SY0-701 exam

A penetration tester begins an engagement by performing port and service scans against the client environment according to the rules of engagement. Which of the following reconnaissance types is the tester performing?A . ActiveB . PassiveC . DefensiveD . OffensiveView AnswerAnswer: A Explanation: Active reconnaissance is a type of reconnaissance...

An administrator finds that all user workstations and servers are displaying a message that is associated with files containing an extension of .ryk. Which of the following types of infections is present on the systems?A . VirusB . TrojanC . SpywareD . RansomwareView AnswerAnswer: D Explanation: Ransomware is a type...

Which of the following describes the process of concealing code or text inside a graphical image?A . Symmetric encryptionB . HashingC . Data maskingD . SteganographyView AnswerAnswer: D Explanation: Steganography is the process of hiding information within another medium, such as an image, audio, video, or text file. The hidden...

Which of the following methods to secure credit card data is best to use when a requirement is to see only the last four numbers on a credit card?A . EncryptionB . HashingC . MaskingD . TokenizationView AnswerAnswer: C Explanation: Masking is a method to secure credit card data that...

A security administrator would like to protect data on employees’ laptops. Which of the following encryption techniques should the security administrator use?A . PartitionB . AsymmetricC . Full diskD . DatabaseView AnswerAnswer: C Explanation: Full disk encryption (FDE) is a technique that encrypts all the data on a hard drive,...

A cyber operations team informs a security analyst about a new tactic malicious actors are using to compromise networks. SIEM alerts have not yet been configured. Which of the following best describes what the security analyst should do to identify this behavior?A . [Digital forensicsB . E-discoveryC . Incident responseD...

A company’s legal department drafted sensitive documents in a SaaS application and wants to ensure the documents cannot be accessed by individuals in high-risk countries. Which of the following is the most effective way to limit this access?A . Data maskingB . EncryptionC . Geolocation policyD . Data sovereignty regulationView...

An organization recently updated its security policy to include the following statement: Regular expressions are included in source code to remove special characters such as $, |, ;. &, `, and ? from variables set by forms in a web application. Which of the following best explains the security technique...

An organization is building a new backup data center with cost-benefit as the primary requirement and RTO and RPO values around two days. Which of the following types of sites is the best for this scenario?A . Real-time recoveryB . HotC . ColdD . WarmView AnswerAnswer: C Explanation: A cold...

Which of the following tools can assist with detecting an employee who has accidentally emailed a file containing a customer’s PII?A . SCAPB . Net FlowC . AntivirusD . DLPView AnswerAnswer: D Explanation: DLP stands for Data Loss Prevention, which is a tool that can assist with detecting and preventing...