Log in
Sign up for FREE
arrow_back
Library

SY0-701 Practice B

star
star
star
star
star
Last updated over 1 year ago
114 questions
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
Question 1
1.

Match the certificate characteristic to the description: This is a file containing a list of the revoked certificates. Maintained by the associated certificate authority.

Question 2
2.

Match the certificate characteristic to the description: This is sent with the public key to the certificate authority. Once verified, the CA will digitally sign the public key certificate.

Question 3
3.

Match the certificate characteristic to the description: This is the administrative control for any public key infrastructure deployment.

Question 4
4.

Match the certificate characteristic to the description: This is a protocol used by the browser to check the revocation status of a certificate.

Question 5
5.

An organization is deploying a mobile app to its sales team in the field. The application will be accessed from tablets for remote team members and a browser-based front-end on desktops for corporate office users. The application contains sensitive customer information, and two forms of authentication are required to launch the application. Select the best security features for the following platform: Tablet for Field Sales

Question 6
6.

An organization is deploying a mobile app to its sales team in the field. The application will be accessed from tablets for remote team members and a browser-based front-end on desktops for corporate office users. The application contains sensitive customer information, and two forms of authentication are required to launch the application. Select the best security features for the following platform: Desktop with Browser-based Front-end

Question 7
7.

What is the first phase in incident response?

Question 8
8.

What is the second phase in incident response?

Question 9
9.

What is the third phase in incident response?

Question 10
10.

What is the fourth phase in incident response?

Question 11
11.

What is the fifth phase in incident response?

Question 12
12.

What is the sixth phase in incident response?

Question 13
13.

What is the final phase in incident response?

Question 14
14.

Match the security technology to the implementation: Store a password on an authentication server.

Question 15
15.

Match the security technology to the implementation: Verify a sender's identity.

Question 16
16.

Match the security technology to the implementation: Authenticate the server sending an email.

Question 17
17.

Match the security technology to the implementation: Prevent data corruption when a system fails.

Question 18
18.

Match the security technology to the implementation: Modify a script to make it difficult to understand.

Question 19
19.

Match the security technology to the implementation: Store keys with a third-party.

Question 20
20.

Select the data state that best fits the description: All switches in a data center are connected with an 802.1Q trunk.

Question 21
21.

Select the data state that best fits the description: Sales information is uploaded daily from a remote site using a satellite network.

Question 22
22.

Select the data state that best fits the description: A company stores customer purchase information in a MySQL database.

Question 23
23.

Select the data state that best fits the description: An application decrypts credit card numbers and expiration dates to validate for approval.

Question 24
24.

Select the data state that best fits the description: An authentication program performs a hash of all passwords.

Question 25
25.

Select the data state that best fits the description: An IPS identifies a SQL injection attack and removes the attack frames from the network.

Question 26
26.

Select the data state that best fits the description: An automatic teller machine validates a user's PIN before allowing a deposit.

Question 27
27.

Select the data state that best fits the description: Each time a spreadsheet is updated, all of the cells containing formulas are automatically updated.

Question 28
28.

Select the data state that best fits the description: All weekly backup tapes are transported to an offsite storage facility.

Question 29
29.

Select the data state that best fits the description: All user spreadsheets are stored on a cloud-based file sharing service.

Question 30
30.

A security administrator has performed an audit of the organization’s production web servers, and the results have identified default configurations, web services running from a privileged account, and inconsistencies with SSL certificates. Which of the following would be the BEST way to resolve these issues?

Question 31
31.

A shipping company stores information in small regional warehouses around the country. The company maintains an IPS at each warehouse to watch for suspicious traffic patterns. Which of the following would BEST describe the security control used at the warehouse?

Question 32
32.

The Vice President of Sales has asked the IT team to create daily backups of the sales data. The Vice President is an example of a:

Question 33
33.

A security engineer is preparing to conduct a penetration test of a third-party website. Part of the preparation involves reading through social media posts for information about this site. Which of the following describes this practice?

Question 34
34.

A company would like to orchestrate the response when a virus is detected on company devices. Which of the following would be the BEST way to implement this function?

Question 35
35.

A user in the accounting department has received a text message from the CEO. The message requests payment by cryptocurrency for a recently purchased tablet. Which of the following would BEST describe this attack?

Question 36
36.

A company has been informed of a hypervisor vulnerability that could allow users on one virtual machine to access resources on another virtual machine. Which of the following would BEST describe this vulnerability?

Question 37
37.

While working from home, users are attending a project meeting over a web conference. When typing in the meeting link, the browser is unexpectedly directed to a different website than the web conference. Users in the office do not have any issues accessing the conference site. Which of the following would be the MOST likely reason for this issue?

Question 38
38.

A company is launching a new internal application that will not start until a username and password is entered and a smart card is plugged into the computer. Which of the following BEST describes this process?

Question 39
39.

An online retailer is planning a penetration test as part of their PCI DSS validation. A third-party organization will be performing the test, and the online retailer has provided the Internet-facing IP addresses for their public web servers. No other details were provided. What penetration testing methodology is the online retailer using?

Question 40
40.

A manufacturing company produces radar used by commercial and military organizations. A recently proposed policy change would allow the use of mobile devices inside the facility. Which of the following would be the MOST significant threat vector issue associated with this change in policy?

Question 41
41.

Which of the following would be the BEST way for an organization to verify the digital signature provided by an external email server?

Question 42
42.

A company is using older operating systems for their web servers and are concerned of their stability during periods of high use. Which of the following should the company use to maximize the uptime and availability of this service?

Question 43
43.

A user in the accounting department would like to email a spreadsheet with sensitive information to a list of third-party vendors. Which of the following would be the BEST way to protect the data in this email?

Question 44
44.

A system administrator would like to segment the network to give the marketing, accounting, and manufacturing departments their own private network. The network communication between departments would be restricted for additional security. Which of the following should be configured on this network?

Question 45
45.

A technician at an MSP has been asked to manage devices on third-party private network. The technician needs command line access to internal routers, switches, and firewalls. Which of the following would provide the necessary access?

Question 46
46.

A transportation company is installing new wireless access points in their corporate office. The manufacturer estimates the access points will operate an average of 100,000 hours before a hardware-related outage. Which of the following describes this estimate?

Question 47
47.

A security administrator is creating a policy to prevent the disclosure of credit card numbers in a customer support application. Users of the application would only be able to view the last four digits of a credit card number. Which of the following would provide this functionality?

Question 48
48.

A user is authenticating through the use of a PIN and a fingerprint. Which of the following would describe these authentication factors?

Question 49
49.

A security administrator is configuring the authentication process used by technicians when logging into wireless access points and switches. Instead of using local accounts, the administrator would like to pass all login requests to a centralized database. Which of the following would be the BEST way to implement this requirement?

Question 50
50.

A recent audit has determined that many IT department accounts have been granted Administrator access. The audit recommends replacing these permissions with limited access rights. Which of the following would describe this policy?

Question 51
51.

A recent security audit has discovered usernames and passwords which can be easily viewed in a packet capture. Which of the following did the audit identify?

Question 52
52.

Before deploying a new application, a company is performing an internal audit to ensure all of their servers are configured with the appropriate security features. Which of the following would BEST describe this process?

Question 53
53.

An organization has previously purchased insurance to cover a ransomware attack, but the costs of maintaining the policy have increased above the acceptable budget. The company has now decided to cancel the insurance policies and address potential ransomware issues internally. Which of the following would best describe this action?

Question 54
54.

Which of these threat actors would be MOST likely to install a company's internal application on a public cloud provider?

Question 55
55.

An IPS report shows a series of exploit attempts were made against externally facing web servers. The system administrator of the web servers has identified a number of unusual log entries on each system. Which of the following would be the NEXT step in the incident response process?

Question 56
56.

A security administrator is viewing the logs on a laptop in the shipping and receiving department and identifies these events: 8:55:30 AM | D:\Downloads\ChangeLog-5.0.4.scr | Quarantine Success 9:22:54 AM | C:\Program Files\Photo Viewer\ViewerBase.dll | Quarantine Failure 9:44:05 AM | C:\Sales\Sample32.dat | Quarantine Success Which of the following would BEST describe the circumstances surrounding these events?

Question 57
57.

In the past, an organization has relied on the curated Apple App Store to avoid issues associated with malware and insecure applications. However, the IT department has discovered an iPhone in the shipping department with applications not available on the Apple App Store. How did the shipping department user install these apps on their mobile device?

Question 58
58.

A company has noticed an increase in support calls from attackers. These attackers are using social engineering to gain unauthorized access to customer data. Which of the following would be the BEST way to prevent these attacks?

Question 59
59.

As part of an internal audit, each department of a company has been asked to compile a list of all devices, operating systems, and applications in use. Which of the following would BEST describe this audit?

Question 60
60.

A company is concerned about security issues at their remote sites. Which of the following would provide the IT team with more information of potential shortcomings?

Question 61
61.

An attacker has identified a number of devices on a corporate network with the username of “admin” and the password of “admin.” Which of the following describes this situation?

Question 62
62.

A security administrator attends an annual industry convention with other security professionals from around the world. Which of the following attacks would be MOST likely in this situation?

Question 63
63.

A transportation company headquarters is located in an area with frequent power surges and outages. The security administrator is concerned about the potential for downtime and hardware failures. Which of the following would provide the most protection against these issues? Select TWO.

Question 64
64.

An organization has developed an in-house mobile device app for order processing. The developers would like the app to identify revoked server certificates without sending any traffic over the corporate Internet connection. Which of the following must be configured to allow this functionality?

Question 65
65.

A security administrator has been asked to build a network link to secure all communication between two remote locations. Which of the following would be the best choice for this task?

Question 66
66.

A Linux administrator has received a ticket complaining of response issues with a database server. After connecting to the server, the administrator views this information: Filesystem Size Used Avail Use% Mounted on /dev/xvda1 158G 158G 0 100% / Which of the following would BEST describe this information?

Question 67
67.

Which of the following can be used for credit card transactions from a mobile device without sending the actual credit card number across the network?

Question 68
68.

A security administrator receives a report each week showing a Linux vulnerability associated with a Windows server. Which of the following would prevent this information from appearing in the report?

Question 69
69.

Which of the following would a company use to calculate the loss of a business activity if a vulnerability is exploited?

Question 70
70.

An administrator is designing a network to be compliant with a security standard for storing credit card numbers. Which of the following would be the BEST choice to provide this compliance?

Question 71
71.

A company is accepting proposals for an upcoming project, and one of the responses is from a business owned by a board member. Which of the following would describe this situation?

Question 72
72.

A company has rolled out a new application that requires the use of a hardware-based token generator. Which of the following would be the BEST description of this access feature?

Question 73
73.

A company has signed an SLA with an Internet service provider. Which of the following would BEST describe the requirements of this SLA?

Question 74
74.

An attacker has created multiple social media accounts and is posting information in an attempt to get the attention of the media. Which of the following would BEST describe this attack?

Question 75
75.

Which of the following would be the BEST way to protect credit card account information when performing real-time purchase authorizations?

Question 76
76.

A company must comply with legal requirements for storing customer data in the same country as the customer's mailing address. Which of the following would describe this requirement?

Question 77
77.

A company is installing access points in all of their remote sites. Which of the following would provide confidentiality for all wireless data?

Question 78
78.

A security administrator has found a keylogger installed in an update of the company's accounting software. Which of the following would prevent the transmission of the collected logs?

Question 79
79.

A user in the marketing department is unable to connect to the wireless network. After authenticating with a username and password, the user receives this message: -- -- -- The connection attempt could not be completed. The Credentials provided by the server could not be validated. Radius Server: radius.example.com Root CA: Example.com Internal CA Root Certificate -- -- -- The access point is configured with WPA3 encryption and 802.1X authentication. Which of the following is the MOST likely reason for this login issue?

Question 80
80.

A security administrator has created a new policy prohibiting the use of MD5 hashes due to collision problems. Which of the following describes the reason for this new policy?

Question 81
81.

A security administrator has been tasked with hardening all internal web servers to control access from certain IP address ranges and ensure all transferred data remains confidential. Which of the following should the administrator include in his project plan? (Select TWO)

Question 82
82.

A security administrator has identified the installation of ransomware on a database server and has quarantined the system. Which of the following should be followed to ensure that the integrity of the evidence is maintained?

Question 83
83.

Which of the following would be the BEST option for application testing in an environment completely separated from the production network?

Question 84
84.

A security engineer is planning the installation of a new IPS. The network must remain operational if the IPS is turned off or disabled. Which of the following would describe this configuration?

Question 85
85.

Which of the following describes the process of hiding data from others by embedding the data inside of a different media type?

Question 86
86.

Which of the following vulnerabilities would be the MOST significant security concern when protecting against a hacktivist?

Question 87
87.

A company is installing a security appliance to protect the organization's web-based applications from attacks such as SQL injections and unexpected input. Which of the following would BEST describe this appliance?

Question 88
88.

Which of the following would be the BEST way to determine if files have been modified after the forensics data acquisition process has occurred?

Question 89
89.

A system administrator is implementing a password policy that would require letters, numbers, and special characters to be included in every password. Which of the following controls MUST be in place to enforce this password policy?

Question 90
90.

Which of the following would a company follow to deploy a weekly operating system patch?

Question 91
91.

Which of the following would be the MOST likely result of plaintext application communication?

Question 92
92.

A system administrator believes that certain configuration files on a Linux server have been modified from their original state. The administrator has reverted the configurations to their original state, but he would like to be notified if they are changed again. Which of the following would be the BEST way to provide this functionality?

Question 93
93.

A security administrator is updating the network infrastructure to support 802.1X. Which of the following would be the BEST choice for this configuration?

Question 94
94.

A company owns a time clock appliance, but the time clock doesn’t provide any access to the operating system and it doesn't provide a method to upgrade the firmware. Which of the following describes this appliance?

Question 95
95.

A company has deployed laptops to all employees, and each laptop is enumerated during each login. Which of the following is supported with this configuration?

Question 96
96.

A security manager believes that an employee is using their laptop to circumvent the corporate Internet security controls through the use of a cellular hotspot. Which of the following could be used to validate this belief? (Select TWO)

Question 97
97.

An application developer is creating a mobile device app that will require a true random number generator real-time memory encryption. Which of the following technologies would be the BEST choice for this app?

Question 98
98.

Which of the following would be a common result of a successful vulnerability scan?

Question 99
99.

When connected to the wireless network, users at a remote site receive an IP address which is not part of the corporate address scheme. Communication over this network is also slower than the wireless connections elsewhere in the building. Which of the following would be the MOST likely reason for these issues?

Question 100
100.

A company has identified a compromised server, and the security team would like to know if an attacker has used this device to move between systems. Which of the following would be the BEST way to provide this information?

Question 101
101.

A system administrator has protected a set of system backups with an encryption key. The system administrator used the same key when restoring files from this backup. Which of the following would BEST describe this encryption type?

Question 102
102.

A new malware variant takes advantage of a vulnerability in a popular email client. Once installed, the malware forwards all email attachments with credit card information to an external email address. Which of the following would limit the scope of this attack?

Question 103
103.

An organization has identified a security breach and has removed the affected servers from the network. Which of the following is the NEXT step in the incident response process?

Question 104
104.

A security administrator has been tasked with storing and protecting customer payment and shipping information for a three-year period. Which of the following would describe the source of this data?

Question 105
105.

Which of the following would be the main reasons why a system administrator would use a TPM when configuring full disk encryption? (Select TWO)

Question 106
106.

A security administrator is using an access control where each file or folder is assigned a security clearance level, such as “confidential” or “secret.” The security administrator then assigns a maximum security level to each user. What type of access control is used in this network?

Question 107
107.

A security administrator is reviewing a report showing a number of devices on internal networks are connecting with servers in the data center network. Which of the following security systems should be added to prevent internal systems from accessing data center devices?

Question 108
108.

A financial services company is headquartered in an area with a high occurrence of tropical storms and hurricanes. Which of the following would be MOST important when restoring services disabled by a storm?

Question 109
109.

A user in the mail room has reported an overall slowdown of his shipping management software. An anti-virus scan did not identify any issues, but a more thorough malware scan identified a kernel driver which is not part of the original operating system installation. Which of the following malware was installed on this system?

Question 110
110.

A virus scanner has identified a macro virus in a word processing file attached to an email. Which of the following information could be obtained from the metadata of this file?

Question 111
111.

When a person enters a data center facility, they must check-in before they are allowed to move further into the building. People who are leaving must be formally checked-out before they are able to exit the building. Which of the following would BEST facilitate this process?

Question 112
112.

A security administrator has discovered an employee exfiltrating confidential company information by embedding data within image files and emailing the images to a third-party. Which of the following would best describe this activity?

Question 113
113.

A third-party has been contracted to perform a penetration test on a company's public web servers. The testing company has been provided with the external IP addresses of the servers. Which of the following would describe this scenario?

Question 114
114.

Which of the following would be the best way to describe the estimated number of laptops that might be stolen in a fiscal year?