SY0-701 Exam Questions

An organization has too many variations of a single operating system and needs to standardize the arrangement prior to pushing the system image to users. Which of the following sho...

A growing company would like to enhance the ability of its security operations center to detect threats but reduce the amount of manual work required tor the security analysts. Whi...

A systems administrator is redesigning now devices will perform network authentication. The following requirements need to be met: - An existing Internal certificate must be used....

A company implemented an MDM policy 10 mitigate risks after repealed instances of employees losing company-provided mobile phones. In several cases. The lost phones were used malic...

A security analyst needs to propose a remediation plan 'or each item in a risk register. The item with the highest priority requires employees to have separate logins for SaaS solu...

A security analyst finds a rogue device during a monthly audit of current endpoint assets that are connected to the network. The corporate network utilizes 002.1X for access contro...

Which of the following is the first step to take when creating an anomaly detection process?

Which of the following is the final step of the modem response process?

While investigating a recent security breach an analyst finds that an attacker gained access by SOL infection through a company website. Which of the following should the analyst r...

Which of the following environments utilizes a subset of customer data and is most likely to be used to assess the impacts of major system upgrades and demonstrate system features?

An organization recently started hosting a new service that customers access through a web portal. A security engineer needs to add to the existing security devices a new solution...

An IT manager is putting together a documented plan describing how the organization will keep operating in the event of a global incident. Which of the following plans is the IT ma...

A company is changing its mobile device policy. The company has the following requirements: - Company-owned devices - Ability to harden the devices - Reduced security risk - Compat...

Which of the following describes the understanding between a company and a client about what will be provided and the accepted time needed to provide the company with the resources...

Which of the following describes an executive team that is meeting in a board room and testing the company's incident response plan?

Which of the following methods would most likely be used to identify legacy systems?

Which of the following considerations is the most important for an organization to evaluate as it establishes and maintains a data privacy program?

Client files can only be accessed by employees who need to know the information and have specified roles in the company. Which of the following best describes this security concept...

A user would like to install software and features that are not available with a smartphone's default software. Which of the following would allow the user to install unauthorized...

A recent penetration test identified that an attacker could flood the MAC address table of network switches. Which of the following would best mitigate this type of attack?

An administrator at a small business notices an increase in support calls from employees who receive a blocked page message after trying to navigate to a spoofed website. Which of...

Which of the following control types is AUP an example of?

Which of the following examples would be best mitigated by input sanitization?

A security engineer is installing an IPS to block signature-based attacks in the environment. Which of the following modes will best accomplish this task?

During a penetration test, a vendor attempts to enter an unauthorized area using an access badge Which of the following types of tests does this represent?

Which of the following is a common, passive reconnaissance technique employed by penetration testers in the early phases of an engagement?

Which of the following should a security operations center use to improve its incident response procedure?

A security analyst is investigating a workstation that is suspected of outbound communication to a command-and-control server. During the investigation, the analyst discovered that...

A security team is setting up a new environment for hosting the organization's on-premises software application as a cloud-based service. Which of the following should the team ens...

Which of the following phases of an incident response involves generating reports?

A business needs a recovery site but does not require immediate failover. The business also wants to reduce the workload required to recover from an outage. Which of the following...

Which of the following best describes the practice of researching laws and regulations related to information security operations within a specific industry?

A security analyst developed a script to automate a trivial and repeatable task. Which of the following best describes the benefits of ensuring other team members understand how th...

A bank set up a new server that contains customers' Pll. Which of the following should the bank use to make sure the sensitive data is not modified?

A legacy device is being decommissioned and is no longer receiving updates or patches. Which of the following describes this scenario?

Employees located off-site must have access to company resources in order to complete their assigned tasks These employees utilize a solution that allows remote access without inte...

Which of the following alert types is the most likely to be ignored over time?

The Chief Information Security Officer (CISO) at a large company would like to gain an understanding of how the company's security policies compare to the requirements imposed by e...

A systems administrator notices that one of the systems critical for processing customer transactions is running an end-of-life operating system. Which of the following techniques...

An organization is adopting cloud services at a rapid pace and now has multiple SaaS applications in use. Each application has a separate log-in. so the security team wants to redu...

Which of the following would best explain why a security analyst is running daily vulnerability scans on all corporate endpoints?

Which of the following threat vectors is most commonly utilized by insider threat actors attempting data exfiltration?

A new employee logs in to the email system for the first time and notices a message from human resources about onboarding. The employee hovers over a few of the links within the em...

An IT manager is increasing the security capabilities of an organization after a data classification initiative determined that sensitive data could be exfiltrated from the environ...

An important patch for a critical application has just been released, and a systems administrator is identifying all of the systems requiring the patch. Which of the following must...

Which of the following security measures is required when using a cloud-based platform for IoT management?

The Chief Information Security Officer (CISO) has determined the company is non-compliant with local data privacy regulations. The CISO needs to justify the budget request for more...

Which of the following is a feature of a next-generation SIEM system?

A company allows customers to upload PDF documents to its public e-commerce website. Which of the following would a security analyst most likely recommend?

A Chief Information Security Officer would like to conduct frequent, detailed reviews of systems and procedures to track compliance objectives. Which of the following will be the b...