SY0-701 V2

Which of the following vulnerabilities is associated with installing software outside of a manufacturer’s approved software repository?A . JailbreakingB . Memory injectionC . Resource reuseD . Side loadingView AnswerAnswer: D Explanation: Side loading is the process of installing software outside of a manufacturer’s approved software repository. This can expose the...

A cyber operations team informs a security analyst about a new tactic malicious actors are using to compromise networks. SIEM alerts have not yet been configured. Which of the following best describes what the security analyst should do to identify this behavior?A . [Digital forensicsB . E-discoveryC . Incident responseD...

A systems administrator works for a local hospital and needs to ensure patient data is protected and secure. Which of the following data classifications should be used to secure patient data?A . PrivateB . CriticalC . SensitiveD . PublicView AnswerAnswer: C Explanation: Data classification is a process of categorizing data...

An enterprise is trying to limit outbound DNS traffic originating from its internal network. Outbound DNS requests will only be allowed from one device with the IP address 10.50.10.25. Which of the following firewall ACLs will accomplish this goal?A . Access list outbound permit 0.0.0.0 0 0.0.0.0/0 port 53 Access...

Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?A . HacktivistB . WhistleblowerC . Organized crimeD . Unskilled attackerView AnswerAnswer: C Explanation: Organized crime is a type of threat actor that is motivated by...

A security practitioner completes a vulnerability assessment on a company’s network and finds several vulnerabilities, which the operations team remediates. Which of the following should be done next?A . Conduct an audit.B . Initiate a penetration test.C . Rescan the network.D . Submit a report.View AnswerAnswer: C Explanation: After completing...

Which of the following is the most likely outcome if a large bank fails an internal PCI DSS compliance assessment?A . FinesB . Audit findingsC . SanctionsD . Reputation damageView AnswerAnswer: A Explanation: PCI DSS is the Payment Card Industry Data Security Standard, which is a set of security requirements...

A data administrator is configuring authentication for a SaaS application and would like to reduce the number of credentials employees need to maintain. The company prefers to use domain credentials to access new SaaS applications. Which of the following methods would allow this functionality?A . SSOB . LEAPC . MFAD...

Which of the following is required for an organization to properly manage its restore process in the event of system failure?A . IRPB . DRPC . RPOD . SDLCView AnswerAnswer: B Explanation: A disaster recovery plan (DRP) is a set of policies and procedures that aim to restore the normal...

A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?A . AcceptB . TransferC . MitigateD . AvoidView AnswerAnswer: B Explanation: Cyber insurance is a type of insurance that covers the financial losses and liabilities that result from cyberattacks,...