SY0-701 exam

A newly appointed board member with cybersecurity knowledge wants the board of directors to receive a quarterly report detailing the number of incidents that impacted the organization. The systems administrator is creating a way to present the data to the board of directors. Which of the following should the systems...

Which of the following is used to add extra complexity before using a one-way data transformation algorithm?A . Key stretchingB . Data maskingC . SteganographyD . SaltingView AnswerAnswer: D Explanation: Salting is the process of adding extra random data to a password or other data before applying a one-way data...

A U.S.-based cloud-hosting provider wants to expand its data centers to new international locations. Which of the following should the hosting provider consider first?A . Local data protection regulationsB . Risks from hackers residing in other countriesC . Impacts to existing contractual obligationsD . Time zone differences in log correlationView...

An employee clicked a link in an email from a payment website that asked the employee to update contact information. The employee entered the log-in information but received a “page not found” error message. Which of the following types of social engineering attacks occurred?A . Brand impersonationB . PretextingC ....

Which of the following is a hardware-specific vulnerability?A . Firmware versionB . Buffer overflowC . SQL injectionD . Cross-site scriptingView AnswerAnswer: A Explanation: Firmware is a type of software that is embedded in a hardware device, such as a router, a printer, or a BIOS chip. Firmware controls the basic...

A company’s web filter is configured to scan the URL for strings and deny access when matches are found. Which of the following search strings should an analyst employ to prohibit access to non-encrypted websites?A . encryption=offB . http://C . www.*.comD . :443View AnswerAnswer: B Explanation: A web filter is...

The management team notices that new accounts that are set up manually do not always have correct access or permissions. Which of the following automation techniques should a systems administrator use to streamline account creation?A . Guard rail scriptB . Ticketing workflowC . Escalation scriptD . User provisioning scriptView AnswerAnswer:...

A company is concerned about weather events causing damage to the server room and downtime. Which of the following should the company consider?A . Clustering serversB . Geographic dispersionC . Load balancersD . Off-site backupsView AnswerAnswer: B Explanation: Geographic dispersion is a strategy that involves distributing the servers or data...

Which of the following scenarios describes a possible business email compromise attack?A . An employee receives a gift card request in an email that has an executive's name in the display field of the email.B . Employees who open an email attachment receive messages demanding payment in order to access...

An organization recently updated its security policy to include the following statement: Regular expressions are included in source code to remove special characters such as $, |, ;. &, `, and ? from variables set by forms in a web application. Which of the following best explains the security technique...