SY0-701 Exam Questions

Which of the following is the most closely associated with confidentiality?

During an assessment, an organization provides a penetration tester with a website URL and login credentials. However, the tester does not have access to the source code. Which of...

A security analyst learns that an attack vector, which was used as a part of a recent incident, was a well-known IoT device exploit. The analyst needs to review logs to identify th...

Which of the following best describes when a user installs an application from an unofficial application store?

A security administrator must use a strategy to protect the company's data. The security administrator decides to deploy FDE on the end user devices and TLS for all web connections...

An administrator investigating an incident is concerned about the downtime of a critical server due to a failed drive. Which of the following would the administrator use to estimat...

A business manager is concerned about the availability of an application running on hardware in the local data center. Which of the following solutions will improve availability wh...

A company wants to ensure that a mission-critical database can only be accessed from specific internal IP addresses. Which of the following should the company deploy to meet this r...

A store is setting up wireless access for their employees. Management wants to limit the number of access points while ensuring all areas of the store are covered. Which of the fol...

A security engineer has been assigned to work on a request from outside counsel. The security engineer must provide all email correspondence within a specific date range. Which of...

A red-team provider tailgates into an organization's facility. Which of the following has occurred?

Which of the following describes an agent-based application that detects and blocks malicious behavior on enterprise systems while disconnected from the corporate network?

A manager meets with various stakeholders involved with a recently resolved security incident. During the meeting, they discuss potential improvements to the environment in order t...

A database engineer needs sample customer data for testing purposes. Which of the following techniques can be used to remove sensitive information from database records while still...

Which of the following encryption methods protects data if a user loses their laptop?

A security analyst regularly receives emails from users who are concerned that attached files may be malicious. Which of the following should the analyst use to evaluate the suspic...

A CIRT team updates their playbooks to include instructions to respond to a ransomware attack. To prepare for a real event, the team performs a simulation and assesses their perfor...

Which of the following can automate vulnerability management?

Which of the following is a reason to perform a one-time risk assessment?

An employee from the accounting department logs in to the website used for processing the company's payments. After logging in, a new desktop application automatically downloads on...

An EDR solution recognizes that a specific workstation has outbound traffic to a malicious IP. Which of the following would be the best action to take to contain the threat?

Which of the following would most likely prevent exploitation of an end-of-life, business-critical system?

Which of the following is the most likely motivation for a hacktivist?

Which of the following is the best physical security control to prevent damage from a vehicle?

A security team wants to work with the same organization's development team to ensure WAF policies are automatically created when applications are deployed. Which of the following...

Which of the following uses proprietary controls and is designed to function in harsh environments over many years with limited remote access management?

Which of the following data recovery strategies will result in a quick recovery at low cost?

An MSSP manages firewalls for hundreds of clients. Which of the following tools would be most helpful to create a standard configuration template in order to improve the efficiency...

After multiple phishing simulations, the Chief Security Officer announces a new program that incentivizes employees to not click phishing links in the upcoming quarter. Which of th...

A security analyst sees an increase of vulnerabilities on workstations after a deployment of a company group policy. Which of the following vulnerability types will the analyst mos...

Which of the following threat actors would most likely target an organization by using a logic bomb within an internally-developed application?

Which of the following is a company addressing when it rolls out MDM on all COPE devices?

An organization failed to account for the right-to-be-forgotten regulations. Which of the following impacts might this action have on the company?

A company is experiencing issues with employees leaving the company for a competitor and taking customer contact information with them. Which of the following tools will help preve...

A company that operates with most of its infrastructure in the cloud had its development environment breached. The attackers gained access via a public-facing development applicati...

Which of the following security concepts is being followed when applying encryption to sensitive data?

Which of the following cryptographic solutions would allow an organization to recover encrypted data after a key becomes corrupted or is deleted?

An organization is evaluating the cost of licensing a new solution to prevent ransomware. Which of the following is the most helpful in making this decision?

Which of the following should be used to ensure that a device is inaccessible to a network- connected resource?

During the investigation of a webmail log-in using compromised credentials, a security analyst needs to review information about the source IP for the log-in. Which of the followin...

Which of the following should be used to select a label for a file based on the file's value, sensitivity, or applicable regulations?

A company makes a change during the appropriate change window, but the unsuccessful change extends beyond the scheduled time and impacts customers. Which of the following would pre...

A security analyst is collecting evidence in response to an incident. Which of the following must the analyst maintain in order to ensure the admissibility of the evidence in a cou...

Which of the following types of vulnerabilities involves attacking a system to access adjacent hosts?

While reviewing a recent compromise, a forensics team discovers that there are hard-coded credentials in the database connection strings. Which of the following assessment types sh...

Which of the following should be deployed on an externally facing web server in order to establish an encrypted connection?

A security administrator receives multiple reports about the same suspicious email. Which of the following is the most likely reason for the malicious email's continued delivery?

While browsing a web page, a user receives a pop-up with a link telling them to navigate to another site. To which of the following is the site vulnerable?

An administrator must secure several end-of-life SCADA devices in a manufacturing facility on a limited budget. Which of the following should the security administrator do to best...

A business is expanding to a new country and must protect customers from accidental disclosure of specific national identity information. Which of the following should the security...