SY0-701 exam

An IT manager informs the entire help desk staff that only the IT manager and the help desk lead will have access to the administrator console of the help desk software. Which of the following security techniques is the IT manager setting up?A . HardeningB . Employee monitoringC . Configuration...

After a security incident, a systems administrator asks the company to buy a NAC platform. Which of the following attack surfaces is the systems administrator trying to protect?A . BluetoothB . WiredC . NFCD . SCADAView AnswerAnswer: B Explanation: A NAC (network access control) platform is a technology that enforces...

An enterprise is trying to limit outbound DNS traffic originating from its internal network. Outbound DNS requests will only be allowed from one device with the IP address 10.50.10.25. Which of the following firewall ACLs will accomplish this goal?A . Access list outbound permit 0.0.0.0/0 0.0.0.0/0 port 53 Access list...

An administrator discovers that some files on a database server were recently encrypted. The administrator sees from the security logs that the data was last accessed by a domain user. Which of the following best describes the type of attack that occurred?A . Insider threatB . Social engineeringC . Watering-holeD...

A security operations center determines that the malicious activity detected on a server is normal. Which of the following activities describes the act of ignoring detected activity in the future?A . TuningB . AggregatingC . QuarantiningD . ArchivingView AnswerAnswer: A Explanation: Tuning is the activity of adjusting the configuration or...

A technician needs to apply a high-priority patch to a production system. Which of the following steps should be taken first?A . Air gap the system.B . Move the system to a different network segment.C . Create a change control request.D . Apply the patch to the system.View AnswerAnswer: C...

A company needs to provide administrative access to internal resources while minimizing the traffic allowed through the security boundary. Which of the following methods is most secure?A . Implementing a bastion hostB . Deploying a perimeter networkC . Installing a WAFD . Utilizing single sign-onView AnswerAnswer: A Explanation: A bastion...

Which of the following is a hardware-specific vulnerability?A . Firmware versionB . Buffer overflowC . SQL injectionD . Cross-site scriptingView AnswerAnswer: A Explanation: Firmware is a type of software that is embedded in a hardware device, such as a router, a printer, or a BIOS chip. Firmware controls the basic...

A data administrator is configuring authentication for a SaaS application and would like to reduce the number of credentials employees need to maintain. The company prefers to use domain credentials to access new SaaS applications. Which of the following methods would allow this functionality?A . SSOB . LEAPC . MFAD...

4.9. A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization’s network. Which of the following fulfills this request?A . access-list inbound deny ig source 0.0.0.0/0 destination 10.1.4.9/32B . access-list inbound deny ig source 10.1.4.9/32 destination 0.0.0.0/0C . access-list inbound permit ig...