SY0-701 Practice A - Jake Loftus | Library

1

Choose Attack Type: Attacker obtains bank account number and birth date by calling the victim.

1

Choose Attack Type: Attacker accesses a database directly from a web browser.

1

Choose Attack Type: Attacker intercepts all communication between a client and a web server.

1

Choose Attack Type: Multiple attackers overwhelm a web server.

1

Choose Attack Type: Attacker obtains a list of all login credentials used over the last 24 hours.

1

The security team at a manufacturing company is creating a set of security standards for employees and visitors. Select the BEST security controls for: Outside Building (Parking and visitor drop-off).

1

The security team at a manufacturing company is creating a set of security standards for employees and visitors. Select the BEST security controls for: Reception (Building lobby).

1

The security team at a manufacturing company is creating a set of security standards for employees and visitors. Select the BEST security controls for: Data Center Door (Entrance from inside building).

1

The security team at a manufacturing company is creating a set of security standards for employees and visitors. Select the BEST security control for: Server Administration (Authentication to server console in the data center).

1

Select the most appropriate category: A guard checks the identification of all visitors.

1

Select the most appropriate category: All returns must be approved by a Vice President.

1

Select the most appropriate category: A generator is used during a power outage.

1

Select the most appropriate category: Building doors can be unlocked with an access card.

1

Select the most appropriate category: System logs are transferred automatically to a SIEM.

1

Select the most appropriate authentication factor: During the login process, your phone receives a text message with a one-time passcode.

1

Select the most appropriate authentication factor: You enter your PIN to make a deposit into an ATM.

1

Select the most appropriate authentication factor: You can use your finger to unlock the door to the data center.

1

Select the most appropriate authentication factor: Your login will not work unless you are connected to the VPN.

1

What Protocol and Port would be used to configure the following firewall rule: Block HTTP sessions between a web server and database server.

1

What Protocol and Port would be used to configure the following firewall rule: Allow a storage server to transfer files to a video server over HTTPS.

1

What Protocol and Port would be used to configure the following firewall rule: Allow a management server to use a secure terminal on a file server.

1

A company has hired a third-party to gather information about the company’s servers and data. This third-party will not have direct access to the company's internal network, but they can gather information from any other source. Which of the following would BEST describe this approach?

1

A company's email server has received an email from a third-party, but the origination server does not match the list of authorized devices. Which of the following would determine the disposition of this message?

1

Which of these threat actors would be MOST likely to attack systems for direct financial gain?

1

A security administrator has examined a server recently compromised by an attacker, and has determined the system was exploited due to a known operating system vulnerability. Which of the following would BEST describe this finding?

1

A city is building an ambulance service network for emergency medical dispatching. Which of the following should have the highest priority?

1

A system administrator receives a text alert when access rights are changed on a database containing private customer information. Which of the following would describe this alert?

1

A security administrator is concerned about the potential for data exfiltration using external storage drives. Which of the following would be the BEST way to prevent this method of data exfiltration?

1

A company creates a standard set of government reports each calendar quarter. Which of the following would describe this type of data?

1

An insurance company has created a set of policies to handle data breaches. The security team has been given this set of requirements based on these policies: • Access records from all devices must be saved and archived • Any data access outside of normal working hours must be immediately reported • Data access must only occur inside of the country • Access logs and audit reports must be created from a single database Which of the following should be implemented by the security team to meet these requirements? (Select THREE)

1

A security engineer, is viewing this record from the firewall logs: UTC 04/05/2023 03:09:15809 AV Gateway Alert 136.127.92.171 80 -> 10.16.10.14 60818 Gateway Anti-Virus Alert: (Trojan) blocked. Which of the following can be observed from this log information?

1

A user connects to a third-party website and receives this message: Your connection is not private. NET::ERR_CERT_INVALID Which of the following attacks would be the MOST likely reason for this message?

1

Which of the following would be the BEST way to provide a website login using existing credentials from a third-party site?

1

A system administrator is working on a contract that will specify a minimum required uptime for a set of Internet-facing firewalls. The administrator needs to know how often the firewall hardware is expected to fail between repairs. Which of the following would BEST describe this information?

1

An attacker calls into a company’s help desk and pretends to be the director of the company’s manufacturing department. The attacker states that they have forgotten their password and they need to have the password reset quickly for an important meeting. What kind of attack would BEST describe this phone call?

1

Two companies have been working together for a number of months, and they would now like to qualify their partnership with a broad formal agreement between both organizations. Which of the following would describe this agreement?

1

Which of the following would explain why a company would automatically add a digital signature to each outgoing email message?

1

The embedded OS in a company’s time clock appliance is configured to reset the file system and reboot when a file system error occurs. On one of the time clocks, this file system error occurs during the startup process and causes the system to constantly reboot. Which of the following BEST describes this issue?

1

A recent audit has found that existing password policies do not include any restrictions on password attempts, and users are not required to periodically change their passwords. Which of the following would correct these policy issues? (Select TWO)

1

What kind of security control is associated with a login banner?

1

An internal audit has discovered four servers that have not been updated in over a year, and it will take two weeks to test and deploy the latest patches. Which of the following would be the best way to quickly respond to this situation in the meantime?

1

A business manager is documenting a set of steps for processing orders if the primary Internet connection fails. Which of these would BEST describe these steps?

1

A company would like to examine the credentials of each individual entering the data center building. Which of the following would BEST facilitate this requirement?

1

A company stores some employee information in encrypted form, but other public details are stored as plaintext. Which of the following would BEST describe this encryption strategy?

1

A company would like to minimize database corruption if power is lost to a server. Which of the following would be the BEST strategy to follow?

1

A company is creating a security policy for corporate mobile devices: • All mobile devices must be automatically locked after a predefined time period. • The location of each device needs to be traceable. • All of the user’s information should be completely separate from company data. Which of the following would be the BEST way to establish these security policy rules?

1

A security engineer runs a monthly vulnerability scan. The scan doesn’t list any vulnerabilities for Windows servers, but a significant vulnerability was announced last week and none of the servers are patched yet. Which of the following best describes this result?

1

An IT help desk is using automation to improve the response time for security events. Which of the following use cases would apply to this process?

1

A network administrator would like each user to authenticate with their corporate username and password when connecting to the company's wireless network. Which of the following should the network administrator configure on the wireless access points?

1

A company's VPN service performs a posture assessment during the login process. Which of the following mitigation techniques would this describe?

1

A user has assigned individual rights and permissions to a file on their network drive. The user adds three additional individuals to have read-only access to the file. Which of the following would describe this access control model?

1

A remote user has received a text message with a link to login and confirm their upcoming work schedule. Which of the following would BEST describe this attack?

1

A company is formalizing the design and deployment process used by their application programmers. Which of the following policies would apply?

1

A security administrator has copied a suspected malware executable from a user's computer and is running the program in a sandbox. Which of the following would describe this part of the incident response process?

1

A server administrator at a bank has noticed a decrease in the number of visitors to the bank's website. Additional research shows that users are being directed to a different IP address than the bank's web server. Which of the following would MOST likely describe this attack?

1

Which of the following considerations are MOST commonly associated with a hybrid cloud model?

1

A company hires a large number of seasonal employees, and their system access should normally be disabled when the employee leaves the company. The security administrator would like to verify that their systems cannot be accessed by any of the former employees. Which of the following would be the BEST way to provide this verification?

1

Which of the following is used to describe how cautious an organization might be to taking a specific risk?

1

A technician is applying a series of patches to fifty web servers during a scheduled maintenance window. After patching and rebooting the first server, the web service fails with a critical error. Which of the following should the technician do NEXT?

1

An attacker has discovered a way to disable a server by sending specially crafted packets from many remote devices to the operating system. When the packet is received, the system crashes and must be rebooted to restore normal operations. Which of the following would BEST describe this attack?

1

A data breach has occurred in a large insurance company. A security administrator is building new servers and security systems to get all of the financial systems back online. Which part of the incident response process would BEST describe these actions?

1

A network team has installed new access points to support an application launch. In less than 24 hours, the wireless network was attacked and private company information was accessed. Which of the following would be the MOST likely reason for this breach?

1

An organization has identified a significant vulnerability in an Internet facing firewall. The firewall company has stated the firewall is no longer available for sale and there are no plans to create a patch for this vulnerability. Which of the following would BEST describe this issue?

1

A company has decided to perform a disaster recovery exercise during an annual meeting with the IT directors and senior directors. A simulated disaster will be presented, and the participants will discuss the logistics and processes required to resolve the disaster. Which of the following would BEST describe this exercise?

1

A security administrator needs to block users from visiting websites hosting malicious software. Which of the following would be the BEST way to control this access?

1

A system administrator has been called to a system with a malware infection. As part of the incident response process, the administrator has imaged the operating system to a known-good version. Which of these incident response steps is the administrator following?

1

A company has placed a SCADA system on a segmented network with limited access from the rest of the corporate network. Which of the following would describe this process?

1

An administrator is viewing the following security log: Dec 30 08:40:03 web01 Failed password for root from 10.101.88.230 port 26244 ssh2 Dec 30 08:40:05 web01 Failed password for root from 10.101.88.230 port 26244 ssh2 Dec 30 08:40:09 web01 445 more authentication failures; rhost=10.101.88.230 user=root Which of the following would describe this attack?

1

During a morning login process, a user's laptop was moved to a private VLAN and a series of updates were automatically installed. Which of the following would describe this process?

1

Which of the following describes two-factor authentication?

1

A company is deploying a new application to all employees in the field. Some of the problems associated with this roll out include: • The company does not have a way to manage the devices in the field • Team members have many different kinds of mobile devices • The same device needs to be used for both corporate and private use Which of the following deployment models would address these concerns?

1

An organization is installing a UPS for their new data center. Which of the following would BEST describe this control type?

1

A manufacturing company would like to track the progress of parts used on an assembly line. Which of the following technologies would be the BEST choice for this task?

1

A company's website has been compromised and the website content has been replaced with a political message. Which of the following threat actors would be the MOST likely culprit?

1

A Linux administrator is downloading an updated version of her Linux distribution. The download site shows a link to the ISO and a SHA256 hash value. Which of these would describe the use of this hash value?

1

A company's security policy requires that login access should only be available if a person is physically within the same building as the server. Which of the following would be the BEST way to provide this requirement?

1

A development team has installed a new application and database to a cloud service. After running a vulnerability scanner on the application instance, a security administrator finds the database is available for anyone to query without providing any authentication. Which of these vulnerabilities is MOST associated with this issue?

1

Employees of an organization have received an email with a link offering a cash bonus for completing an internal training course. Which of the following would BEST describe this email?

1

Which of the following risk management strategies would include the purchase and installation of an NGFW?

1

An organization is implementing a security model where all application requests must be validated at a policy enforcement point. Which of the following would BEST describe this model?

1

A company is installing a new application in a public cloud. Which of the following determines the assignment of data security in this cloud infrastructure?

1

When decommissioning a device, a company documents the type and size of storage drive, the amount of RAM, and any installed adapter cards. Which of the following describes this process?

1

An attacker has sent more information than expected in a single API call, and this has allowed the execution of arbitrary code. Which of the following would BEST describe this attack?

1

A company encourages users to encrypt all of their confidential materials on a central server. The organization would like to enable key escrow as a backup option. Which of these keys should the organization place into escrow?

1

A company is in the process of configuring and enabling host-based firewalls on all user devices. Which of the following threats is the company addressing?

1

A manufacturing company would like to use an existing router to separate a corporate network from a manufacturing floor. Both networks use the same physical switch, and the company does not want to install any additional hardware. Which of the following would be the BEST choice for this segmentation?

1

An organization needs to provide a remote access solution for a newly deployed cloud-based application. This application is designed to be used by mobile field service technicians. Which of the following would be the best option for this requirement?

1

A company is implementing a quarterly security awareness campaign. Which of the following would MOST likely be part of this campaign?

1

A recent report shows the return of a vulnerability that was previously patched four months ago. After researching this issue, the security team has found a recent patch has reintroduced this vulnerability on the servers. Which of the following should the security administrator implement to prevent this issue from occurring in the future?

1

A security manager would like to ensure that unique hashes are used with an application login process. Which of the following would be the BEST way to add random data when generating a set of stored password hashes?

1

Which cryptographic method is used to add trust to a digital certificate?

1

A company is using SCAP as part of their security monitoring processes. Which of the following would BEST describe this implementation?

1

An organization maintains a large database of customer information for sales tracking and customer support. Which person in the organization would be responsible for managing the access rights to this data?

1

An organization’s content management system currently labels files and documents as “Public” and “Restricted.” On a recent update, a new classification type of “Private” was added. Which of the following would be the MOST likely reason for this addition?

1

A corporate security team would like to consolidate and protect the private keys across all of their web servers. Which of these would be the BEST way to securely store these keys?

1

A security technician is reviewing this security log from an IPS: ALERT 2023-06-01 13:07:29 Cross-Site Scripting in JSON Data 222.43.112.74:3332 -> 64.235.145.35:80 - Method POST - Query String "-" User Agent: curl/7.21.3 (i386-redhat-linux-gnu) libcurl/7.21.3 NSS/3.13.1.0 zlib/1.2.5 libidn/1.19 libssh2/1.2.7 Detail: token="" Which of the following can be determined from this log information? (Select TWO)

1

Which of the following describes a monetary loss if one event occurs?

1

A user with restricted access has typed this text in a search field of an internal web-based application: USER77' OR '1'='1 After submitting this search request, all database records are displayed on the screen. Which of the following would BEST describe this search?

1

A user has opened a helpdesk ticket complaining of poor system performance, excessive pop up messages, and the cursor moving without anyone touching the mouse. This issue began after they opened a spreadsheet from a vendor containing part numbers and pricing information. Which of the following is MOST likely the cause of this user's issues?

1

A web-based manufacturing company processes monthly charges to credit card information saved in the customer's profile. All of the customer information is encrypted and protected with additional authentication factors. Which of the following would be the justification for these security controls?

1

A security manager has created a report showing intermittent network communication from certain workstations on the internal network to one external IP address. These traffic patterns occur at random times during the day. Which of the following would be the MOST likely reason for these traffic patterns?

1

The security policies in a manufacturing company prohibit the transmission of customer information. However, a security administrator has received an alert that credit card numbers were transmitted as an email attachment. Which of the following was the MOST likely source of this alert message?

1

A security administrator has configured a virtual machine in a screened subnet with a guest login account and no password. Which of the following would be the MOST likely reason for this configuration?

1

A security administrator is configuring a DNS server with a SPF record. Which of the following would be the reason for this configuration?

1

A company would like to securely deploy applications without the overhead of installing a virtual machine for each system. Which of the following would be the BEST way to deploy these applications?

1

A company has just purchased a new application server, and the security director wants to determine if the system is secure. The system is currently installed in a test environment and will not be available to users until the roll out to production next week. Which of the following would be the BEST way to determine if any part of the system can be exploited?