SY0-701 Exam Questions

An administrator has configured a quarantine subnet for all guest devices that connect to the network. Which of the following would be best for the security team to configure on th...

A security team receives reports about high latency and complete network unavailability throughout most of the office building. Flow logs from the campus switches show high traffic...

A company executive connects to various networks, such as hotel guest Wi-Fi. while traveling. A security analyst needs to provide a solution that will allow the executive to secure...

A security team installs an IPS on an organization's network and needs to configure the system to detect and prevent specific network attacks. Which of the following settings shoul...

A security analyst must prevent remote users from accessing malicious URLs. The sites need to be checked inline for reputation, content, or categorization. Which of the following t...

A systems administrator needs to provide traveling employees with a security measure that will protect company devices regardless of where they are working. Which of the following...

Which of the following is used to monitor suspicious traffic in real time between multiple systems within an organization?

A remote employee navigates to a shopping website on their company-owned computer. The employee clicks a link that contains a malicious file. Which of the following would prevent t...

A security analyst is reviewing the security of a SaaS application that the company intends to purchase. Which of the following documentations should the security analyst request f...

A security administrator protects passwords by using hashing. Which of the following best describes what the administrator is doing?

A customer changes the underlying file structure of a new mobile phone to install a keylogger with administrator permissions. Which of the following does this best describe?

A security analyst is reviewing the security or a SaaS application that the company intends to purchase. Which of the following documentations should the security analyst request f...

While a school district is performing state testing, a security analyst notices all internet services are unavailable. The analyst discovers that ARP poisoning is occurring on the...

Which of the following hardening techniques must be applied on a container image before deploying it to a production environment? (Choose two.)

A security patch is applied to a server. Which of the following will validate this remediation?

The internal security team is investigating a suspicious attachment and wants to perform a behavior analysis in an isolated environment. Which of the following will the security te...

An analyst discovers a suspicious item in the SQL server logs. Which of the following could be evidence of an attempted SQL injection?

A company identified the potential for malicious insiders to harm the organization. Which of the following measures should the organization implement to reduce this risk?

After completing onboarding at a company and reviewing the company's handbooks and AUP an employee downloads an unapproved application on a company desktop. Which of the following...

An organization has experienced a breach because a hacker utilized a standard users two-year- old password that the hacker found on the dark web. Which of the following would have...

An organization has published a list of domains that end users are not authorized to visit on company devices in order to mitigate data loss or installation or malicious code. A se...

Users report that certain processes from a batch job are not working correctly and various resources are unavailable. An application owner provides the source and destination addre...

A company is experiencing loss of availability due to excessive traffic to their front-end web servers. The company hires a digital forensics expert to investigate the incident. Wh...

An employee decides to collect PII data from the company's system for personal use. The employee compresses the data into a single encrypted file before sending the file to their p...

Which of the following is the best way to remove personal data from a social media account that is no longer being used?

A Chief Information Security Officer (CISO) of an enterprise environment wants to ensure that users cannot navigate to known malicious domains. The CISO also wants web traffic on t...

A user receives a malicious text message that routes to a fake bank login. Which of the following attack types does this scenario describe?

A group of people is working together to run multiple ransomware attacks against targets that the group selected to yield the most financial gain. Which of the following best descr...

A security officer observes that a software development team is not complying with its corporate security policy on encrypting confidential data. Which of the following categories...

Which of the following data types best describes an AI tool developed by a company to automate the ticketing system under a specific contract?

Which of the following would best allow a company to prevent access to systems from the internet?

While conducting a business continuity tabletop exercise, the security team becomes concerned by potential impacts if a generator were to develop a fault during an extended outage....

A security analyst is working with the IT group to define appropriate procedures for the destruction of media and assets in the enterprise environment. Which of the following metho...

Which of the following vulnerabilities results in an application running extremely slowly due to an abnormally large number of incoming packets?

A company experiences a breach. The investigation reveals that the threat actor used a zero-day vulnerability to gain access and move laterally. Which of the following would best i...

Which of the following prevents unauthorized modifications to internal processes, assets, and security controls?

A user sits in a coffee shop on a government-issued laptop. A stranger starts a conversation with the user and starts asking about where the user works, what division the user work...

A company's Chief Information Security Officer (CISO) wants to enhance the capabilities of the incident response team. The CISO directs the incident response team to deploy a tool...

Which of the following is a component of a risk register?

Which of the following most securely protects data at rest?

Which of the following is a vulnerability concern for end-of-life hardware?

A company's security team is reviewing its business continuity plan and must determine the amount of time needed for operations to resume after a disaster. Which of the following d...

Which of the following is a risk for a company using end-of-life applications on its network?

Which of the following makes IaC a preferred security architecture over traditional infrastructure models?

Which of the following is an advantage of a microservice-based architecture over traditional software architectures?

An organization purchases software from an overseas company. The organization's IDS solution detects that advertising data from the software is unexpectedly reporting back to the o...

Which of the following can be best used to discover a company's publicly available breach information?

An accounting clerk sent money to an attacker's bank account after receiving fraudulent instructions over the phone to use a new account. Which of the following would most likely p...

Which of the following agreements defines response time, escalation points, and performance metrics?

A private equity firm has been the target of protests. The firm discovers its public website has been defaced. Which of the following is most likely the threat actor?