SY0-701 exam

Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?A . Compensating controlB . Network segmentationC . Transfer of riskD . SNMP trapsView AnswerAnswer: A Explanation: A compensating control is a security measure that is implemented...

An employee clicked a link in an email from a payment website that asked the employee to update contact information. The employee entered the log-in information but received a “page not found” error message. Which of the following types of social engineering attacks occurred?A . Brand impersonationB . PretextingC ....

A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?A . AcceptB . TransferC . MitigateD . AvoidView AnswerAnswer: B Explanation: Cyber insurance is a type of insurance that covers the financial losses and liabilities that result from cyberattacks,...

An administrator discovers that some files on a database server were recently encrypted. The administrator sees from the security logs that the data was last accessed by a domain user. Which of the following best describes the type of attack that occurred?A . Insider threatB . Social engineeringC . Watering-holeD...

A systems administrator receives the following alert from a file integrity monitoring tool: The hash of the cmd.exe file has changed. The systems administrator checks the OS logs and notices that no patches were applied in the last two months. Which of the following most likely occurred?A . The end...

During an investigation, an incident response team attempts to understand the source of an incident. Which of the following incident response activities describes this process?A . AnalysisB . Lessons learnedC . DetectionD . ContainmentView AnswerAnswer: A Explanation: Analysis is the incident response activity that describes the process of understanding the...

Which of the following must be considered when designing a high-availability network? (Select two).A . Ease of recoveryB . Ability to patchC . Physical isolationD . ResponsivenessE . Attack surfaceF . Extensible authenticationView AnswerAnswer: AE Explanation: A high-availability network is a network that is designed to minimize downtime and ensure...

A cyber operations team informs a security analyst about a new tactic malicious actors are using to compromise networks. SIEM alerts have not yet been configured. Which of the following best describes what the security analyst should do to identify this behavior?A . [Digital forensicsB . E-discoveryC . Incident responseD...

A security practitioner completes a vulnerability assessment on a company’s network and finds several vulnerabilities, which the operations team remediates. Which of the following should be done next?A . Conduct an audit.B . Initiate a penetration test.C . Rescan the network.D . Submit a report.View AnswerAnswer: C Explanation: After completing...

Which of the following is the most likely to be used to document risks, responsible parties, and thresholds?A . Risk toleranceB . Risk transferC . Risk registerD . Risk analysisView AnswerAnswer: C Explanation: A risk register is a document that records and tracks the risks associated with a project, system,...