SY0-701 Exam Questions

An attacker used XSS to compromise a web server. Which of the following solutions could have been used to prevent this attack?

During a recent log review, an analyst found evidence of successful injection attacks. Which of the following will best address this issue?

A company's Chief Information Security Officer (CISO) wants to enhance the capabilities of the incident response team. The CISO directs the incident response team to deploy a tool...

Which of the following best explains a concern with OS-based vulnerabilities?

Which of the following are the best for hardening end-user devices? (Select two)

Which of the following architecture models ensures that critical systems are physically isolated from the network to prevent access from users with remote access privileges?

A security analyst wants to automate a task that shares data between systems. Which of the following is the best option for the analyst to use?

The help desk receives multiple calls that machines with an outdated OS version are running slowly. Several users are seeing virus detection alerts. Which of the following mitigati...

Which of the following agreements defines response time, escalation, and performance metrics?

A program manager wants to ensure contract employees can only use the company's computers Monday through Friday from 9 a.m. to 5 p.m. Which of the following would best enforce this...

Which of the following makes Infrastructure as Code (IaC) a preferred security architecture over traditional infrastructure models?

An attorney prints confidential documents to a copier in an office space near multiple workstations and a reception desk. When the attorney goes to the copier to retrieve the docum...

A software developer wishes to implement an application security technique that will provide assurance of the application's integrity. Which of the following techniques will achiev...

The physical security team at a company receives reports that employees are not displaying their badges. The team also observes employees tailgating at controlled entrances. Which...

A forensic engineer determines that the root cause of a compromise is a SQL injection attack. Which of the following should the engineer review to identify the command used by the...

A security analyst receives an alert that there was an attempt to download known malware. Which of the following actions would allow the best chance to analyze the malware?

During a recent log review, an analyst discovers evidence of successful injection attacks. Which of the following will best address this issue?

Which of the following is the best way to improve the confidentiality of remote connections to an enterprise's infrastructure?

SIMULATION 4 An organization has learned that its data is being exchanged on the dark web. The CIO has requested that you investigate and implement the most secure solution to prot...

A recent power outage halted operations at a company's only data center. Which of the following solutions would best prevent an event like this one in the future?

Which of the following analysis methods allows an organization to measure the exposure factor associated with organizational assets?

A security analyst notices an increase in port scans on the edge of the corporate network. Which of the following logs should the analyst check to obtain the attacker's source IP a...

A security team receives reports about high latency and complete network unavailability throughout most of the office building. Flow logs from the campus switches show high traffic...

A security analyst is examining a penetration test report and notices that the tester pivoted to critical internal systems with the same local user ID and password. Which of the fo...

When used with an access control vestibule which of the following would provide the best prevention against tailgating?

A security professional discovers a folder that contains an employee's personal information located on the enterprise's shared drive. Which of the following best describes the data...

A site reliability engineer is designing a recovery strategy that requires quick failover to an identical site if the primary facility goes down. Which of the following types of si...

Which of the following would an organization most likely use to minimize the loss of data on a file server in the event data needs to be restored?

Which of the following solutions would most likely be used in the financial industry to mask sensitive data?

Which of the following is a type of vulnerability that may result from outdated algorithms or keys?

A company wants to prevent proprietary and confidential company information from being shared to outsiders. Which of the following would this best describe?

A security administrator needs to reduce the attack surface in the company's data centers. Which of the following should the security administrator do to complete this task?

Which of the following is a prerequisite for a DLP solution?

A business provides long-term cold storage services to banks that are required to follow regulator-imposed data retention guidelines. Banks that use these services require that dat...

Which of the following would most likely be a hacktivist's motive?

Which of the following should be used to ensure a user has the permissions needed to effectively do an assigned job role?

An employee receives a text message from an unrecognized number claiming to be the Chief Executive Officer and asking the employee to purchase gift cards. Which of the following ty...

An unexpected and out-of-character email message from a Chief Executive Officer's corporate account asked an employee to provide financial information and to change the recipient's...

Which of the following is used to calculate the impact to an organization per cybersecurity incident?

A retail company receives a request to remove a customer's data. Which of the following is the retail company considered under GDPR legislation?

An administrator implements web-filtering products but still sees that users are visiting malicious links. Which of the following configuration items does the security administrato...

A security analyst is reviewing the following logs about a suspicious activity alert for a user's VPN log-ins: Which of the following malicious activity indicators triggered the al...

Which of the following phases of the incident response process attempts to minimize disruption?

Which of the following security principles most likely requires validation before allowing traffic between systems?

An accounting employee recently used software that was not approved by the company. Which of the following risks does this most likely represent?

Which of the following activities is used to determine the reason an incident occurred, prior to closing the incident?

Which of the following is the greatest advantage that network segmentation provides?

Which of the following is a directive managerial control?

Which of the following is the best way to prevent data from being leaked from a secure network that does not need to communicate externally?

Which of the following activities identifies but does not exploit vulnerabilities?