SY0-701 Exam Questions

A security manager created new documentation to use in response to various types of security incidents. Which of the following is the next step the manager should take?

Users at a company are reporting they are unable to access the URL for a new retail website because it is flagged as gambling and is being blocked. Which of the following changes w...

An administrator discovers that some files on a database server were recently encrypted. The administrator sees from the security logs that the data was last accessed by a domain u...

Which of the following automation use cases would best enhance the security posture of an organization by rapidly updating permissions when employees leave a company?

A company would like to provide employees with computers that do not have access to the internet in order to prevent information from being leaked to an online forum. Which of the...

Which of the following methods to secure credit card data is best to use when a requirement is to see only the last four numbers on a credit card?

An administrator finds that all user workstations and servers are displaying a message that is associated with files containing an extension of .ryk. Which of the following types o...

A healthcare organization wants to provide a web application that allows individuals to digitally report health emergencies. Which of the following is the most important considerat...

Which of the following is the best reason to complete an audit in a banking environment?

A security administrator is deploying a DLP solution to prevent the exfiltration of sensitive customer data. Which of the following should the administrator do first?

Which of the following describes a security alerting and monitoring tool that collects system, application, and network logs from multiple sources in a centralized system?

Which of the following are cases in which an engineer should recommend the decommissioning of a network device? (Select two).

An administrator assists the legal and compliance team with ensuring information about customer transactions is archived for the proper time period. Which of the following data pol...

A systems administrator is working on a solution with the following requirements: - Provide a secure zone. - Enforce a company-wide access control policy. - Reduce the scope of thr...

A security administrator needs a method to secure data in an environment that includes some form of checks so that the administrator can track any changes. Which of the following s...

Which of the following is the phase in the incident response process when a security analyst reviews roles and responsibilities?

A company is discarding a classified storage array and hires an outside vendor to complete the disposal. Which of the following should the company request from the vendor?

Which of the following would be the best ways to ensure only authorized personnel can access a secure facility? (Select two).

A company's marketing department collects, modifies, and stores sensitive customer data. The infrastructure team is responsible for securing the data while in transit and at rest....

Malware spread across a company's network after an employee visited a compromised industry blog. Which of the following best describes this type of attack?

After a recent ransomware attack on a company's system, an administrator reviewed the log files. Which of the following control types did the administrator use?

Which of the following agreement types defines the time frame in which a vendor needs to respond?

A Chief Information Security Officer wants to monitor the company's servers for SQLi attacks and allow for comprehensive investigations if an attack occurs. The company uses SSL de...

A client demands at least 99.99% uptime from a service provider's hosted security services. Which of the following documents includes the information the service provider should re...

A company is adding a clause to its AUP that states employees are not allowed to modify the operating system on mobile devices. Which of the following vulnerabilities is the organi...

Which of the following practices would be best to prevent an insider from introducing malicious code into a company's development process?

A systems administrator is creating a script that would save time and prevent human error when performing account creation for a large number of end users. Which of the following w...

After an audit, an administrator discovers all users have access to confidential data on a file server. Which of the following should the administrator use to restrict access to th...

A Chief Information Security Officer (CISO) wants to explicitly raise awareness about the increase of ransomware-as-a-service in a report to the management team. Which of the follo...

A small business uses kiosks on the sales floor to display product information for customers. A security team discovers the kiosks use end-of-life operating systems. Which of the f...

A company is developing a critical system for the government and storing project information on a fileshare. Which of the following describes how this data will most likely be clas...

After reviewing the following vulnerability scanning report: A security analyst performs the following test: Which of the following would the security analyst conclude for this rep...

A security consultant needs secure, remote access to a client environment. Which of the following should the security consultant most likely use to gain access?

Which of the following best practices gives administrators a set period to perform changes to an operational system to ensure availability and minimize business impacts?

Which of the following actions could a security engineer take to ensure workstations and servers are properly monitored for unauthorized changes and software?

After a security awareness training session, a user called the IT help desk and reported a suspicious call. The suspicious caller stated that the Chief Financial Officer wanted cre...

Which of the following exercises should an organization use to improve its incident response process?

Which of the following is used to validate a certificate when it is presented to a user?

A newly identified network access vulnerability has been found in the OS of legacy IoT devices. Which of the following would best mitigate this vulnerability quickly?

A bank insists all of its vendors must prevent data loss on stolen laptops. Which of the following strategies is the bank requiring?

Which of the following would be best suited for constantly changing environments?

A security analyst scans a company's public network and discovers a host is running a remote desktop that can be used to access the production network. Which of the following chang...

Which of the following involves an attempt to take advantage of database misconfigurations?

An organization would like to store customer data on a separate part of the network that is not accessible to users on the main corporate network. Which of the following should the...

Which of the following is used to quantitatively measure the criticality of a vulnerability?

A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?

Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?

Security controls in a data center are being reviewed to ensure data is properly protected and that human life considerations are included. Which of the following best describes ho...

Which of the following is the most common data loss path for an air-gapped network?

Which of the following can best protect against an employee inadvertently installing malware on a company system?