SY0-701 CertMaster CE Domain 4.0
Questions and Answers 100% Correct
Network security baselines - ANSWER-The IT team of a medium-sized business is
planning to enhance network security. They want to enforce minimum security controls
and configurations across all network devices, including firewalls, routers, and switches.
What should they establish to achieve this objective?
Endpoint logs, log files generated by the OS components of the affected host computer,
and logs from the host-based intrusion detection system. - ANSWER-A security
operations analyst at a financial institution analyzes an incident involving unauthorized
transactions. The analyst suspects that a malware infection on one of the endpoints
might have led to the unauthorized access. To identify the root cause and trace the
activities of the suspected malware, which combination of data sources should the
analyst primarily consider?
Something you have - ANSWER-After a breach, an organization implements new
multifactor authentication (MFA) protocols. What MFA philosophy incorporates using a
smart card or key fob to support authentication?
Patching - ANSWER-A cyber team is responding to regulatory requirements after the
organization falls victim to a breach. What remediation practice involves the application
of updates to systems to fix known vulnerabilities?
Agent-based filtering - ANSWER-An organization wants to enhance its cybersecurity by
implementing web filtering. The company needs a solution that provides granular control
over web traffic, ensures policy enforcement even when employees are off the
corporate network, and can log and analyze Internet usage patterns. Which of the
following strategies BEST meets these requirements?
Can lead to delays in remediation, Increase window of opportunity for attackers -
ANSWER-An IT admin has been testing a newly released software patch and
discovered an exploitable vulnerability. The manager directs the IT admin to
immediately report to Common Vulnerability and Exposures (CVE), utilizing the
Common Vulnerability Scoring System (CVSS) to base the score for the vulnerability.
What could happen if there are delays in completing the report? (Select the two best
options.)
DKIM - ANSWER-A cyber technician is enhancing application security capabilities for
corporate email accounts following a breach. Which of the following options leverages
encryption features to enable email verification by allowing the sender to sign emails
using a digital signature?
, Provisioning and de-provisioning of user accounts involve creating, modifying, and
removing user accounts to maintain appropriate access levels. The principle of least
privilege guides the assignment of permissions, ensuring users have only the necessary
access for their job roles. - ANSWER-At a large company, the IT department manages
user accounts and permissions for the organization's various systems. The IT team
employs a well-structured provisioning and de-provisioning process to create, modify,
and remove user accounts and assign permissions to minimize potential security risks.
Which statements related to user account provisioning and permission assignments are
correct? (Select the two best options.)
Automatically update the vulnerability scanner's database via a vulnerability feed
Integrate the scanner with the Security Content Automation Protocol (SCAP)
Adjust the environmental variables within the vulnerability management system -
ANSWER-A new system administrator has been spending the morning manually
entering new vulnerability signatures based on Common Vulnerabilities and Exposures
(CVE) data and using the Common Vulnerability Scoring System (CVSS) for
remediation guidance. To enhance efficiency and ensure the vulnerability scanner
remains up-to-date with minimal manual effort, what actions should the administrator
have taken instead? (Select the three best options.)
Incident response plan - ANSWER-During the process of merging two companies, the
integrated security team is tasked with consolidating their approaches to managing
cybersecurity incidents. Which comprehensive document should be developed to
outline the overall strategy and procedures for incident response, encompassing
preparation, identification, containment, eradication, recovery, communication protocols,
and contacts and resources for responders?
Degaussing the servers, rendering the data irretrievable, followed by reselling or
recycling the servers after certification - ANSWER-A financial services company is
decommissioning many servers that contain highly sensitive financial information. The
company's data protection policy stipulates the need to use the most secure data
destruction methods and comply with strict regulatory requirements. The company also
has a significant environmental sustainability commitment and seeks to minimize waste
wherever possible. What should the company's primary course of action be during this
process?
- ANSWER-A chief security officer (CSO) is overseeing the deployment of a Security
Information and Event Management (SIEM) system in a large organization with a mix of
computer systems and network appliances. The CSO has concerns about the system
resources that the data collection process on the individual computer systems utilizes.
Which method should the CSO consider to minimize the resource usage on these
systems while ensuring effective data collection for the SIEM system?
Network segmentation
Compensating controls - ANSWER-A proprietary software remains mission-critical ten
years after its in-house creation. The software requires an exception to the rules as it
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller NursingTutor1. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
