SY0-701 Practice B - Jake Loftus | Library

1

Match the certificate characteristic to the description: This is a file containing a list of the revoked certificates. Maintained by the associated certificate authority.

1

Match the certificate characteristic to the description: This is sent with the public key to the certificate authority. Once verified, the CA will digitally sign the public key certificate.

1

Match the certificate characteristic to the description: This is the administrative control for any public key infrastructure deployment.

1

Match the certificate characteristic to the description: This is a protocol used by the browser to check the revocation status of a certificate.

1

An organization is deploying a mobile app to its sales team in the field. The application will be accessed from tablets for remote team members and a browser-based front-end on desktops for corporate office users. The application contains sensitive customer information, and two forms of authentication are required to launch the application. Select the best security features for the following platform: Tablet for Field Sales

1

An organization is deploying a mobile app to its sales team in the field. The application will be accessed from tablets for remote team members and a browser-based front-end on desktops for corporate office users. The application contains sensitive customer information, and two forms of authentication are required to launch the application. Select the best security features for the following platform: Desktop with Browser-based Front-end

1

What is the first phase in incident response?

1

What is the second phase in incident response?

1

What is the third phase in incident response?

1

What is the fourth phase in incident response?

1

What is the fifth phase in incident response?

1

What is the sixth phase in incident response?

1

What is the final phase in incident response?

1

Match the security technology to the implementation: Store a password on an authentication server.

1

Match the security technology to the implementation: Verify a sender's identity.

1

Match the security technology to the implementation: Authenticate the server sending an email.

1

Match the security technology to the implementation: Prevent data corruption when a system fails.

1

Match the security technology to the implementation: Modify a script to make it difficult to understand.

1

Match the security technology to the implementation: Store keys with a third-party.

1

Select the data state that best fits the description: All switches in a data center are connected with an 802.1Q trunk.

1

Select the data state that best fits the description: Sales information is uploaded daily from a remote site using a satellite network.

1

Select the data state that best fits the description: A company stores customer purchase information in a MySQL database.

1

Select the data state that best fits the description: An application decrypts credit card numbers and expiration dates to validate for approval.

1

Select the data state that best fits the description: An authentication program performs a hash of all passwords.

1

Select the data state that best fits the description: An IPS identifies a SQL injection attack and removes the attack frames from the network.

1

Select the data state that best fits the description: An automatic teller machine validates a user's PIN before allowing a deposit.

1

Select the data state that best fits the description: Each time a spreadsheet is updated, all of the cells containing formulas are automatically updated.

1

Select the data state that best fits the description: All weekly backup tapes are transported to an offsite storage facility.

1

Select the data state that best fits the description: All user spreadsheets are stored on a cloud-based file sharing service.

1

A security administrator has performed an audit of the organization’s production web servers, and the results have identified default configurations, web services running from a privileged account, and inconsistencies with SSL certificates. Which of the following would be the BEST way to resolve these issues?

1

A shipping company stores information in small regional warehouses around the country. The company maintains an IPS at each warehouse to watch for suspicious traffic patterns. Which of the following would BEST describe the security control used at the warehouse?

1

The Vice President of Sales has asked the IT team to create daily backups of the sales data. The Vice President is an example of a:

1

A security engineer is preparing to conduct a penetration test of a third-party website. Part of the preparation involves reading through social media posts for information about this site. Which of the following describes this practice?

1

A company would like to orchestrate the response when a virus is detected on company devices. Which of the following would be the BEST way to implement this function?

1

A user in the accounting department has received a text message from the CEO. The message requests payment by cryptocurrency for a recently purchased tablet. Which of the following would BEST describe this attack?

1

A company has been informed of a hypervisor vulnerability that could allow users on one virtual machine to access resources on another virtual machine. Which of the following would BEST describe this vulnerability?

1

While working from home, users are attending a project meeting over a web conference. When typing in the meeting link, the browser is unexpectedly directed to a different website than the web conference. Users in the office do not have any issues accessing the conference site. Which of the following would be the MOST likely reason for this issue?

1

A company is launching a new internal application that will not start until a username and password is entered and a smart card is plugged into the computer. Which of the following BEST describes this process?

1

An online retailer is planning a penetration test as part of their PCI DSS validation. A third-party organization will be performing the test, and the online retailer has provided the Internet-facing IP addresses for their public web servers. No other details were provided. What penetration testing methodology is the online retailer using?

1

A manufacturing company produces radar used by commercial and military organizations. A recently proposed policy change would allow the use of mobile devices inside the facility. Which of the following would be the MOST significant threat vector issue associated with this change in policy?

1

Which of the following would be the BEST way for an organization to verify the digital signature provided by an external email server?

1

A company is using older operating systems for their web servers and are concerned of their stability during periods of high use. Which of the following should the company use to maximize the uptime and availability of this service?

1

A user in the accounting department would like to email a spreadsheet with sensitive information to a list of third-party vendors. Which of the following would be the BEST way to protect the data in this email?

1

A system administrator would like to segment the network to give the marketing, accounting, and manufacturing departments their own private network. The network communication between departments would be restricted for additional security. Which of the following should be configured on this network?

1

A technician at an MSP has been asked to manage devices on third-party private network. The technician needs command line access to internal routers, switches, and firewalls. Which of the following would provide the necessary access?

1

A transportation company is installing new wireless access points in their corporate office. The manufacturer estimates the access points will operate an average of 100,000 hours before a hardware-related outage. Which of the following describes this estimate?

1

A security administrator is creating a policy to prevent the disclosure of credit card numbers in a customer support application. Users of the application would only be able to view the last four digits of a credit card number. Which of the following would provide this functionality?

1

A user is authenticating through the use of a PIN and a fingerprint. Which of the following would describe these authentication factors?

1

A security administrator is configuring the authentication process used by technicians when logging into wireless access points and switches. Instead of using local accounts, the administrator would like to pass all login requests to a centralized database. Which of the following would be the BEST way to implement this requirement?

1

A recent audit has determined that many IT department accounts have been granted Administrator access. The audit recommends replacing these permissions with limited access rights. Which of the following would describe this policy?

1

A recent security audit has discovered usernames and passwords which can be easily viewed in a packet capture. Which of the following did the audit identify?

1

Before deploying a new application, a company is performing an internal audit to ensure all of their servers are configured with the appropriate security features. Which of the following would BEST describe this process?

1

An organization has previously purchased insurance to cover a ransomware attack, but the costs of maintaining the policy have increased above the acceptable budget. The company has now decided to cancel the insurance policies and address potential ransomware issues internally. Which of the following would best describe this action?

1

Which of these threat actors would be MOST likely to install a company's internal application on a public cloud provider?

1

An IPS report shows a series of exploit attempts were made against externally facing web servers. The system administrator of the web servers has identified a number of unusual log entries on each system. Which of the following would be the NEXT step in the incident response process?

1

A security administrator is viewing the logs on a laptop in the shipping and receiving department and identifies these events: 8:55:30 AM | D:\Downloads\ChangeLog-5.0.4.scr | Quarantine Success 9:22:54 AM | C:\Program Files\Photo Viewer\ViewerBase.dll | Quarantine Failure 9:44:05 AM | C:\Sales\Sample32.dat | Quarantine Success Which of the following would BEST describe the circumstances surrounding these events?

1

In the past, an organization has relied on the curated Apple App Store to avoid issues associated with malware and insecure applications. However, the IT department has discovered an iPhone in the shipping department with applications not available on the Apple App Store. How did the shipping department user install these apps on their mobile device?

1

A company has noticed an increase in support calls from attackers. These attackers are using social engineering to gain unauthorized access to customer data. Which of the following would be the BEST way to prevent these attacks?

1

As part of an internal audit, each department of a company has been asked to compile a list of all devices, operating systems, and applications in use. Which of the following would BEST describe this audit?

1

A company is concerned about security issues at their remote sites. Which of the following would provide the IT team with more information of potential shortcomings?

1

An attacker has identified a number of devices on a corporate network with the username of “admin” and the password of “admin.” Which of the following describes this situation?

1

A security administrator attends an annual industry convention with other security professionals from around the world. Which of the following attacks would be MOST likely in this situation?

1

A transportation company headquarters is located in an area with frequent power surges and outages. The security administrator is concerned about the potential for downtime and hardware failures. Which of the following would provide the most protection against these issues? Select TWO.

1

An organization has developed an in-house mobile device app for order processing. The developers would like the app to identify revoked server certificates without sending any traffic over the corporate Internet connection. Which of the following must be configured to allow this functionality?

1

A security administrator has been asked to build a network link to secure all communication between two remote locations. Which of the following would be the best choice for this task?

1

A Linux administrator has received a ticket complaining of response issues with a database server. After connecting to the server, the administrator views this information: Filesystem Size Used Avail Use% Mounted on /dev/xvda1 158G 158G 0 100% / Which of the following would BEST describe this information?

1

Which of the following can be used for credit card transactions from a mobile device without sending the actual credit card number across the network?

1

A security administrator receives a report each week showing a Linux vulnerability associated with a Windows server. Which of the following would prevent this information from appearing in the report?

1

Which of the following would a company use to calculate the loss of a business activity if a vulnerability is exploited?

1

An administrator is designing a network to be compliant with a security standard for storing credit card numbers. Which of the following would be the BEST choice to provide this compliance?

1

A company is accepting proposals for an upcoming project, and one of the responses is from a business owned by a board member. Which of the following would describe this situation?

1

A company has rolled out a new application that requires the use of a hardware-based token generator. Which of the following would be the BEST description of this access feature?

1

A company has signed an SLA with an Internet service provider. Which of the following would BEST describe the requirements of this SLA?

1

An attacker has created multiple social media accounts and is posting information in an attempt to get the attention of the media. Which of the following would BEST describe this attack?

1

Which of the following would be the BEST way to protect credit card account information when performing real-time purchase authorizations?

1

A company must comply with legal requirements for storing customer data in the same country as the customer's mailing address. Which of the following would describe this requirement?

1

A company is installing access points in all of their remote sites. Which of the following would provide confidentiality for all wireless data?

1

A security administrator has found a keylogger installed in an update of the company's accounting software. Which of the following would prevent the transmission of the collected logs?

1

A user in the marketing department is unable to connect to the wireless network. After authenticating with a username and password, the user receives this message: -- -- -- The connection attempt could not be completed. The Credentials provided by the server could not be validated. Radius Server: radius.example.com Root CA: Example.com Internal CA Root Certificate -- -- -- The access point is configured with WPA3 encryption and 802.1X authentication. Which of the following is the MOST likely reason for this login issue?

1

A security administrator has created a new policy prohibiting the use of MD5 hashes due to collision problems. Which of the following describes the reason for this new policy?

1

A security administrator has been tasked with hardening all internal web servers to control access from certain IP address ranges and ensure all transferred data remains confidential. Which of the following should the administrator include in his project plan? (Select TWO)

1

A security administrator has identified the installation of ransomware on a database server and has quarantined the system. Which of the following should be followed to ensure that the integrity of the evidence is maintained?

1

Which of the following would be the BEST option for application testing in an environment completely separated from the production network?

1

A security engineer is planning the installation of a new IPS. The network must remain operational if the IPS is turned off or disabled. Which of the following would describe this configuration?

1

Which of the following describes the process of hiding data from others by embedding the data inside of a different media type?

1

Which of the following vulnerabilities would be the MOST significant security concern when protecting against a hacktivist?

1

A company is installing a security appliance to protect the organization's web-based applications from attacks such as SQL injections and unexpected input. Which of the following would BEST describe this appliance?

1

Which of the following would be the BEST way to determine if files have been modified after the forensics data acquisition process has occurred?

1

A system administrator is implementing a password policy that would require letters, numbers, and special characters to be included in every password. Which of the following controls MUST be in place to enforce this password policy?

1

Which of the following would a company follow to deploy a weekly operating system patch?

1

Which of the following would be the MOST likely result of plaintext application communication?

1

A system administrator believes that certain configuration files on a Linux server have been modified from their original state. The administrator has reverted the configurations to their original state, but he would like to be notified if they are changed again. Which of the following would be the BEST way to provide this functionality?

1

A security administrator is updating the network infrastructure to support 802.1X. Which of the following would be the BEST choice for this configuration?

1

A company owns a time clock appliance, but the time clock doesn’t provide any access to the operating system and it doesn't provide a method to upgrade the firmware. Which of the following describes this appliance?

1

A company has deployed laptops to all employees, and each laptop is enumerated during each login. Which of the following is supported with this configuration?

1

A security manager believes that an employee is using their laptop to circumvent the corporate Internet security controls through the use of a cellular hotspot. Which of the following could be used to validate this belief? (Select TWO)

1

An application developer is creating a mobile device app that will require a true random number generator real-time memory encryption. Which of the following technologies would be the BEST choice for this app?

1

Which of the following would be a common result of a successful vulnerability scan?

1

When connected to the wireless network, users at a remote site receive an IP address which is not part of the corporate address scheme. Communication over this network is also slower than the wireless connections elsewhere in the building. Which of the following would be the MOST likely reason for these issues?

1

A company has identified a compromised server, and the security team would like to know if an attacker has used this device to move between systems. Which of the following would be the BEST way to provide this information?

1

A system administrator has protected a set of system backups with an encryption key. The system administrator used the same key when restoring files from this backup. Which of the following would BEST describe this encryption type?

1

A new malware variant takes advantage of a vulnerability in a popular email client. Once installed, the malware forwards all email attachments with credit card information to an external email address. Which of the following would limit the scope of this attack?

1

An organization has identified a security breach and has removed the affected servers from the network. Which of the following is the NEXT step in the incident response process?

1

A security administrator has been tasked with storing and protecting customer payment and shipping information for a three-year period. Which of the following would describe the source of this data?

1

Which of the following would be the main reasons why a system administrator would use a TPM when configuring full disk encryption? (Select TWO)

1

A security administrator is using an access control where each file or folder is assigned a security clearance level, such as “confidential” or “secret.” The security administrator then assigns a maximum security level to each user. What type of access control is used in this network?

1

A security administrator is reviewing a report showing a number of devices on internal networks are connecting with servers in the data center network. Which of the following security systems should be added to prevent internal systems from accessing data center devices?

1

A financial services company is headquartered in an area with a high occurrence of tropical storms and hurricanes. Which of the following would be MOST important when restoring services disabled by a storm?

1

A user in the mail room has reported an overall slowdown of his shipping management software. An anti-virus scan did not identify any issues, but a more thorough malware scan identified a kernel driver which is not part of the original operating system installation. Which of the following malware was installed on this system?

1

A virus scanner has identified a macro virus in a word processing file attached to an email. Which of the following information could be obtained from the metadata of this file?

1

When a person enters a data center facility, they must check-in before they are allowed to move further into the building. People who are leaving must be formally checked-out before they are able to exit the building. Which of the following would BEST facilitate this process?

1

A security administrator has discovered an employee exfiltrating confidential company information by embedding data within image files and emailing the images to a third-party. Which of the following would best describe this activity?

1

A third-party has been contracted to perform a penetration test on a company's public web servers. The testing company has been provided with the external IP addresses of the servers. Which of the following would describe this scenario?

1