireless network. Which of the following should the network administrator configure on the wireless access points?

Question 50
50.

A company's VPN service performs a posture assessment during the login process. Which of the following mitigation techniques would this describe?

Question 51
51.

A user has assigned individual rights and permissions to a file on their network drive. The user adds three additional individuals to have read-only access to the file. Which of the following would describe this access control model?

Question 52
52.

A remote user has received a text message with a link to login and confirm their upcoming work schedule. Which of the following would BEST describe this attack?

Question 53
53.

A company is formalizing the design and deployment process used by their application programmers. Which of the following policies would apply?

Question 54
54.

A security administrator has copied a suspected malware executable from a user's computer and is running the program in a sandbox. Which of the following would describe this part of the incident response process?

Question 55
55.

A server administrator at a bank has noticed a decrease in the number of visitors to the bank's website. Additional research shows that users are being directed to a different IP address than the bank's web server. Which of the following would MOST likely describe this attack?

Question 56
56.

Which of the following considerations are MOST commonly associated with a hybrid cloud model?

Question 57
57.

A company hires a large number of seasonal employees, and their system access should normally be disabled when the employee leaves the company. The security administrator would like to verify that their systems cannot be accessed by any of the former employees. Which of the following would be the BEST way to provide this verification?

Question 58
58.

Which of the following is used to describe how cautious an organization might be to taking a specific risk?

Question 59
59.

A technician is applying a series of patches to fifty web servers during a scheduled maintenance window. After patching and rebooting the first server, the web service fails with a critical error. Which of the following should the technician do NEXT?

Question 60
60.

An attacker has discovered a way to disable a server by sending specially crafted packets from many remote devices to the operating system. When the packet is received, the system crashes and must be rebooted to restore normal operations. Which of the following would BEST describe this attack?

Question 61
61.

A data breach has occurred in a large insurance company. A security administrator is building new servers and security systems to get all of the financial systems back online. Which part of the incident response process would BEST describe these actions?

Question 62
62.

A network team has installed new access points to support an application launch. In less than 24 hours, the wireless network was attacked and private company information was accessed. Which of the following would be the MOST likely reason for this breach?

Question 63
63.

An organization has identified a significant vulnerability in an Internet facing firewall. The firewall company has stated the firewall is no longer available for sale and there are no plans to create a patch for this vulnerability. Which of the following would BEST describe this issue?

Question 64
64.

A company has decided to perform a disaster recovery exercise during an annual meeting with the IT directors and senior directors. A simulated disaster will be presented, and the participants will discuss the logistics and processes required to resolve the disaster. Which of the following would BEST describe this exercise?

Question 65
65.

A security administrator needs to block users from visiting websites hosting malicious software. Which of the following would be the BEST way to control this access?

Question 66
66.

A system administrator has been called to a system with a malware infection. As part of the incident response process, the administrator has imaged the operating system to a known-good version. Which of these incident response steps is the administrator following?

Question 67
67.

A company has placed a SCADA system on a segmented network with limited access from the rest of the corporate network. Which of the following would describe this process?

Question 68
68.

An administrator is viewing the following security log: Dec 30 08:40:03 web01 Failed password for root from 10.101.88.230 port 26244 ssh2 Dec 30 08:40:05 web01 Failed password for root from 10.101.88.230 port 26244 ssh2 Dec 30 08:40:09 web01 445 more authentication failures; rhost=10.101.88.230 user=root Which of the following would describe this attack?

Question 69
69.

During a morning login process, a user's laptop was moved to a private VLAN and a series of updates were automatically installed. Which of the following would describe this process?

Question 70
70.

Which of the following describes two-factor authentication?

Question 71
71.

A company is deploying a new application to all employees in the field. Some of the problems associated with this roll out include: • The company does not have a way to manage the devices in the field • Team members have many different kinds of mobile devices • The same device needs to be used for both corporate and private use Which of the following deployment models would address these concerns?

Question 72
72.

An organization is installing a UPS for their new data center. Which of the following would BEST describe this control type?

Question 73
73.

A manufacturing company would like to track the progress of parts used on an assembly line. Which of the following technologies would be the BEST choice for this task?

Question 74
74.

A company's website has been compromised and the website content has been replaced with a political message. Which of the following threat actors would be the MOST likely culprit?

Question 75
75.

A Linux administrator is downloading an updated version of her Linux distribution. The download site shows a link to the ISO and a SHA256 hash value. Which of these would describe the use of this hash value?

Question 76
76.

A company's security policy requires that login access should only be available if a person is physically within the same building as the server. Which of the following would be the BEST way to provide this requirement?

Question 77
77.

A development team has installed a new application and database to a cloud service. After running a vulnerability scanner on the application instance, a security administrator finds the database is available for anyone to query without providing any authentication. Which of these vulnerabilities is MOST associated with this issue?

Question 78
78.

Employees of an organization have received an email with a link offering a cash bonus for completing an internal training course. Which of the following would BEST describe this email?

Question 79
79.

Which of the following risk management strategies would include the purchase and installation of an NGFW?

Question 80
80.

An organization is implementing a security model where all application requests must be validated at a policy enforcement point. Which of the following would BEST describe this model?

Question 81
81.

A company is installing a new application in a public cloud. Which of the following determines the assignment of data security in this cloud infrastructure?

Question 82
82.

When decommissioning a device, a company documents the type and size of storage drive, the amount of RAM, and any installed adapter cards. Which of the following describes this process?

Question 83
83.

An attacker has sent more information than expected in a single API call, and this has allowed the execution of arbitrary code. Which of the following would BEST describe this attack?

Question 84
84.

A company encourages users to encrypt all of their confidential materials on a central server. The organization would like to enable key escrow as a backup option. Which of these keys should the organization place into escrow?

Question 85
85.

A company is in the process of configuring and enabling host-based firewalls on all user devices. Which of the following threats is the company addressing?

Question 86
86.

A manufacturing company would like to use an existing router to separate a corporate network from a manufacturing floor. Both networks use the same physical switch, and the company does not want to install any additional hardware. Which of the following would be the BEST choice for this segmentation?

Question 87
87.

An organization needs to provide a remote access solution for a newly deployed cloud-based application. This application is designed to be used by mobile field service technicians. Which of the following would be the best option for this requirement?

Question 88
88.

A company is implementing a quarterly security awareness campaign. Which of the following would MOST likely be part of this campaign?

Question 89
89.

A recent report shows the return of a vulnerability that was previously patched four months ago. After researching this issue, the security team has found a recent patch has reintroduced this vulnerability on the servers. Which of the following should the security administrator implement to prevent this issue from occurring in the future?

Question 90
90.

A security manager would like to ensure that unique hashes are used with an application login process. Which of the following would be the BEST way to add random data when generating a set of stored password hashes?

Question 91
91.

Which cryptographic method is used to add trust to a digital certificate?

Question 92
92.

A company is using SCAP as part of their security monitoring processes. Which of the following would BEST describe this implementation?

Question 93
93.

An organization maintains a large database of customer information for sales tracking and customer support. Which person in the organization would be responsible for managing the access rights to this data?

Question 94
94.

An organization’s content management system currently labels files and documents as “Public” and “Restricted.” On a recent update, a new classification type of “Private” was added. Which of the following would be the MOST likely reason for this addition?

Question 95
95.

A corporate security team would like to consolidate and protect the private keys across all of their web servers. Which of these would be the BEST way to securely store these keys?

Question 96
96.

A security technician is reviewing this security log from an IPS: ALERT 2023-06-01 13:07:29 Cross-Site Scripting in JSON Data 222.43.112.74:3332 -> 64.235.145.35:80 - Method POST - Query String "-" User Agent: curl/7.21.3 (i386-redhat-linux-gnu) libcurl/7.21.3 NSS/3.13.1.0 zlib/1.2.5 libidn/1.19 libssh2/1.2.7 Detail: token="" Which of the following can be determined from this log information? (Select TWO)

Question 97
97.

Which of the following describes a monetary loss if one event occurs?

Question 98
98.

A user with restricted access has typed this text in a search field of an internal web-based application: USER77' OR '1'='1 After submitting this search request, all database records are displayed on the screen. Which of the following would BEST describe this search?

Question 99
99.

A user has opened a helpdesk ticket complaining of poor system performance, excessive pop up messages, and the cursor moving without anyone touching the mouse. This issue began after they opened a spreadsheet from a vendor containing part numbers and pricing information. Which of the following is MOST likely the cause of this user's issues?

Question 100
100.

A web-based manufacturing company processes monthly charges to credit card information saved in the customer's profile. All of the customer information is encrypted and protected with additional authentication factors. Which of the following would be the justification for these security controls?

Question 101
101.

A security manager has created a report showing intermittent network communication from certain workstations on the internal network to one external IP address. These traffic patterns occur at random times during the day. Which of the following would be the MOST likely reason for these traffic patterns?

Question 102
102.

The security policies in a manufacturing company prohibit the transmission of customer information. However, a security administrator has received an alert that credit card numbers were transmitted as an email attachment. Which of the following was the MOST likely source of this alert message?

Question 103
103.

A security administrator has configured a virtual machine in a screened subnet with a guest login account and no password. Which of the following would be the MOST likely reason for this configuration?

Question 104
104.

A security administrator is configuring a DNS server with a SPF record. Which of the following would be the reason for this configuration?

Question 105
105.

A company would like to securely deploy applications without the overhead of installing a virtual machine for each system. Which of the following would be the BEST way to deploy these applications?

Question 106
106.

A company has just purchased a new application server, and the security director wants to determine if the system is secure. The system is currently installed in a test environment and will not be available to users until the roll out to production next week. Which of the following would be the BEST way to determine if any part of the system can be exploited?