Browse Exams Pricing

ExamsSY0-701Questions

SY0-701 Exam Questions

1,057 real SY0-701 exam questions with expert-verified answers and explanations. Page 13 of 22.

Question #614Threats, vulnerabilities, and mitigations
A systems administrator is reviewing the VPN logs and notices that during non-working hours a user is accessing the company file server and information is being transferred to a su...
Data exfiltrationVPN logsSecurity monitoringThreat identification
Question #615Security architecture
SIMULATION 3 A security architect is tasked with designing a highly resilient, business-critical application. The application SLA is 99.999%. INSTRUCTIONS Select the network, power...
Question #616General security concepts
A company discovers suspicious transactions that were entered into the company's database and attached to a user account that was created as a trap for malicious activity. Which of...
HoneytokensHoneypotsIntrusion detectionDeception technology
Question #617Threats, vulnerabilities, and mitigations
A network engineer is increasing the overall security of network devices and needs to harden the devices. Which of the following will best accomplish this task?
Device hardeningSecure protocolsSSHRemote administration security
Question #618Threats, vulnerabilities, and mitigations
A company's accounting department receives an urgent payment message from the company's bank domain with instructions to wire transfer funds. The sender requests that the transfer...
Business Email Compromise (BEC)Social EngineeringFinancial FraudEmail Security
Question #619Security program management and oversight
A company filed a complaint with its IT service provider after the company discovered the service provider's external audit team had access to some of the company's confidential in...
NDALegal agreementsThird-party risk managementConfidentiality
Question #620Threats, vulnerabilities, and mitigations
An analyst is reviewing job postings to ensure sensitive company information is not being shared with the general public. Which of the following is the analyst most likely looking...
Question #621Threats, vulnerabilities, and mitigations
An engineer has ensured that the switches are using the latest OS, the servers have the latest patches, and the endpoints' definitions are up to date. Which of the following will t...
Patch managementVulnerability managementExploit preventionSystem hardening
Question #622Threats, vulnerabilities, and mitigations
Which of the following is most likely a security concern when installing and using low-cost IoT devices in infrastructure environments?
Question #623Security operations
A company captures log-in details and reviews them each week to identify conditions such as excessive log-in attempts and frequent lockouts. Which of the following should a securit...
Security monitoringAutomated alertingLog analysisCompliance monitoring
Question #624Threats, vulnerabilities, and mitigations
A security team is in the process of hardening the network against externally crafted malicious packets. Which of the following is the most secure method to protect the internal ne...
Network SecurityIntrusion PreventionPacket FilteringNetwork Hardening
Question #625Threats, vulnerabilities, and mitigations
Which of the following should a systems administrator use to decrease the company's hardware attack surface?
Question #626Security architecture
A company wants to add an MFA solution for all employees who access the corporate network remotely. Log-in requirements include something you know, are, and have. The company wants...
Question #627Threats, vulnerabilities, and mitigations
A company is using a legacy FTP server to transfer financial data to a third party. The legacy system does not support SFTP, so a compensating control is needed to protect the sens...
Data in transit securitySSH tunnelingNetwork protocolsCompensating controls
Question #628Security operations
A security manager wants to reduce the number of steps required to identify and contain basic threats. Which of the following will help achieve this goal?
SOARSecurity OrchestrationIncident Response AutomationSecurity Operations
Question #629Security program management and oversight
The Chief Information Officer (CIO) asked a vendor to provide documentation detailing the specific objectives within the compliance framework that the vendor's services meet. The v...
ComplianceVendor ManagementAttestationSecurity Documentation
Question #630Threats, vulnerabilities, and mitigations
Which of the following describes the most effective way to address OS vulnerabilities after they are identified?
PatchingVulnerability managementOS securityRemediation
Question #631Security operations
The management team reports that employees are missing features on company-provided tablets, which is causing productivity issues. The management team directs the IT team to resolv...
Mobile Device ManagementEndpoint ManagementDevice ConfigurationProductivity Issues
Question #632Threats, vulnerabilities, and mitigations
A company is implementing a policy to allow employees to use their personal equipment for work. However, the company wants to ensure that only company-approved applications can be...
Question #633General security concepts
An alert references attacks associated with a zero-day exploit. An analyst places a bastion host in the network to reduce the risk of the exploit. Which of the following types of c...
Security controlsCompensating controlsRisk mitigationBastion hosts
Question #634Threats, vulnerabilities, and mitigations
Which of the following is an example of memory injection?
Memory InjectionCode InjectionAttack TechniquesMalware
Question #635General security concepts
A security administrator is implementing encryption on all hard drives in an organization. Which of the following security concepts is the administrator applying?
EncryptionConfidentialityData protectionDisk encryption
Question #636Security operations
An administrator has configured a quarantine subnet for all guest devices that connect to the network. Which of the following would be best for the security team to perform before...
Network Access ControlGuest SecurityCompliance AttestationSecurity Posture
Question #637Security program management and oversight
A Chief Information Security Officer is developing procedures to guide detective and corrective activities associated with common threats, including phishing, social engineering, a...
Incident ResponseSecurity PoliciesThreat ManagementCISO Responsibilities
Question #638General security concepts
Which of the following testing techniques uses both defensive and offensive testing methodologies with developers to securely build key applications and software?
Question #639Security architecture
An administrator wants to automate an account permissions update for a large number of accounts. Which of the following would best accomplish this task?
User provisioningIdentity and Access Management (IAM)AutomationAccount management
Question #640Security program management and oversight
Which of the following is the fastest and most cost-effective way to confirm a third-party supplier's compliance with security obligations?
Third-party risk managementSupplier complianceAttestation reportsSecurity audits
Question #641General security concepts
Which of the following cryptographic solutions is used to hide the fact that communication is occurring?
SteganographyInformation HidingSecurity Concepts
Question #642Security operations
Which of the following steps should be taken before mitigating a vulnerability in a production server?
Change ManagementVulnerability ManagementSecurity OperationsProduction Systems
Question #643Security operations
A security engineer needs to quickly identify a signature from a known malicious file. Which of the following analysis methods would the security engineer most likely use?
Malware Analysis MethodsStatic AnalysisFile SignaturesThreat Detection
Question #644Security program management and oversight
Which of the following steps in the risk management process involves establishing the scope and potential risks involved with a project?
Risk managementRisk identificationSecurity riskRisk management process
Question #646Security architecture
A growing organization, which hosts an externally accessible application, adds multiple virtual servers to improve application performance and decrease the resource usage on indivi...
Load balancingHigh availabilityApplication performanceScalability
Question #647Threats, vulnerabilities, and mitigations
A systems administrator is concerned users are accessing emails through a duplicate site that is not run by the company. Which of the following is used in this scenario?
PhishingSocial EngineeringThreats
Question #648General security concepts
A company wants to ensure employees are allowed to copy files from a virtual desktop during the workday but are restricted during non-working hours. Which of the following security...
Access controlTime-based access controlSecurity controls
Question #649Threats, vulnerabilities, and mitigations
Employees sign an agreement that restricts specific activities when leaving the company. Violating the agreement can result in legal consequences. Which of the following agreements...
NDALegal agreementsEmployee securityConfidentiality
Question #650Threats, vulnerabilities, and mitigations
A systems administrator just purchased multiple network devices. Which of the following should the systems administrator perform to prevent attackers from accessing the devices by...
Default credentialsNetwork device securitySecurity configurationPassword management
Question #651Threats, vulnerabilities, and mitigations
A CVE in a key back-end component of an application has been disclosed. The systems administrator is identifying all of the systems in the environment that are susceptible to this...
CVEVulnerability scanningVulnerability identification
Question #652Security operations
Which of the following activities uses OSINT?
OSINTSocial EngineeringReconnaissanceSecurity Testing
Question #653Security program management and oversight
A company is considering an expansion of access controls for an application that contractors and internal employees use to reduce costs. Which of the following risk elements should...
Risk ManagementRisk AppetiteAccess Control
Question #654Security program management and oversight
Which of the following is the act of proving to a customer that software developers are trained on secure coding?
AttestationComplianceSecurity GovernanceSecure Software Development
Question #655Security architecture
An administrator is creating a secure method for a contractor to access a test environment. Which of the following would provide the contractor with the best access to the test env...
Jump serverSecure remote accessThird-party access
Question #656Security operations
A security analyst notices unusual behavior on the network. The IDS on the network was not able to detect the activities. Which of the following should the security analyst use to...
IDSSignaturesThreat detectionNetwork security
Question #657General Security Concepts
To which of the following security categories does an EDR solution belong?
EDRSecurity ControlsTechnical ControlsSecurity Categories
Question #658Security Operations
Which of the following is the stage in an investigating when forensic images are obtained?
Digital ForensicsData AcquisitionIncident ResponseForensic Imaging
Question #659General security concepts
Which of the following describes the difference between encryption and hashing?
EncryptionHashingCryptographyData integrity
Question #660Threats, vulnerabilities, and mitigations
A security report shows that during a two-week test period, 80% of employees unwittingly disclosed their SSO credentials when accessing an external website. The organization purpos...
PhishingSecurity awareness trainingSocial engineeringUser education
Question #661Security program management and oversight
A Chief Information Security Officer (CISO) has developed information security policies that relate to the software development methodology. Which of the following would the CISO m...
Secure SDLCSecurity PoliciesPeer ReviewCode Review
Question #662Security operations
A security analyst created a fake account and saved the password in a non-readily accessible directory in a spreadsheet. An alert was also configured to notify the security team if...
Deception technologyHoneyfileThreat detectionSecurity monitoring
Question #663Security architecture
Which of the following is the best way to provide secure, remote access for employees while minimizing the exposure of a company's internal network?
VPNRemote AccessNetwork SecurityAccess Control
Question #664Security operations
A company wants to track modifications to the code that is used to build new virtual servers. Which of the following will the company most likely deploy?
Version controlCode managementInfrastructure as CodeConfiguration management

PreviousPage 13 of 22Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.