SY0-701 exam

Which of the following is the best reason to complete an audit in a banking environment?A . Regulatory requirementB . Organizational changeC . Self-assessment requirementD . Service-level requirementView AnswerAnswer: A Explanation: A regulatory requirement is a mandate imposed by a government or an authority that must be followed by an...

Which of the following is the most likely to be included as an element of communication in a security awareness program?A . Reporting phishing attempts or other suspicious activitiesB . Detecting insider threats using anomalous behavior recognitionC . Verifying information when modifying wire transfer dataD . Performing social engineering as...

A security analyst reviews domain activity logs and notices the following: Which of the following is the best explanation for what the security analyst has discovered?A . The user jsmith's account has been locked out.B . A keylogger is installed on [smith's workstationC . An attacker is attempting to brute...

A security analyst is reviewing the following logs: Which of the following attacks is most likely occurring?A . Password sprayingB . Account forgeryC . Pass-t he-hashD . Brute-forceView AnswerAnswer: A Explanation: Password spraying is a type of brute force attack that tries common passwords across several accounts to find a...

While troubleshooting a firewall configuration, a technician determines that a “deny any” policy should be added to the bottom of the ACL. The technician updates the policy, but the new policy causes several company servers to become unreachable. Which of the following actions would prevent this issue?A . Documenting the...

Several employees received a fraudulent text message from someone claiming to be the Chief Executive Officer (CEO). The message stated: “I’m in an airport right now with no access to email. I need you to buy gift cards for employee recognition awards. Please send the gift cards to following email...

An organization is leveraging a VPN between its headquarters and a branch location. Which of the following is the VPN protecting?A . Data in useB . Data in transitC . Geographic restrictionsD . Data sovereigntyView AnswerAnswer: B Explanation: Data in transit is data that is moving from one location to...

Which of the following roles, according to the shared responsibility model, is responsible for securing the company’s database in an IaaS model for a cloud environment?A . ClientB . Third-party vendorC . Cloud providerD . DBAView AnswerAnswer: A Explanation: According to the shared responsibility model, the client and the cloud...

An enterprise is trying to limit outbound DNS traffic originating from its internal network. Outbound DNS requests will only be allowed from one device with the IP address 10.50.10.25. Which of the following firewall ACLs will accomplish this goal?A . Access list outbound permit 0.0.0.0 0 0.0.0.0/0 port 53 Access...

Which of the following automation use cases would best enhance the security posture of an organization by rapidly updating permissions when employees leave a company?A . Provisioning resourcesB . Disabling accessC . Reviewing change approvalsD . Escalating permission requestsView AnswerAnswer: B Explanation: Disabling access is an automation use case that...