Tag - SY0-701 exam

A company’s web filter is configured to scan the URL for strings and deny access when matches are found. Which of the following search strings should an analyst employ to prohibit access to non-encrypted websites?A . encryption=offB . http://C . www.*.comD . :443View AnswerAnswer: B Explanation: A web filter is...

A technician needs to apply a high-priority patch to a production system. Which of the following steps should be taken first?A . Air gap the system.B . Move the system to a different network segment.C . Create a change control request.D . Apply the patch to the system.View AnswerAnswer: C...

A technician wants to improve the situational and environmental awareness of existing users as they transition from remote to in-office work. Which of the following is the best option?A . Send out periodic security reminders.B . Update the content of new hire documentation.C . Modify the content of recurring training....

The management team notices that new accounts that are set up manually do not always have correct access or permissions. Which of the following automation techniques should a systems administrator use to streamline account creation?A . Guard rail scriptB . Ticketing workflowC . Escalation scriptD . User provisioning scriptView AnswerAnswer:...

A U.S.-based cloud-hosting provider wants to expand its data centers to new international locations. Which of the following should the hosting provider consider first?A . Local data protection regulationsB . Risks from hackers residing in other countriesC . Impacts to existing contractual obligationsD . Time zone differences in log correlationView...

A security analyst is reviewing alerts in the SIEM related to potential malicious network traffic coming from an employee’s corporate laptop. The security analyst has determined that additional data about the executable running on the machine is necessary to continue the investigation. Which of the following logs should the analyst...

A security analyst and the management team are reviewing the organizational performance of a recent phishing campaign. The user click-through rate exceeded the acceptable risk threshold, and the management team wants to reduce the impact when a user clicks on a link in a phishing message. Which of the following...

A penetration tester begins an engagement by performing port and service scans against the client environment according to the rules of engagement. Which of the following reconnaissance types is the tester performing?A . ActiveB . PassiveC . DefensiveD . OffensiveView AnswerAnswer: A Explanation: Active reconnaissance is a type of reconnaissance...

An administrator was notified that a user logged in remotely after hours and copied large amounts of data to a personal device. Which of the following best describes the user’s activity?A . Penetration testingB . Phishing campaignC . External auditD . Insider threatView AnswerAnswer: D Explanation: An insider threat is...

An analyst is evaluating the implementation of Zero Trust principles within the data plane. Which of the following would be most relevant for the analyst to evaluate?A . Secured zonesB . Subject roleC . Adaptive identityD . Threat scope reductionView AnswerAnswer: D Explanation: The data plane, also known as the...