SY0_701_100 Part 8

Which of the following technologies assists in passively verifying the expired status of a digital certificate?. OCSP. CRL. TPM. CSR.

An organization needs to block certain information from view. Which of the following should the organization use to accomplish this task?. Obfuscation. Classification policy. Verification. Block rules.

Which of the following are examples of operational controls that would be appropriate to implement in an environment where financial processing activities occur? (Choose two.). Key escrow. Tokenization. Dual control. Mandatory vacations. Access badge readers. Biometrics.

Which of the following risk management strategies describes applying a compensating control to a device rather than patching?. Acceptance. Mitigation. Avoidance. Transference.

A Chief Information Security Officer has decided that purchasing insurance when the ALE of expected incidents exceeds SI million is the most cost-effective approach. Which of the following does the $1 million represent?. Risk indicator. Risk tolerance. Risk threshold. Risk exposure.

A Chief Information Officer wants to ensure that network devices cannot connect to the public interest and the local network to directly perform firmware UPdates. The IT team must manually perform the update process by using a portable device. Which of the following architecture types best fits this description?. Microservices. Air-gapped. Software-defined networking. Serverless.

Which of the following vulnerabilities would a nation-state attacker most likely exploit?. Zero-day. SQL injection. Buffer overflow. Cross-site scripting.

Which of the following factors must a systems administrator take into consideration first when reviewing options to remediate a vulnerability on an end-of-life software system in production?. Patch availability. Cost. Ease of rollback. Responsiveness.

The help desk receives multiple calls indicating that machines are running slowly when running enterprise applications. The help desk notes that the affected machines are out of compliance with the organization's OS baselines. Several users also report recent virus detection alerts. Which of the following mitigation techniques should the help desk consider first?. Patching. Segmentation. Monitoring. Isolation.

A technician is setting up a public-facing web sever and needs to ensure traffic is secure. Which of the following steps should the technician take to begin this process?. Domain validation. DNS filtering. Wildcard creation. CSR generation.

A company Phone with proprietary data used by an employee has been stolen. Which of the following can be used to remotely wipe the device?. MDM. MFD. NAC. DLP.

An analyst wants to move data from production to the UAT sever to test the latest release. Which of the following strategies to protect data should the analyst use?. Data masking. Data tokenization. Data obfuscation. Data encryption.

Visitors to a company/s facilities are connecting to the company’s corporate network Wi-Fi and open network ports. Which of the following should the security engineer implement to prevent this unauthorized access?. VPN. WPA3. NAC. HIDS.