Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free CompTIA SY0-701 Practice Exam with Questions & Answers | Set: 8

Questions 106

A Chief Information Security Officer wants to monitor the company's servers for SQLi attacks and allow for comprehensive investigations if an attack occurs. The company uses SSL decryption to allow traffic monitoring. Which of the following strategies would best accomplish this goal?

Options:
A.

Logging all NetFlow traffic into a SIEM

B.

Deploying network traffic sensors on the same subnet as the servers

C.

Logging endpoint and OS-specific security logs

D.

Enabling full packet capture for traffic entering and exiting the servers

CompTIA SY0-701 Premium Access
Questions 107

Users at a company are reporting they are unable to access the URL for a new retail website because it is flagged as gambling and is being blocked.

Which of the following changes would allow users to access the site?

Options:
A.

Creating a firewall rule to allow HTTPS traffic

B.

Configuring the IPS to allow shopping

C.

Tuning the DLP rule that detects credit card data

D.

Updating the categorization in the content filter

Questions 108

A software developer would like to ensure. The source code cannot be reverse engineered or debugged. Which of the following should the developer consider?

Options:
A.

Version control

B.

Obfuscation toolkit

C.

Code reuse

D.

Continuous integration

E.

Stored procedures

Questions 109

A company is discarding a classified storage array and hires an outside vendor to complete the disposal. Which of the following should the company request from the vendor?

Options:
A.

Certification

B.

Inventory list

C.

Classification

D.

Proof of ownership

Questions 110

A systems administrator discovers a system that is no longer receiving support from the vendor. However, this system and its environment are critical to running the business, cannot be modified, and must stay online. Which of the following risk treatments is the most appropriate in this situation?

Options:
A.

Refect

B.

Accept

C.

Transfer

D.

Avoid

Questions 111

A security analyst is investigating a workstation that is suspected of outbound communication to a command-and-control server. During the investigation, the analyst discovered that logs on the endpoint were deleted. Which of the following logs would the analyst most likely look at next?

Options:
A.

IPS

B.

Firewall

C.

ACL

D.

Windows security

Questions 112

A security administrator needs to reduce the attack surface in the company's data centers. Which of the following should the security administrator do to complete this task?

Options:
A.

Implement a honeynet.

B.

Define Group Policy on the servers.

C.

Configure the servers for high availability.

D.

Upgrade end-of-support operating systems.

Questions 113

A company is planning a disaster recovery site and needs to ensure that a single natural disaster would not result in the complete loss of regulated backup data. Which of the following should the company consider?

Options:
A.

Geographic dispersion

B.

Platform diversity

C.

Hot site

D.

Load balancing

Questions 114

Which of the following actors attacking an organization is the most likely to be motivated by personal beliefs?

Options:
A.

Nation-state

B.

Organized crime

C.

Hacktvist

D.

Insider threat

Questions 115

A security consultant is working with a client that wants to physically isolate its secure systems. Which of the following best describes this architecture?

Options:
A.

SDN

B.

Air gapped

C.

Containerized

D.

Highly available

Questions 116

An analyst is reviewing an incident in which a user clicked on a link in a phishing email. Which of the following log sources would the analyst utilize to determine whether the connection was successful?

Options:
A.

Network

B.

System

C.

Application

D.

Authentication

Questions 117

A company is expanding its threat surface program and allowing individuals to security test the company’s internet-facing application. The company will compensate researchers based on the vulnerabilities discovered. Which of the following best describes the program the company is setting up?

Options:
A.

Open-source intelligence

B.

Bug bounty

C.

Red team

D.

Penetration testing

Questions 118

A systems administrator set up a perimeter firewall but continues to notice suspicious connections between internal endpoints. Which of the following should be set up in order to mitigate the threat posed by the suspicious activity?

Options:
A.

Host-based firewall

B.

Web application firewall

C.

Access control list

D.

Application allow list

Questions 119

A security team installs an IPS on an organization's network and needs to configure the system to detect and prevent specific network attacks. Which of the following settings should the team configure first within the IPS?

Options:
A.

Allow list policies

B.

Packet Inspection

C.

Logging and reporting

D.

Firewall rules

Questions 120

The Chief Information Security Officer (CISO) at a large company would like to gain an understanding of how the company's security policies compare to the requirements imposed by external regulators. Which of the following should the CISO use?

Options:
A.

Penetration test

B.

Internal audit

C.

Attestation

D.

External examination