SY0-701 V1

A client asked a security company to provide a document outlining the project, the cost, and the completion time frame. Which of the following documents should the company provide to the client?A . MSAB . SLAC . BPAD . SOWView AnswerAnswer: D Explanation: An ISOW is a document that outlines...

A penetration tester begins an engagement by performing port and service scans against the client environment according to the rules of engagement. Which of the following reconnaissance types is the tester performing?A . ActiveB . PassiveC . DefensiveD . OffensiveView AnswerAnswer: A Explanation: Active reconnaissance is a type of reconnaissance...

A newly appointed board member with cybersecurity knowledge wants the board of directors to receive a quarterly report detailing the number of incidents that impacted the organization. The systems administrator is creating a way to present the data to the board of directors. Which of the following should the systems...

Which of the following vulnerabilities is associated with installing software outside of a manufacturer’s approved software repository?A . JailbreakingB . Memory injectionC . Resource reuseD . Side loadingView AnswerAnswer: D Explanation: Side loading is the process of installing software outside of a manufacturer’s approved software repository. This can expose the...

A technician needs to apply a high-priority patch to a production system. Which of the following steps should be taken first?A . Air gap the system.B . Move the system to a different network segment.C . Create a change control request.D . Apply the patch to the system.View AnswerAnswer: C...

A company prevented direct access from the database administrators’ workstations to the network segment that contains database servers. Which of the following should a database administrator use to access the database servers?A . Jump serverB . RADIUSC . HSMD . Load balancerView AnswerAnswer: A Explanation: A jump server is a...

Which of the following scenarios describes a possible business email compromise attack?A . An employee receives a gift card request in an email that has an executive's name in the display field of the email.B . Employees who open an email attachment receive messages demanding payment in order to access...

A company needs to provide administrative access to internal resources while minimizing the traffic allowed through the security boundary. Which of the following methods is most secure?A . Implementing a bastion hostB . Deploying a perimeter networkC . Installing a WAFD . Utilizing single sign-onView AnswerAnswer: A Explanation: A bastion...

A security analyst is reviewing alerts in the SIEM related to potential malicious network traffic coming from an employee’s corporate laptop. The security analyst has determined that additional data about the executable running on the machine is necessary to continue the investigation. Which of the following logs should the analyst...

An administrator notices that several users are logging in from suspicious IP addresses. After speaking with the users, the administrator determines that the employees were not logging in from those IP addresses and resets the affected users’ passwords. Which of the following should the administrator implement to prevent this type...