SYO701-1-50

1 An organization is building a new backup data center with cost-benefit as the primary requirement and RTO and RPO values around two days. Which of the following types of sites is the best for this scenario?

2 A business received a small grant to migrate its infrastructure to an off-premises solution. Which of the following should be considered first?

3 An organization wants a third-party vendor to do a penetration test that targets a specific device. The organization has provided basic information about the device. Which of the following best describes this kind of penetration test?

4 Which of the following is the best way to consistently determine on a daily basis whether security settings on servers have been modified?

5 Which of the following is the most common data loss path for an air-gapped network?

6 During an investigation, an incident response team attempts to understand the source of an incident. Which of the following incident response activities describes this process?

7 An IT manager informs the entire help desk staff that only the IT manager and the help desk lead will have access to the administrator console of the help desk software. Which of the following security techniques is the IT manager setting up?

8 Which of the following can best protect against an employee inadvertently installing malware on a company system?

9 Which of the following is used to validate a certificate when it is presented to a user?

10 Employees in the research and development business unit receive extensive training to ensure they understand how to best protect company data. Which of the following is the type of data these employees are most likely to use in day-to-day work activities?

11 A security administrator would like to protect data on employees' laptops. Which of the following encryption techniques should the security administrator use?

12 Which of the following is used to quantitatively measure the criticality of a vulnerability?

13 A client asked a security company to provide a document outlining the project, the cost, and the completion time frame. Which of the following documents should the company provide to the client?

14 Which of the following scenarios describes a possible business email compromise attack?

15 Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?

16 A technician needs to apply a high-priority patch to a production system. Which of the following steps should be taken first?

17 A security consultant needs secure, remote access to a client environment. Which of the following should the security consultant most likely use to gain access?

18 A user is attempting to patch a critical system, but the patch fails to transfer. Which of the following access controls is most likely inhibiting the transfer?

19 A company is discarding a classified storage array and hires an outside vendor to complete the disposal. Which of the following should the company request from the vendor?

20 An administrator assists the legal and compliance team with ensuring information about customer transactions is archived for the proper time period. Which of the following data policies is the administrator carrying out?

21 A security operations center determines that the malicious activity detected on a server is normal. Which of the following activities describes the act of ignoring detected activity in the future?

22 Which of the following provides the details about the terms of a test with a third-party penetration tester?

23 Which of the following would be the best way to block unknown programs from executing?

24 A security practitioner completes a vulnerability assessment on a company's network and finds several vulnerabilities, which the operations team remediates. Which of the following should be done next?

25 Which of the following is a hardware-specific vulnerability?

26 Which of the following methods to secure credit card data is best to use when a requirement is to see only the last four numbers on a credit card?

27 Which of the following is used to protect a computer from viruses, malware, and Trojans being installed and moving laterally across the network?

28 A security administrator needs a method to secure data in an environment that includes some form of checks so that the administrator can track any changes. Which of the following should the administrator set up to achieve this goal?

29 Which of the following would be the best ways to ensure only authorized personnel can access a secure facility? (Select two).

30 Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?

31 A newly identified network access vulnerability has been found in the OS of legacy loT devices. Which of the following would best mitigate this vulnerability quickly

32 Which of the following should a systems administrator use to ensure an easy deployment of resources within the cloud provider?

33 A company is expanding its threat surface program and allowing individuals to security test the company's internet-facing application. The company will compensate researchers based on the vulnerabilities discovered. Which of the following best describes the program the company is setting up?

34 Which of the following must be considered when designing a high-availability network?(Select two).

35 A company decided to reduce the cost of its annual cyber insurance policy by removing the coverage for ransomware attacks. Which of the following analysis elements did the company most likely use in making this decision?

36 A network manager wants to protect the company's VPN by implementing multifactor authentication that uses: . Something you know . Something you have . Something you are Which of the following would accomplish the manager's goal?

37 During the onboarding process, an employee needs to create a password for an intranet account. The password must include ten characters, numbers, and letters, and two special characters. Once the password is created, the company will grant the employee access to other company-owned websites based on the intranet profile. Which of the following access management concepts is the company most likely using to safeguard intranet accounts and grant access to multiple sites based on a user's intranet account? (Select two).

38 A company hired a consultant to perform an offensive security assessment covering penetration testing and social engineering. Which of the following teams will conduct this assessment activity?

39 Which of the following automation use cases would best enhance the security posture of an organization by rapidly updating permissions when employees leave a company?

40 Which of the following can be used to identify potential attacker activities without affecting production servers?

41 Which of the following describes the reason root cause analysis should be conducted as part of incident response?

42 A systems administrator is looking for a low-cost application-hosting solution that is cloudbased. Which of the following meets these requirements

43 Which of the following threat actors is the most likely to use large financial resources to attack critical systems located in other countries?

44 A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?

45 A company prevented direct access from the database administrators' workstations to the network segment that contains database servers. Which of the following should a database administrator use to access the database servers?

46 A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?

47 Which of the following is the best reason to complete an audit in a banking environment?

48 A Chief Information Security Officer (CISO) wants to explicitly raise awareness about the increase of ransomware-as-a-service in a report to the management team. Which of the following best describes the threat actor in the CISO's report?

49 A security analyst and the management team are reviewing the organizational performance of a recent phishing campaign. The user click-through rate exceeded the acceptable risk threshold, and the management team wants to reduce the impact when a user clicks on a link in a phishing message. Which of the following should the analyst do?

50 A company's marketing department collects, modifies, and stores sensitive customer data. The infrastructure team is responsible for securing the data while in transit and at rest. Which of the following data roles describes the customer?