SY0-701 exam

Which of the following tools can assist with detecting an employee who has accidentally emailed a file containing a customer’s PII?A . SCAPB . Net FlowC . AntivirusD . DLPView AnswerAnswer: D Explanation: DLP stands for Data Loss Prevention, which is a tool that can assist with detecting and preventing...

Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?A . HacktivistB . WhistleblowerC . Organized crimeD . Unskilled attackerView AnswerAnswer: C Explanation: Organized crime is a type of threat actor that is motivated by...

Which of the following can be used to identify potential attacker activities without affecting production servers?A . Honey potB . Video surveillanceC . Zero TrustD . GeofencingView AnswerAnswer: A Explanation: A honey pot is a system or a network that is designed to mimic a real production server and attract...

Which of the following provides the details about the terms of a test with a third-party penetration tester?A . Rules of engagementB . Supply chain analysisC . Right to audit clauseD . Due diligenceView AnswerAnswer: A Explanation: Rules of engagement are the detailed guidelines and constraints regarding the execution of...

Which of the following scenarios describes a possible business email compromise attack?A . An employee receives a gift card request in an email that has an executive's name in the display field of the email.B . Employees who open an email attachment receive messages demanding payment in order to access...

A company hired a consultant to perform an offensive security assessment covering penetration testing and social engineering. Which of the following teams will conduct this assessment activity?A . WhiteB . PurpleC . BlueD . RedView AnswerAnswer: D Explanation: A red team is a group of security professionals who perform offensive...

A company’s web filter is configured to scan the URL for strings and deny access when matches are found. Which of the following search strings should an analyst employ to prohibit access to non-encrypted websites?A . encryption=offB . http://C . www.*.comD . :443View AnswerAnswer: B Explanation: A web filter is...

Which of the following is the most likely outcome if a large bank fails an internal PCI DSS compliance assessment?A . FinesB . Audit findingsC . SanctionsD . Reputation damageView AnswerAnswer: A Explanation: PCI DSS is the Payment Card Industry Data Security Standard, which is a set of security requirements...

A systems administrator is looking for a low-cost application-hosting solution that is cloud-based. Which of the following meets these requirements?A . Serverless frameworkB . Type 1 hvpervisorC . SD-WAND . SDNView AnswerAnswer: A Explanation: A serverless framework is a cloud-based application-hosting solution that meets the requirements of low-cost and cloud-based....

Which of the following is used to add extra complexity before using a one-way data transformation algorithm?A . Key stretchingB . Data maskingC . SteganographyD . SaltingView AnswerAnswer: D Explanation: Salting is the process of adding extra random data to a password or other data before applying a one-way data...