Tag - SY0-701 exam

Which of the following would be the best way to block unknown programs from executing?A . Access control listB . Application allow list.C . Host-based firewallD . DLP solutionView AnswerAnswer: B Explanation: An application allow list is a security technique that specifies which applications are permitted to run on a...

A company requires hard drives to be securely wiped before sending decommissioned systems to recycling. Which of the following best describes this policy?A . EnumerationB . SanitizationC . DestructionD . InventoryView AnswerAnswer: B Explanation: Sanitization is the process of removing sensitive data from a storage device or a system before...

Which of the following security control types does an acceptable use policy best represent?A . DetectiveB . CompensatingC . CorrectiveD . PreventiveView AnswerAnswer: D Explanation: An acceptable use policy (AUP) is a set of rules that govern how users can access and use a corporate network or the internet. The...

Which of the following provides the details about the terms of a test with a third-party penetration tester?A . Rules of engagementB . Supply chain analysisC . Right to audit clauseD . Due diligenceView AnswerAnswer: A Explanation: Rules of engagement are the detailed guidelines and constraints regarding the execution of...

An administrator notices that several users are logging in from suspicious IP addresses. After speaking with the users, the administrator determines that the employees were not logging in from those IP addresses and resets the affected users’ passwords. Which of the following should the administrator implement to prevent this type...

A company prevented direct access from the database administrators’ workstations to the network segment that contains database servers. Which of the following should a database administrator use to access the database servers?A . Jump serverB . RADIUSC . HSMD . Load balancerView AnswerAnswer: A Explanation: A jump server is a...

4.9. A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization’s network. Which of the following fulfills this request?A . access-list inbound deny ig source 0.0.0.0/0 destination 10.1.4.9/32B . access-list inbound deny ig source 10.1.4.9/32 destination 0.0.0.0/0C . access-list inbound permit ig...

A client asked a security company to provide a document outlining the project, the cost, and the completion time frame. Which of the following documents should the company provide to the client?A . MSAB . SLAC . BPAD . SOWView AnswerAnswer: D Explanation: An ISOW is a document that outlines...

A company is required to use certified hardware when building networks. Which of the following best addresses the risks associated with procuring counterfeit hardware?A . A thorough analysis of the supply chainB . A legally enforceable corporate acquisition policyC . A right to audit clause in vendor contracts and SOWsD...

A company is expanding its threat surface program and allowing individuals to security test the company’s internet-facing application. The company will compensate researchers based on the vulnerabilities discovered. Which of the following best describes the program the company is setting up?A . Open-source intelligenceB . Bug bountyC . Red teamD...