SY0_701_100

To improve the security at a data center, a security administrator implements a CCTV system and posts several signs about the possibility of being filmed- Which of the following best describe these types of controls? (Choose two.). preventive. Deterrent. Corrective. Directive. Compensating. Detective.

A user would like to install software and features that are not available with a smartphone's default software. Which of the following would allow the user to install unauthorized software and enable new features?. SQLi. Cross-site scripting. Jailbreaking. Side loading.

After conducting a vulnerability scan, a systems administrator notices that one of the identified vulnerabilities is not present on the systems that were scanned. Which of the following describes this example?. False positive. False negative. True positive. True negative.

Which of the following phases of an incident response involves generating reports?. Recovery. Preparation. Lessons leamed. Containment.

Which of the following is a feature of a next-generation SIEM system?. Virus signatures. Automated response actions. Security agent deployment. Vulnerability scanning.

A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?. Accept. Transfer. Mitigate. Avoid.

Which of the following is the most likely to be used to document risks, responsible parties, and thresholds?. Risk tolerance. Risk transfer. Risk register. Risk analysis.

Which of the following examples would be best mitigated by input sanitization?. <script> alert ( "Warning !”) ;</script>. nmap - 10.11.1.130. Email message: "Click this to get your free gift card.". Browser message: 'Your connection is not private.".

Which of the following methods would most likely be used to identify legacy systems?. Bug bounty program. Vulnerability scan. Package monitoring. Dynamic analysis.

Which of the following threat vectors is most commonly utilized by insider threat actors attempting data exfiltration?. Unidentified removable devices. Default network device credentials. Spear phishing emails. Impersonation of business units through typosquatting.

A systems administrator notices that the research and development department is not using the company VPN when accessing various company-related services and systems. Which of the following scenarios describes this activity?. Espionage. Data exfiltration. Nation-state attack. Shadow IT.

A recent penetration test identified that an attacker could fiood the MAC address table of network switches. Which of the following would best mitigate this type of attack?. Load balancer. Port security. IPS. NGFW.

Which of the following agreement types defines the time frame in which a vendor needs to respond?. SOW. SLA. MOA. MOU.

An attacker posing as the Chief Executive Officer calls an employee and instructs the employee to buy gift cards. Which of the following techniques is the attacker using?. Smishing. Disinformation. Impersonating. Whaling.

A security analyst developed a script to automate a trivial and repeatable task- Which of the following best describes the benefits of ensuring Other team members understand how the script works?. To reduce implementation cost. To identify complexity. To remediate technical debt. To prevent a single point of failure.

A Chief Information Security Officer would like to conduct frequent, detailed reviews of systems and procedures to track compliance objectives. Which of the following will be the best method to achieve this objective?. Third-party attestation. Penetration testing. Internal auditing. Vulnerability scans.

A company allows customers to upload PDF documents to its public e-commerce website. Which of the following would a security analyst most likely recommend?. Utilizing attack signatures in an IDS. Enabling malware detection through a UTM. Limiting the affected servers with a load balancer. Blocking command injections via a WAF.

An administrator needs to perform server hardening before deployment. Which of the following steps should the administrator take? (Choose two.). Disable default accounts. Add the sever to the asset inventory. Remove unnecessary services. Document default passwords. Send server logs to the SIEM. Join the server to the corporate domain.

Employees located off-site must have access to company resources in order to complete their assigned tasks. These employees utilize a solution that allows remote access without interception concerns. Which of the following best describes this solution?. Proxy server. NGFW. VPN. Security zone.

An administrator at a small business notices an increase in support calls from employees who receive a blocked page message after trying to navigate to a spoofed website. Which of the following should the administrator do?. Deploy multifactor authentication. Decrease the level of the web filter settings. Implement security awareness training. Update the acceptable use policy.

After creating a contract for IT contractors, the human resources department changed several clauses. The contract has gone through three revisions. Which of the following processes should the human resources department follow to track revisions?. Version validation. Version changes. Version updates. Version control.

The executive management team is mandating the company develop a disaster recovery plan- The cost must be kept to a minimum, and the money to fund additional internet connections is not available. Which of the following would be the best option?. Hot site. Cold site. Failover site. Warm site.

A company is decommissioning its physical servers and replacing them with an architecture that will reduce the number of individual operating systems. Which of the following strategies should the company use to achieve this security requirement?. Microservices. Containerization. Virtualization. Infrastructure as code.

Which of the following security concepts is accomplished with the installation of a RADIUS server?. CIA. AAA. ACL. PEM.

A network engineer deployed a redundant switch stack to increase system availability. However, the budget can only cover the cost of one ISP connection. Which of the following best describes the potential risk factor?. The equipment MTBF is unknown. The ISP has no SLA. An RPO has not been determined. There is a single point of failure.

Which of the following best describes the risk present after controls and mitigating factors have been applied?. Residual. Avoided. Inherent. Operational.

An organization completed a project to deploy SSO across all business applications last year- Recently, the finance department selected a new cloud-based accounting software vendor. Which of the following should most likely be configured during the new software deployment?. RADIUS. SAML. EAP. OpenlD.

Which of the following teams is best suited to determine whether a company has systems that can be exploited by a potential, identified vulnerability?. Purple team. Blue team. Red team. White team.

A user, who is waiting for a flight at an airport, logs in to the airline website using the public Wi-Fi, ignores a security warning and purchases an upgraded seat. When the flight lands, the user finds unauthorized credit card charges. Which of the following attacks most likely occurred?. Replay attack. Memory leak. Buffer overflow attack. On-path attack.

Which of the following methods can be used to detect attackers who have successfully infiltrated a network? (Choose two.). Tokenization. CVCD. Honeypots. Threat modeling. DNS sinkhole. Data obfuscation.

A threat actor was able to use a username and password to log in to a stolen company mobile device. Which of the following provides the best solution to increase mobile data security on all employees' company mobile devices?. Application management. Full disk encryption. Remote wipe. Containerization.

A network team segmented a critical, end-of-life sever to a VLAN that can only be reached by specific devices but cannot be reached by the perimeter network. Which of the following best describe the controls the team implemented? (Choose two.). Managerial. physical. Corrective. Detective. Compensating. Technical. Deterrent.

A company is reviewing options to enforce user logins after several account takeovers. The following conditions must be met as part of the solution: Allow employees to work remotely or from assigned offices around the world. • Provide a seamless login experience. • Limit the amount of equipment required. Which of the following best meets these conditions?. Trusted devices. Geotagging. Smart cards. Time-based logins.

A company wants to ensure that the software it develops will not be tampered with after the final version is completed. Which of the following should the company most likely use?. Hashing. Encryption. Baselines. Tokenization.

Which of the following best describes a use case for a DNS sinkhole?. Attackers can see a DNS sinkhole as a highly valuable resource to identify a company’s domain structure. A DNS sinkhole can be used to draw employees away from known-good websites to malicious ones owned by the attacker. A DNS sinkhole can be used to capture traffic to known-malicious domains used by attackers. A DNS sinkhole can be set up to attract potential attackers away from a company/s network resources.

Which of the following considerations is the most important regarding cryptography used in an IOT device?. Resource constraints. Available bandwidth. The use of block ciphers. The compatibility of the TLS version.

Which of the following most likely describes why a security engineer would configure all outbound emails to use S/MIME digital signatures?. To meet compliance standards. To increase delivery rates. To block phishing attacks. To ensure non-repudiation.

A software development team asked a security administrator to recommend techniques that should be used to reduce the chances of the software being reverse engineered. Which of the following should the security administrator recommend?. Digitally signing the software. Performing code obfuscation. Limiting the use of third-party libraries. Using compile flags.

A user downloaded software from an online forum- After the user installed the software, the security team observed exteral network traffic connecting to the uses computer on an uncommon port. Which of the following is the most likely explanation of this unauthorized connection?. The software had a hidden keylogger. The software was ransomware. The user’s computer had a fileless virus. The software contained a backdoor.

Easy-to-guess passwords led to an account compromise. The current password policy requires at least 12 alphanumeric characters, one uppercase character, one Iowercase character, a password history of two passwords, a minimum password age of one day, and a maximum password age of 90 days. Which of the following would reduce the risk of this incident from happening again? (Choose two.). Increasing the minimum password length to 14 characters. Upgrading the password hashing algorithm from MD5 to SHA-512. Increasing the maximum password age to 120 days. Reducing the minimum password length to ten characters. Reducing the minimum password age to zero days. Including a requirement for at least one special character.

An incident analyst finds several image files on a hard disk. The image files may contain geolocation coordinates. Which of the following best describes the type of information the analyst is trying to extract from the image files?. Log data. Metadata. Encrypted data. Sensitive data.

During a recent company safety stand-ciown, the cyber-awareness team gave a presentation on the importance of cyber hygiene. One topic the team covered was practices for printing centers. Which of the following describes an attack method that relates to printing centers?. Whaling. Credential harvesting. Prepending. Dumpster diving.

A utility company is designing a new platform that will host all the virtual machines used by business applications. The requirements include: A starting baseline of 50% memory utilization Storage scalability Single circuit failure resilience Which of the following best meets all of these requirements?. Connecting dual PDUs to redundant power supplies. Transitioning the platform to an laaS provider. Configuring network load balancing for multiple paths. Deploying multiple large NAS devices for each host.

Which of the following is a possible factor for MFAQ?. Something you exhibit. Something you have. Somewhere you are. Someone you know.