SY0_701_100 Part 4

An administrator is creating a secure method for a contractor to access a test environment. Which of the following would provide the contractor with the best access to the test environment?. Application server. Jump sever. RDP server. Proxy server.

A company is considering an expansion of access controls for an application that contractors and internal employees use to reduce costs. Which of the following risk elements should the implementation team understand before granting access to the application?. Threshold. Appetite. Avoidance. Register.

Which of the following is the act of proving to a customer that software developers are trained on secure coding?. Assurance. Contract. Due diligence. Attestation.

A company relies on open-source software libraries to build the software used by its customers. Which of the following vulnerability types would be the most difficult to remediate due to the company's reliance on open-source libraries?. Buffer overflow. SQL injection. Cross-site scripting. Zero-day.

Which of the following is the stage in an investigating when forensic images are obtained?. Acquisition. Personation. Reporting. E-discovery.

A security report shows that during a two-week test period, 80% of employees unwittingly disclosed their SSO credentials when accessing an external website. The organization purposely created the website to simulate a cost-free password complexity test. Which of the following would best help reduce the number of visits to similar websites in the future?. Block all outbound traffic from the intranet. Introduce a campaign to recognize phishing attempts. Restrict internet access for the employees who disclosed credentials. Implement a deny list of websites.

A Chief Information Security Officer (CISO) has developed information security policies that relate to the software development methodology. Which of the following would the CISO most likely include in the organization's documentation?. Peer review requirements. Multifactor authentication. Branch protection tests. Secrets management configurations.

An organization has a new regulatory requirement to implement corrective controls on a financial system. Which of the following is the most likely reason for the new requirement?. To defend against insider threats altering banking details. To ensure that errors are not passed to other systems. To allow for business insurance to be purchased. To prevent unauthorized changes to financial data.

A security analyst created a fake account and saved the password in a non-readily accessible directory in a spreadsheet. An alert was also configured to notify the security team if the spreadsheet is opened. Which of the following best describes the deception method being deployed?. Honeypot. Honeyfile. Honeytoken. Honeynet.

Which of the following describes the difference between encryption and hashing?. Encryption protects data in transit, while hashing protects data at rest. Encryption replaces cleartext with cleartext, while hashing calculates a checksum. Encryption ensures data integrity, while hashing ensures data confidentiality. Encryption uses a exchange, while hashing uses a private key.

To which of the following security categories does an EDR solution belong?. physical. Operational. Managerial. Technical.

An organization is developing a security program that conveys the responsibilities associated with the general operation of systems and software within the organization. Which of the following documents would most likely communicate these expectations?. Business continuity plan. Change management procedure. Acceptable use policy. Software development life cycle policy.

A security analyst notices unusual behavior on the network. The IDS on the network was not able to detect the activities. Which of the following should the security analyst use to help the IDS detect such attacks in the future?. Signatures. Trends. Honeypot. Reputation.

Which of the following is prevented by proper data sanitization?. Hackers' ability to obtain data from used hard drives. Devices reaching end-of-life and losing support. Disclosure of sensitive data through incorrect classification. Incorrect inventory data leading to a laptop shortage.

Which of the following can best contribute to prioritizing patch applications?. CVSS. SCAP. OSINT. CVE.

A company's gate access logs show multiple entries from an employee's ID badge within a two-minute period. Which of the following is this an example of?. RFID cloning. Side-channel attack. Shoulder surfing. Tailgating.

Which of the following is the best way to provide secure, remote access for employees while minimizing the exposure of a company's internal network?. VPN. LDAP. FTP. RADIUS.

While conducting a business continuity tabletop exercise, the security team becomes concerned by potential impact if a generator was to develop a fault during failover. Which of the following is the team most likely to consider in regard to risk management activities?. RPO. ARO. BIA. MTTR.

A company wants to track modifications to the code that is used to build new virtual servers. Which of the following will the company most likely deploy?. Change management ticketing system. Behavioral analyzer. Collaboration platform. Version control tool.

A systems administrator creates a script that validates OS version, patch levels, and installed applications when users log in- Which of the following examples best describes the purpose of this script?. Resource scaling. Policy enumeration. Baseline enforcement. Guard rails implementation.

Which of the following documents details how to accomplish a technical security task?. Standard. Policy. Guideline. Procedure.

A security analyst learns that an attack vector, which was used as a part of a recent incident, was a well-known IOT device exploit. The analyst needs to review logs to identify the time of initial exploit. Which of the following logs should the analyst review first?. Endpoint. Application. Firewall. NAC.

A certificate authority needs to post information about expired certificates. Which of the following would accomplish this task?. TPM. CRL. PKI. CSR.

An administrator must replace an expired SSL certificate. Which of the following does the administrator need to create the new SSL certificate?. CSR. OCSP. Key. CRL.

A security analyst needs to improve the company's authentication policy following a password audit. Which of the following should be included in the policy? (Choose two.). Length. Complexity. Least privilege. Something you have. Security keys. Biometrics.

Which of the following most accurately describes the order in which a security engineer should implement secure baselines?. Deploy, maintain, establish. Establish, maintain, deploy. Establish, deploy, maintain. Deploy, establish, maintain.

A systems administrator receives a text message from an unknown number claiming to be the Chief Executive Officer of the company. The message states an emergency situation requires a password reset. Which of the following threat vectors is being used?. Typosquatting. Smishing. Pretexting. Impersonation.

A company evaluates several that would allow employees to have remote access to the network. The security team wants to ensure the solution includes AAA to comply with internal security policies. Which of the following should the security team recommend?. IPSec with RADIUS. RDP connection with LDAPS. Web proxy for all remote traffic. Jump server with 802. IX.

A company is aware of a given security risk related to a specific market segment- The business chooses not to accept responsibility and target their services to a different market segment. Which of the following describes this risk management strategy?. Exemption. Exception. Avoid. Transfer.

Which of the following is an example of a treatment strategy for a continuous risk?. Email gateway to block phishing. Background checks for new employees. Dual control requirements for wire transfers. Branch protection as part of the CI/CD pipeline.

A Chief Information Security Officer (CISO) wants to: • Prevent employees from downloading malicious content. • Establish controls based on departments and users. • Map internet access for business applications to specific service accounts. • Restrict content based on categorization. Which of the following should the CSO implement?. Web application firewall. Secure DNS server. Jump sever. Next-generation firewall.

Which of the following is a reason environmental variables are a concern when reviewing potential system vulnerabilities?. The contents of environmental variables could affect the scope and impact of an exploited vulnerability. In-memory environmental variable values can be overwritten and used by attackers to insert malicious code. Environmental variables define cryptographic standards for the system and could create vulnerabilities if deprecated algorithms are used. Environmental variables will determine when updates are run and could mitigate the likelihood of vulnerability exploitation.

A SOC analyst establishes a remote control session on an end user's machine and discovers the following in a file: image Which of the following actions should the SOC analyst perform first?. Advise the user to change passwords. Reimage the end user's machine. Check the policy on personal email at work. Check host firewall logs.

An organization is preparing to export proprietary software to a customer. Which of the following would be the best way to prevent the loss of intellectual property?. Code signing. Obfuscation. Tokenization. Blockchain.

In which of the following will unencrypted network traffic most likely be found?. SDN. IoT. VPN. SCADA.

Which of the following should be used to ensure a device is inaccessible to a network connected resource?. Disablement of unused services. Web application firewall. Host isolation. Network-based IDS.

The internal audit team determines a software application is no longer in scope for external reporting requirements. Which of the following will confirm that the application is no longer applicable?. Data inventory and retention. Right to be forgotten. Due care and due diligence. Acknowledgement and attestation.

Which of the following is used to improve security and overall functionality without losing critical application data?. Reformatting. Decommissioning. Patching. Encryption.

Which of the following is a use of CVSS?. To determine the cost associated with patching systems. To identify' unused ports and services that should be closed. To analyze code for defects that could be exploited. To prioritize the remediation of vulnerabilities.

Which of the following is the best reason to perform a tabletop exercise?. To address audit findings. To collect remediation response times. To update the IRP. To calculate the ROI.

Prior to implementing a design change, the change must go through multiple steps to ensure that it does not cause any security issues. Which of the following is most likely to be one of those steps?. Board review. Service restart. Backout planning. Maintenance.

An organization wants to deploy software in a container environment to increase security. Which of the following would limit the organization's ability to achieve this goal?. Regulatory compliance. Patch availability. Kemel version. Monolithic code.

Which of the following are the first steps an analyst should perform when developing a heat map? (Choose two.). Methodically walk around the office noting Wi-Fi signal strength. Log in to each access point and check the settings. Create or obtain a layout of the office. Measure cable lengths between access points. Review access logs to determine the most active devices. Remove possible impediments to radio transmissions.