Tag - SY0-701 exam

Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?A . HacktivistB . WhistleblowerC . Organized crimeD . Unskilled attackerView AnswerAnswer: C Explanation: Organized crime is a type of threat actor that is motivated by...

Which of the following would be the best way to block unknown programs from executing?A . Access control listB . Application allow list.C . Host-based firewallD . DLP solutionView AnswerAnswer: B Explanation: An application allow list is a security technique that specifies which applications are permitted to run on a...

While troubleshooting a firewall configuration, a technician determines that a “deny any” policy should be added to the bottom of the ACL. The technician updates the policy, but the new policy causes several company servers to become unreachable. Which of the following actions would prevent this issue?A . Documenting the...

4.9. A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization’s network. Which of the following fulfills this request?A . access-list inbound deny ig source 0.0.0.0/0 destination 10.1.4.9/32B . access-list inbound deny ig source 10.1.4.9/32 destination 0.0.0.0/0C . access-list inbound permit ig...

Which of the following can be used to identify potential attacker activities without affecting production servers?A . Honey potB . Video surveillanceC . Zero TrustD . GeofencingView AnswerAnswer: A Explanation: A honey pot is a system or a network that is designed to mimic a real production server and attract...

An organization’s internet-facing website was compromised when an attacker exploited a buffer overflow. Which of the following should the organization deploy to best protect against similar attacks in the future?A . NGFWB . WAFC . TLSD . SD-WANView AnswerAnswer: B Explanation: A buffer overflow is a type of software vulnerability...

An organization is building a new backup data center with cost-benefit as the primary requirement and RTO and RPO values around two days. Which of the following types of sites is the best for this scenario?A . Real-time recoveryB . HotC . ColdD . WarmView AnswerAnswer: C Explanation: A cold...

A cyber operations team informs a security analyst about a new tactic malicious actors are using to compromise networks. SIEM alerts have not yet been configured. Which of the following best describes what the security analyst should do to identify this behavior?A . [Digital forensicsB . E-discoveryC . Incident responseD...

Which of the following enables the use of an input field to run commands that can view or manipulate data?A . Cross-site scriptingB . Side loadingC . Buffer overflowD . SQL injectionView AnswerAnswer: D Explanation: = SQL injection is a type of attack that enables the use of an input...

A security analyst is reviewing the following logs: Which of the following attacks is most likely occurring?A . Password sprayingB . Account forgeryC . Pass-t he-hashD . Brute-forceView AnswerAnswer: A Explanation: Password spraying is a type of brute force attack that tries common passwords across several accounts to find a...