SY0-701 exam

A company is concerned about weather events causing damage to the server room and downtime. Which of the following should the company consider?A . Clustering serversB . Geographic dispersionC . Load balancersD . Off-site backupsView AnswerAnswer: B Explanation: Geographic dispersion is a strategy that involves distributing the servers or data...

Which of the following allows for the attribution of messages to individuals?A . Adaptive identityB . Non-repudiationC . AuthenticationD . Access logsView AnswerAnswer: B Explanation: Non-repudiation is the ability to prove that a message or document was sent or signed by a particular person, and that the person cannot deny...

Which of the following is the best way to consistently determine on a daily basis whether security settings on servers have been modified?A . AutomationB . Compliance checklistC . AttestationD . Manual auditView AnswerAnswer: A Explanation: Automation is the best way to consistently determine on a daily basis whether security...

A security team is reviewing the findings in a report that was delivered after a third party performed a penetration test. One of the findings indicated that a web application form field is vulnerable to cross-site scripting. Which of the following application security techniques should the security analyst recommend the...

Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?A . Compensating controlB . Network segmentationC . Transfer of riskD . SNMP trapsView AnswerAnswer: A Explanation: A compensating control is a security measure that is implemented...

HOTSPOT Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation. INSTRUCTIONS Not all attacks and remediation actions will be used. If at any time you would like to bring back the initial state of the simulation, please click the Reset All...

A company requires hard drives to be securely wiped before sending decommissioned systems to recycling. Which of the following best describes this policy?A . EnumerationB . SanitizationC . DestructionD . InventoryView AnswerAnswer: B Explanation: Sanitization is the process of removing sensitive data from a storage device or a system before...

A security manager created new documentation to use in response to various types of security incidents. Which of the following is the next step the manager should take?A . Set the maximum data retention policy.B . Securely store the documents on an air-gapped network.C . Review the documents' data classification...

An organization wants a third-party vendor to do a penetration test that targets a specific device. The organization has provided basic information about the device. Which of the following best describes this kind of penetration test?A . Partially known environmentB . Unknown environmentC . IntegratedD . Known environmentView AnswerAnswer: A...

A company is expanding its threat surface program and allowing individuals to security test the company’s internet-facing application. The company will compensate researchers based on the vulnerabilities discovered. Which of the following best describes the program the company is setting up?A . Open-source intelligenceB . Bug bountyC . Red teamD...