SY0-701 exam

A company decided to reduce the cost of its annual cyber insurance policy by removing the coverage for ransomware attacks. Which of the following analysis elements did the company most likely use in making this decision?A . IMTTRB . RTOC . AROD . MTBFView AnswerAnswer: C Explanation: ARO (Annualized Rate...

Which of the following is the most likely outcome if a large bank fails an internal PCI DSS compliance assessment?A . FinesB . Audit findingsC . SanctionsD . Reputation damageView AnswerAnswer: A Explanation: PCI DSS is the Payment Card Industry Data Security Standard, which is a set of security requirements...

A client asked a security company to provide a document outlining the project, the cost, and the completion time frame. Which of the following documents should the company provide to the client?A . MSAB . SLAC . BPAD . SOWView AnswerAnswer: D Explanation: An ISOW is a document that outlines...

A newly appointed board member with cybersecurity knowledge wants the board of directors to receive a quarterly report detailing the number of incidents that impacted the organization. The systems administrator is creating a way to present the data to the board of directors. Which of the following should the systems...

Which of the following is used to add extra complexity before using a one-way data transformation algorithm?A . Key stretchingB . Data maskingC . SteganographyD . SaltingView AnswerAnswer: D Explanation: Salting is the process of adding extra random data to a password or other data before applying a one-way data...

A U.S.-based cloud-hosting provider wants to expand its data centers to new international locations. Which of the following should the hosting provider consider first?A . Local data protection regulationsB . Risks from hackers residing in other countriesC . Impacts to existing contractual obligationsD . Time zone differences in log correlationView...

An employee clicked a link in an email from a payment website that asked the employee to update contact information. The employee entered the log-in information but received a “page not found” error message. Which of the following types of social engineering attacks occurred?A . Brand impersonationB . PretextingC ....

Which of the following is a hardware-specific vulnerability?A . Firmware versionB . Buffer overflowC . SQL injectionD . Cross-site scriptingView AnswerAnswer: A Explanation: Firmware is a type of software that is embedded in a hardware device, such as a router, a printer, or a BIOS chip. Firmware controls the basic...

A company’s web filter is configured to scan the URL for strings and deny access when matches are found. Which of the following search strings should an analyst employ to prohibit access to non-encrypted websites?A . encryption=offB . http://C . www.*.comD . :443View AnswerAnswer: B Explanation: A web filter is...

The management team notices that new accounts that are set up manually do not always have correct access or permissions. Which of the following automation techniques should a systems administrator use to streamline account creation?A . Guard rail scriptB . Ticketing workflowC . Escalation scriptD . User provisioning scriptView AnswerAnswer:...