Browse Exams Pricing

ExamsSY0-701Questions

SY0-701 Exam Questions

1,057 real SY0-701 exam questions with expert-verified answers and explanations. Page 9 of 22.

Question #412Security architecture
A multinational bank hosts several servers in its data center. These servers run a business-critical application used by customers to access their account information. Which of the...
Question #413Threats, vulnerabilities, and mitigations
The author of a software package is concerned about bad actors repackaging and inserting malware into the software. The software download is hosted on a website, and the author exc...
Question #414Threats, vulnerabilities, and mitigations
A third-party vendor is moving a particular application to the end-of-life stage at the end of the current year. Which of the following is the most critical risk if the company cho...
End-of-life softwareVulnerability managementRisk assessmentSecurity patching
Question #415Security operations
A security analyst recently read a report about a flaw in several of the organization's printer models that causes credentials to be sent over the network in cleartext, regardless...
Network analysisPacket captureWiresharkCleartext communication
Question #416Threats, vulnerabilities, and mitigations
A development team is launching a new public-facing web product. The Chief Information Security Officer has asked that the product be protected from attackers who use malformed or...
FuzzingVulnerability testingApplication securityInput validation
Question #417Security program management and oversight
During an annual review of the system design, an engineer identified a few issues with the currently released design. Which of the following should be performed next according to b...
Question #418Threats, vulnerabilities, and mitigations
Which of the following is best to use when determining the severity of a vulnerability?
Vulnerability managementCVSSVulnerability assessmentSeverity scoring
Question #419Threats, vulnerabilities, and mitigations
An organization experienced a security breach that allowed an attacker to send fraudulent wire transfers from a hardened PC exclusively to the attacker's bank through remote connec...
Question #420Threats, vulnerabilities, and mitigations
Which of the following is the best resource to consult for information on the most common application exploitation methods?
Question #421Security Operations
A security analyst is reviewing the logs on an organization's DNS server and notices the following unusual snippet: Which of the following attack techniques was most likely used?
Question #422Threats, vulnerabilities, and mitigations
A security analyst at an organization observed several user logins from outside the organization's network. The analyst determined that these logins were not performed by individua...
Question #423Threats, vulnerabilities, and mitigations
A security team is addressing a risk associated with the attack surface of the organization's web application over port 443. Currently, no advanced network security capabilities ar...
Question #424Security operations
A systems administrator would like to create a point-in-time backup of a virtual machine. Which of the following should the administrator use?
VirtualizationSnapshotsBackup and recovery
Question #425Security Operations
A security administrator notices numerous unused, non-compliant desktops are connected to the network. Which of the following actions would the administrator most likely recommend...
Question #426Security Operations
Which of the following is a common data removal option for companies that want to wipe sensitive data from hard drives in a repeatable manner but allow the hard drives to be reused...
Question #427Security architecture
An organization wants to improve the company's security authentication method for remote employees. Given the following requirements: - Must work across SaaS and internal network a...
Question #428Security program management and oversight
A security officer is implementing a security awareness program and has placed security-themed posters around the building and assigned online user training. Which of the following...
Question #429Threats, vulnerabilities, and mitigations
A malicious update was distributed to a common software platform and disabled services at many organizations. Which of the following best describes this type of vulnerability?
Supply chain attackVulnerability classificationThird-party riskMalicious updates
Question #430Threats, vulnerabilities, and mitigations
A company web server is initiating outbound traffic to a low-reputation, public IP on non-standard pat. The web server is used to present an unauthenticated page to clients who upl...
Question #431Security program management and oversight
An organization requests a third-party full-spectrum analysis of its supply chain. Which of the following would the analysis team use to meet this requirement?
Question #432General security concepts
A systems administrator deployed a monitoring solution that does not require installation on the endpoints that the solution is monitoring. Which of the following is described in t...
Question #434Security program management and oversight
Which of the following agreement types is used to limit external discussions?
Question #435Security program management and oversight
A security analyst is evaluating a SaaS application that the human resources department would like to implement. The analyst requests a SOC 2 report from the SaaS vendor. Which of...
Question #436General security concepts
Which of the following is used to conceal credit card information in a database log file?
Question #437Security architecture
SIMULATION 1 A systems administrator is configuring a site-to-site VPN between two branch offices. Some of the settings have already been configured correctly. The systems administ...
Question #439Security program management and oversight
Which of the following topics would most likely be included within an organization's SDLC?
Question #440Security Operations
Which of the following activities should a systems administrator perform to quarantine a potentially infected system?
Question #441Security architecture
An organization is adopting cloud services at a rapid pace and now has multiple SaaS applications in use. Each application has a separate log-in, so the security team wants to redu...
Question #442Security Operations
A company's online shopping website became unusable shortly after midnight on January 30, 2023. When a security analyst reviewed the database server, the analyst noticed the follow...
Question #443Security Operations
Which of the following would be the best way to test resiliency in the event of a primary power failure?
Question #444Threats, vulnerabilities, and mitigations
A company is concerned about the theft of client data from decommissioned laptops. Which of the following is the most cost-effective method to decrease this risk?
Question #445Threats, vulnerabilities, and mitigations
A company relies on open-source software libraries to build the software used by its customers. Which of the following vulnerability types would be the most difficult to remediate...
Question #446Security Operations
While investigating a possible incident, a security analyst discovers the following log entries: Which of the following should the analyst do first?
Question #447Threats, vulnerabilities, and mitigations
Which of the following should be used to ensure an attacker is unable to read the contents of a mobile device's drive if the device is lost?
Question #448Security architecture
An organization plans to expand its operations internationally and needs to keep data at the new location secure. The organization wants to use the most secure architecture model p...
Question #449Security Operations
The security team at a large global company needs to reduce the cost of storing data used for performing investigations. Which of the following types of data should have its retent...
Question #450General security concepts
Which of the following is the primary purpose of a service that tracks log-ins and time spent using the service?
Question #451Security Operations
Which of the following should be used to aggregate log data in order to create alerts and detect anomalous activity?
Question #452Threats, vulnerabilities, and mitigations
Which of the following is a type of vulnerability that refers to the unauthorized installation of applications on a device through means other than the official application store?
Question #453Security Operations
Which of the following types of identification methods can be performed on a deployed application during runtime?
Question #454Security architecture
Which of the following is the best way to provide secure remote access for employees while minimizing the exposure of a company's internal network?
Question #455Security Operations
An administrator must replace an expired SSL certificate. Which of the following does the administrator need to create the new SSL certificate?
Question #456Security Operations
Which of the following strategies should an organization use to efficiently manage and analyze multiple types of logs?
Question #457Security program management and oversight
A customer has a contract with a CSP and wants to identify which controls should be implemented in the IaaS enclave. Which of the following is most likely to contain this informati...
Question #458Threats, vulnerabilities, and mitigations
Which of the following is a type of vulnerability that involves inserting scripts into web-based applications in order to take control of the client's web browser?
Question #459Threats, vulnerabilities, and mitigations
A security analyst receives an alert from a corporate endpoint used by employees to issue visitor badges. The alert contains the following details: Which of the following best desc...
Question #460Threats, vulnerabilities, and mitigations
A penetration test has demonstrated that domain administrator accounts were vulnerable to pass- the-hash attacks. Which of the following would have been the best strategy to preven...
Question #461General security concepts
Which of the following security concepts is accomplished when granting access after an individual has logged into a computer network?
Question #462Security program management and oversight
A security professional discovers a folder containing an employee's personal information on the enterprise's shared drive. Which of the following best describes the data type the s...
Question #463Security Operations
An organization needs to monitor its users' activities to prevent insider threats. Which of the following solutions would help the organization achieve this goal?

PreviousPage 9 of 22Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.