A security team is addressing a risk associated with the attack surface of the organization's web application over port 443. Currently, no advanced network security capabilities are in place. Which of the following would be best to set up? (Choose two.)
Answer(s): A,E
Option A is correct because a NIDS monitors traffic for threats on the network edge, helping detect malicious activity over port 443 in real-time. Option E is correct because a WAF protects web applications from exploits (SQLi, XSS, CSRF) and enforces rules for traffic to port 443. Incorrect:B is wrong as a honeypot diverts attackers but does not directly protect or monitor production traffic.C is incorrect because a certificate revocation list manages revocations, not threat detection or web app protection.D is incorrect since HIPS focuses on host-based agent protections, not network perimeters.F is incorrect because a SIEM aggregates logs but does not directly mitigate traffic on port 443.
A systems administrator would like to create a point-in-time backup of a virtual machine. Which of the following should the administrator use?
Answer(s): C
Option C is correct because a snapshot captures the VM’s state at a specific point in time, enabling a quick recovery to that exact moment. Replication (A) continuously copies data to another location, not a point-in-time backup. Simulation (B) is for testing scenarios, not creating backups. Containerization (D) packages applications in containers, not VM state backups.
A security administrator notices numerous unused, non-compliant desktops are connected to the network. Which of the following actions would the administrator most likely recommend to the management team?
Answer(s): B
Option B is correct because decommissioning unused, non-compliant desktops removes devices from the network, reducing attack surface and risk from unmanaged endpoints. Monitoring (A) detects issues but does not remove risk; it doesn’t eliminate non-compliant devices. Patching (C) applies updates but requires devices to be managed and online; it does not address devices that are unused or non-compliant. Isolating (D) could mitigate risk by network segmentation, but it may be impractical for portable or unmanaged endpoints and doesn’t remove them from the environment; decommissioning is the definitive action for unused assets.
Which of the following is a common data removal option for companies that want to wipe sensitive data from hard drives in a repeatable manner but allow the hard drives to be reused?
Answer(s): A
Option A is correct because sanitization is a data-removal process that renders data unrecoverable while allowing media reuse, using methods like data sanitization standards or secure erase. Incorrect — B: Formatting does not guarantee data unrecoverability; remnants may be recoverable with specialized tools, and it often leaves data traces. Incorrect — C: Degaussing destroys data magnetically and typically renders the drive unusable, not reusable. Incorrect — D: Defragmentation reorganizes data for efficiency and does not remove sensitive data.
An organization wants to improve the company's security authentication method for remote employees. Given the following requirements:Must work across SaaS and internal network applicationsMust be device manufacturer agnosticMust have offline capabilitiesWhich of the following would be the most appropriate authentication method?
Answer(s): D
Option D is correct because time-based tokens (e.g., TOTP) provide device-agnostic, offline-capable, multi-factor-like authentication that works with SaaS and internal apps without reliance on a specific device or constant network access. They support offline use via generated codes and are vendor-neutral.A) Incorrect — Username and password is plain credentials-based, not offline-capable, and not device-agnostic nor MFA by default.B) Incorrect — Biometrics requires hardware sensors and enrollment, and is not inherently offline or universally SaaS/internal compatible.C) Incorrect — SMS verification relies on network reach and mobile carrier, not offline-capable and less device-agnostic.
Which of the following will a global company doing business in the European Union need to be concerned with to avoid legal privacy implications?
The General Data Protection Regulation governs how organizations collect, process, store, and protect personal data of individuals in the European Union. Any global company doing business in the EU must comply with its privacy and data protection requirements to avoid legal and regulatory penalties.
A malicious update was distributed to a common software platform and disabled services at many organizations. Which of the following best describes this type of vulnerability?
Option D is correct because a malicious update compromising a common software platform represents a supply chain vulnerability, where trusted software or updates are tampered with before reaching end users, causing widespread impact.A) Incorrect — DDoS involves overwhelming a target with traffic, not delivering compromised updates.B) Incorrect — Rogue employee describes insider actions from within, not external update manipulation.C) Incorrect — Insider threat implies an internal actor causing harm, which is not specified here as the update is distributed via the supply chain.
A company web server is initiating outbound traffic to a low-reputation, public IP on non-standard pat. The web server is used to present an unauthenticated page to clients who upload images the company. An analyst notices a suspicious process running on the server hat was not created by the company development team. Which of the following is the most likely explanation for his security incident?
Option A is correct because a web shell provides remote code execution on the web server via an unauthenticated page, enabling outbound connections to a low-reputation IP for data exfiltration or C2. Incorrect B: a worm would generally require a vulnerability, but the scenario emphasizes a web shell presence linked to the unauthenticated page. Incorrect C: cryptocurrency mining by insiders would not typically involve a suspicious process not created by the development team. Incorrect D: a rootkit Trojan over RDP implies remote access; however, the scenario centers on web server compromise via the web page, not RDP.
Share your comments for CompTIA SY0-701 exam with other users:
really good and covers many areas explaining the answer.
yes, can you please upload the exam?
how many questions are there in these dumps?
hi team, please upload this , i need it.
question 14 - run terraform import: this is the recommended best practice for bringing manually created or destroyed resources under terraform management. you use terraform import to associate an existing resource with a terraform resource configuration. this ensures that terraform is aware of the resource, and you can subsequently manage it with terraform.
please upload dump. thanks in advance.
great great
answer 16 should be b your organizational policies require you to use virtual machines directly
the question are kind of tricky of you didnt get the hnag on it.
can anyone tell me if this is for rhel8 or rhel9?
good content
pdb and cdb are critical to the database
till 104 questions are free, lets see how it helps me in my exam today.
question # 56, answer is true not false.
i would be requiring dumps to prepare for certification exam
very helpful
control file is the heart of rman backup
hi could you please upload the ibm c2090-543 dumps
appriciate if you could upload this again
please upload the dump
i found some questions answers mismatch with explanation answers. please properly update
nothing to mention
knowable questions
very helpfull
good questions
its helpful
i just took my oracle exam and let me tell you, this exam dumps was a lifesaver! without them, iam not sure i would have passed. the questions were tricky and the answers were obscure, but the exam dumps had everything i needed. i would recommend to anyone looking to pass their oracle exams with flying colors (and a little bit of cheating) lol.
22. if you need to make sure that one computer in your hot-spot network can access the internet without hot-spot authentication, which menu allows you to do this? answer is ip binding and not wall garden. wall garden allows specified websites to be accessed with users authentication to the hotspot
is question 1 correct?
manged to pass the exam with this exam dumps.
can we please have the latest exam questions?
please help with jn0-649 latest dumps