SY0-701 exam

A company decided to reduce the cost of its annual cyber insurance policy by removing the coverage for ransomware attacks. Which of the following analysis elements did the company most likely use in making this decision?A . IMTTRB . RTOC . AROD . MTBFView AnswerAnswer: C Explanation: ARO (Annualized Rate...

A company is developing a business continuity strategy and needs to determine how many staff members would be required to sustain the business in the case of a disruption. Which of the following best describes this step?A . Capacity planningB . RedundancyC . Geographic dispersionD . Tablet exerciseView AnswerAnswer: A...

A newly appointed board member with cybersecurity knowledge wants the board of directors to receive a quarterly report detailing the number of incidents that impacted the organization. The systems administrator is creating a way to present the data to the board of directors. Which of the following should the systems...

A security practitioner completes a vulnerability assessment on a company’s network and finds several vulnerabilities, which the operations team remediates. Which of the following should be done next?A . Conduct an audit.B . Initiate a penetration test.C . Rescan the network.D . Submit a report.View AnswerAnswer: C Explanation: After completing...

An organization’s internet-facing website was compromised when an attacker exploited a buffer overflow. Which of the following should the organization deploy to best protect against similar attacks in the future?A . NGFWB . WAFC . TLSD . SD-WANView AnswerAnswer: B Explanation: A buffer overflow is a type of software vulnerability...

A company prevented direct access from the database administrators’ workstations to the network segment that contains database servers. Which of the following should a database administrator use to access the database servers?A . Jump serverB . RADIUSC . HSMD . Load balancerView AnswerAnswer: A Explanation: A jump server is a...

Which of the following vulnerabilities is associated with installing software outside of a manufacturer’s approved software repository?A . JailbreakingB . Memory injectionC . Resource reuseD . Side loadingView AnswerAnswer: D Explanation: Side loading is the process of installing software outside of a manufacturer’s approved software repository. This can expose the...

Which of the following security control types does an acceptable use policy best represent?A . DetectiveB . CompensatingC . CorrectiveD . PreventiveView AnswerAnswer: D Explanation: An acceptable use policy (AUP) is a set of rules that govern how users can access and use a corporate network or the internet. The...

During an investigation, an incident response team attempts to understand the source of an incident. Which of the following incident response activities describes this process?A . AnalysisB . Lessons learnedC . DetectionD . ContainmentView AnswerAnswer: A Explanation: Analysis is the incident response activity that describes the process of understanding the...

After a company was compromised, customers initiated a lawsuit. The company's attorneys have requested that the security team initiate a legal hold in response to the lawsuit. Which of the following describes the action the security team will most likely be required to take?A . Retain the emails between the...