SY0-701 Exam Questions

Which of the following can be deployed in data centers as a protection against an undervoltage event?

According to various privacy rules and regulations, users have the power to request that all data pertaining to them is deleted. This is known as:

An analyst identifies that multiple users have the same passwords, but the hashes appear to be completely different. Which of the following most likely explains this issue?

An employee receives a work phone. Instead of starting up with the normal operating system, the phone loads to a gaming platform using administrative credentials. Which of the foll...

A university uses two different cloud solutions for storing student data. Which of the following does this represent?

In which of the following will unencrypted PLC management traffic most likely be found?

An administrator must implement a solution that provides security and network connectivity between two companies. Which of the following infrastructure solutions is the best for th...

A software engineering manager wants to scan the code for security vulnerabilities before it is pushed into production. Which of the following types of analysis should the manager...

A security team purchases a tool for cloud security posture management. The team is quickly overwhelmed by the number of misconfigurations the tool detects. Which of the following...

Which of the following is a social engineering attack in which a bad actor impersonates a web URL?

A company is in the process of cutting jobs to manage costs. The Chief Information Security Officer is concerned about the increased risk of an insider threat. Which of the followi...

A security analyst is prioritizing vulnerability scan results using a risk-based approach. Which of the following is the most efficient resource for the analyst to use?

A penetration tester visits a client's website and downloads the site's content. Which of the following actions is the penetration tester performing?

An administrator must authenticate users to systems using credentials already authenticated by a business partner's LDAP system. Which of the following should the administrator dep...

The help desk receives multiple calls indicating machines with an outdated OS version are running slowly. Several users report seeing virus detection alerts. Which of the following...

Which of the following actions should be performed on end-of-life equipment before it is discarded?

Which of the following actions would reduce the number of false positives for an analyst to manually review?

A government agency requires publicly traded organizations to report cyber breaches within a designated time period. By law, these reports are made public. Which of the following c...

Which of the following would a service provider supply as an assurance for a disposal service as part of a disposal process?

The security department is remediating vulnerabilities that were found during an audit of newly deployed systems. Which of the following must be done to ensure compliance?

A company with a high-availability website is looking to harden its controls at any cost. The company wants to ensure that the site is secure by finding any possible issues. Which...

A government worker secretly copies classified files that contain defense tactics information to an external drive. The government worker then gives the external drive to a corrupt...

A Chief Security Officer signs off on a request to allow inbound SMB and RDP from the internet to a single VLAN. Which of the following is the most likely explanation for this acti...

A systems administrator discovers a guest user gained access to classified reports. Upon further investigation, the logs indicate that the user was added to the administrator group...

Which of the following sites offers immediate service restoration following a disaster?

Which of the following is an example of a certificate that is generated by an internal source?

Which of the following is a benefit of an RTO when conducting a business impact analysis?

A recent review of logs indicates many attempts to join an internal wireless network from external devices. The connections appear to be originating from surrounding buildings. Whi...

Which of the following data protection strategies can be used to confirm file integrity?

An organization discovers that its cold site does not have enough storage and computers available. Which of the following was most likely the cause of this failure?

The security team notices that the Always On VPN solution sometimes fails to connect. This leaves remote users unprotected because they cannot connect to the on-premises web proxy....

A security analyst wants to automate a task that shares data between programs. Which of the following is the best option for the analyst to use?

An auditor notices that, before logging into the firewall, an employee opens a document in a shared folder that contains administrative credentials. Which of the following should t...

Which of the following attacks uses a website to collectively target a group of developers within an organization?

Which of the following is the most likely benefit of conducting an internal audit?

A security analyst identifies an employee who added an unauthorized wireless router to an office branch. After an investigation, the router is removed, and the employee is given ma...

Which of the following is the best safeguard to protect against an extended power failure?

Users see a certificate warning on their browsers when connecting to the server over HTTPS. Which of the following is the most likely cause?

Prior to implementing a design change, the change must go through multiple steps to ensure that it does not cause any security issues. Which of the following is most likely to be o...

Which of the following is a benefit of launching a bug bounty program? (Choose two.)

During a penetration test in a hypervisor, the security engineer is able to use a script to inject a malicious payload and access the host filesystem. Which of the following best d...

Which of the following security controls are a company implementing by deploying HIPS? (Choose two.)

A company is experiencing a high number of users who are clicking on email-based attacks even though those users have completed annual training. The company's Chief Security Office...

Which of the following mitigation techniques would a security analyst most likely use to avoid bloatware on devices?

A company decides to purchase an insurance policy. Which of the following risk management strategies is this company implementing?

Which of the following principles requires that a company must keep files or records for a prescribed period of time before it disposes of those files or records?

A security analyst is monitoring logs from the organization's SIEM and identifies logs related to one of their salespeople: Which of the following is being displayed in the logs?

A company wants to update its disaster recovery plan to include a dedicated location for immediate continued operations if a catastrophic event occurs. Which of the following optio...

Which of the following describes the reason for using an MDM solution to prevent jailbreaking?

Which of the following is the best mitigation for a zero-day vulnerability found in mission-critical production servers that must be highly available?