SY0-701 Exam Questions
1,057 real SY0-701 exam questions with expert-verified answers and explanations. Page 14 of 22.
- Question #665Security program management and oversight
Which of the following documents details how to accomplish a technical security task?
Security documentationProceduresOrganizational policies - Question #666Security architecture
A certificate authority needs to post information about expired certificates. Which of the following would accomplish this task?
Certificate AuthorityCertificate Revocation List (CRL)Public Key Infrastructure (PKI)Certificate Management - Question #667Threats, vulnerabilities, and mitigations
Which of the following can best contribute to prioritizing patch applications?
Vulnerability ManagementPatchingCVSSRisk Prioritization - Question #668Security operations
A security analyst learns that an attack vector, which was used as a part of a recent incident, was a well-known IoT device exploit. The analyst needs to review logs to identify th...
Log analysisIncident responseIoT securityNetwork security - Question #669Threats, vulnerabilities, and mitigations
A company's gate access logs show multiple entries from an employee's ID badge within a two- minute period. Which of the following is this an example of?
RFIDCloningPhysical SecurityAccess Control - Question #670Security operations
A SOC analyst establishes a remote control session on an end user's machine and discovers the following in a file: gmail.com[ENT][email protected][ENT]NoOneCanGuessThis123! [ENT]He...
Incident ResponsePassword SecuritySensitive Data ExposureContainment - Question #671
Which of the following is a reason environmental variables are a concern when reviewing potential system vulnerabilities?
- Question #672Security architecture
A company evaluates several options that would allow employees to have remote access to the network. The security team wants to ensure the solution includes AAA to comply with inte...
Remote AccessAAAVPNRADIUS - Question #673Security architecture
A Chief Information Security Officer (CISO) wants to: - Prevent employees from downloading malicious content. - Establish controls based on departments and users. - Map internet ac...
Next-generation firewallNetwork securityContent filteringApplication control - Question #674General security concepts
A security analyst needs to improve the company's authentication policy following a password audit. Which of the following should be included in the policy? (Choose two.)
- Question #675Threats, vulnerabilities, and mitigations
Which of the following is an example of a treatment strategy for a continuous risk?
Risk treatmentContinuous riskEmail securityPhishing mitigation - Question #676Security architecture
An organization wants to deploy software in a container environment to increase security. Which of the following would limit the organization's ability to achieve this goal?
Container securityApplication architectureMonolithic applicationsSecurity design - Question #677Security operations
Prior to implementing a design change, the change must go through multiple steps to ensure that it does not cause any security issues. Which of the following is most likely to be o...
Change ManagementSecurity OperationsBackout PlanRisk Mitigation - Question #678Security program management and oversight
The internal audit team determines a software application is no longer in scope for external reporting requirements. Which of the following will confirm that the application is no...
Data managementComplianceAuditingData inventory and retention - Question #679Security architecture
Which of the following are the first steps an analyst should perform when developing a heat map? (Choose two.)
Wireless network analysisSite surveyWi-Fi heat mapNetwork assessment - Question #680Threats, vulnerabilities, and mitigations
Which of the following is used to improve security and overall functionality without losing critical application data?
Patch managementSystem updatesVulnerability remediationSecurity maintenance - Question #681Threats, vulnerabilities, and mitigations
An organization is preparing to export proprietary software to a customer. Which of the following would be the best way to prevent the loss of intellectual property?
Intellectual property protectionSoftware securityObfuscationSecurity controls - Question #682Threats, vulnerabilities, and mitigations
In which of the following will unencrypted network traffic most likely be found?
SCADAOperational Technology (OT)Unencrypted TrafficLegacy Systems - Question #683Security operations
Which of the following is the best reason to perform a tabletop exercise?
tabletop exerciseincident response plansecurity exercises - Question #684Threats, vulnerabilities, and mitigations
Which of the following is a use of CVSS?
CVSSVulnerability managementRisk prioritizationVulnerability scoring - Question #685Security program management and oversight
For an upcoming product launch, a company hires a marketing agency whose owner is a close relative of the Chief Executive Officer. Which of the following did the company violate?
Conflict of interestEthicsCorporate governanceVendor management - Question #686Security architecture
An organization designs an inbound firewall with a fail-open configuration while implementing a website. Which of the following would the organization consider to be the highest pr...
Firewall configurationFail-openAvailabilitySecurity design principles - Question #687General security concepts
An engineer needs to ensure that a script has not been modified before it is launched. Which of the following best provides this functionality?
HashingIntegrity verificationData integrityScript integrity - Question #688Security program management and oversight
Which of the following is the most important element when defining effective security governance?
Security GovernanceRoles and ResponsibilitiesAccountabilityInformation Security Management - Question #689Threats, vulnerabilities, and mitigations
A contractor is required to visually inspect the motherboards of all new servers that are purchased to determine whether the servers were tampered with. Which of the following risk...
Supply chain securityHardware securityTampering detectionRisk mitigation - Question #690Threats, vulnerabilities, and mitigations
Which of the following could potentially be introduced at the time of side loading?
Side loadingRootkitMalware deliveryThreat vectors - Question #691Threats, vulnerabilities, and mitigations
While a school district is performing state testing, a security analyst notices all internet services are unavailable. The analyst discovers that ARP poisoning is occurring on the...
Insider threatARP poisoningThreat actorsNetwork security - Question #692Threats, vulnerabilities, and mitigations
A user needs to complete training at https://comptiatraining.com. After manually entering the URL, the user sees that the accessed website is noticeably different from the standard...
TyposquattingWeb threatsSocial engineeringURL hijacking - Question #693Security program management and oversight
A company has yearly engagements with a service provider. The general terms and conditions are the same for all engagements. The company wants to simplify the process and revisit t...
Master Service Agreement (MSA)Contractual agreementsVendor managementLegal documents - Question #694Threats, vulnerabilities, and mitigations
While updating the security awareness training, a security analyst wants to address issues created if vendors' email accounts are compromised. Which of the following recommendation...
Security Awareness TrainingBusiness Email Compromise (BEC)Social EngineeringPhishing - Question #695General security concepts
A new corporate policy requires all staff to use multifactor authentication to access company resources. Which of the following can be utilized to set up this form of identity and...
Multifactor AuthenticationIAMAuthentication factorsBiometrics - Question #696Threats, vulnerabilities, and mitigations
A help desk employee receives a call from someone impersonating the Chief Executive Officer. The caller asks for assistance with resetting a password. Which of the following best d...
VishingSocial engineeringPhishingImpersonation - Question #697Threats, vulnerabilities, and mitigations
The number of tickets the help desk has been receiving has increased recently due to numerous false-positive phishing reports. Which of the following would be best to help to reduc...
Security Awareness TrainingPhishing MitigationUser EducationFalse Positives - Question #698Security architecture
A company wants to ensure secure remote access to its internal network. The company has only one public IP and would like to avoid making any changes to the current network setup....
Secure remote accessVPNIPSecNetwork security - Question #699General security concepts
An organization that handles sensitive information wants to protect the information by using a reversible technology. Which of the following best satisfies this requirement?
- Question #700General security concepts
A systems administrator needs to encrypt all data on employee laptops. Which of the following encryption levels should be implemented?
EncryptionFull Disk Encryption (FDE)Data protectionEndpoint security - Question #701Threats, vulnerabilities, and mitigations
Which of the following actions best addresses a vulnerability found on a company's web server?
Vulnerability managementPatchingWeb server securityMitigation - Question #703Threats, vulnerabilities, and mitigations
A company is concerned about employees unintentionally introducing malware into the network. The company identified fifty employees who clicked on a link embedded in an email sent...
- Question #704Threats, vulnerabilities, and mitigations
A penetration test identifies that an SMBv1 is enabled on multiple servers across an organization. The organization wants to remediate this vulnerability in the most efficient way...
Vulnerability RemediationGroup PolicyConfiguration ManagementSMBv1 - Question #705General security concepts
Which of the following best protects sensitive data in transit across a geographically dispersed infrastructure?
Data protectionEncryptionData in transitConfidentiality - Question #706Security architecture
As part of new compliance audit requirements, multiple servers need to be segmented on different networks and should be reachable only from authorized internal systems. Which of th...
- Question #707Threats, vulnerabilities, and mitigations
Which of the following activities should be performed first to compile a list of vulnerabilities in an environment?
- Question #708Threats, vulnerabilities, and mitigations
Which of the following can be used to mitigate attacks from high-risk regions?
- Question #709Security operations
The Chief Information Security Officer wants to discuss options for a disaster recovery site that allows the business to resume operations as quickly as possible. Which of the foll...
Disaster RecoveryHot SiteBusiness ContinuityRecovery Time Objective - Question #710Security Operations
A human resources (HR) employee working from home leaves their company laptop open on the kitchen table. A family member walking through the kitchen reads an email from the Chief F...
- Question #711Threats, vulnerabilities, and mitigations
An employee clicked a malicious link in an email and downloaded malware onto the company's computer network. The malicious program exfiltrated thousands of customer records. Which...
- Question #712Security program management and oversight
After a series of account compromises and credential misuse, a company hires a security manager to develop a security program. Which of the following steps should the security mana...
- Question #713Threats, vulnerabilities, and mitigations
Which of the following is the first step to secure a newly deployed server?
- Question #714Security architecture
A company has a website in a server cluster. One server is experiencing very high usage, while others are nearly unused. Which of the following should the company configure to help...
- Question #715Security program management and oversight
Which of the following actions must an organization take to comply with a person's request for the right to be forgotten?