A company allows customers to upload PDF documents to its public e-commerce website. Which of the following would a security analyst most likely recommend?
Answer(s): B
Option B is correct because enabling malware detection through a UTM provides comprehensive protection for file uploads by inspecting content and detecting malicious payloads across the network boundary, which is appropriate for preventing malware in PDFs from reaching internal systems. A) Incorrect — attack signatures in an IDS detect known threats on the network but do not actively scan uploads for malware at the perimeter with PDF content. C) Incorrect — a load balancer limits traffic distribution, not malware payload inspection or detection. D) Incorrect — a WAF blocks web app attacks like SQLi or XSS but there is no explicit focus on detecting malware in uploaded PDFs.
A security analyst developed a script to automate a trivial and repeatable task. Which of the following best describes the benefits of ensuring other team members understand how the script works?
Answer(s): D
Option D is correct because ensuring others understand the script reduces the risk of a single point of failure: if only one person knows how it works, outages or knowledge loss can halt automation. A) To reduce implementation cost is not directly about sharing knowledge; costs may vary. B) To identify complexity could be a byproduct but the primary benefit here is resilience against reliance on one person. C) To remediate technical debt involves addressing suboptimal code, not primarily collaboration or redundancy. INSUFFICIENT_KNOWLEDGE is not appropriate since the reasoning above is solid.
A company is decommissioning its physical servers and replacing them with an architecture that will reduce the number of individual operating systems. Which of the following strategies should the company use to achieve this security requirement?
Option B is correct because containerization reduces the number of distinct OS instances by packaging applications with their dependencies in isolated containers, improving security through process isolation and easier patching. A) Microservices describe an architectural style, not a OS reduction strategy. C) Virtualization creates multiple VMs with separate OS instances, increasing OS count. D) Infrastructure as code is about managing infrastructure declaratively, not reducing OS instances.
An administrator needs to perform server hardening before deployment. Which of the following steps should the administrator take? (Choose two.)
Answer(s): A,C
Option A is correct because disabling default accounts reduces attack surface and prevents common credential abuse.Option C is correct because removing unnecessary services minimizes exposure, reduces potential vulnerabilities, and lowers maintenance risk.B is incorrect because adding to asset inventory is a best practice but not a hardening action per se; it does not directly reduce attack surface.D is incorrect because documenting default passwords is insecure; passwords should be changed or securely managed, not documented.E is incorrect because forwarding logs to a SIEM is logging/monitoring, not a hardening step.F is incorrect because joining to the domain is a configuration decision, not a core hardening action.
A Chief Information Security Officer would like to conduct frequent, detailed reviews of systems and proceduresto track compliance objectives. Which of the following will be the best method to achieve this objective?
Answer(s): C
Option C is correct because internal auditing provides ongoing, formal reviews of processes, controls, and compliance objectives within an organization, enabling frequent assessments and independent assurance. A) Third-party attestation can validate controls but is external and not continuous. B) Penetration testing simulates attacks to find exploitable vulnerabilities, not a routine compliance review. D) Vulnerability scans identify known weaknesses but do not assess procedural adherence or control effectiveness across the organization.
Which of the following security concepts is accomplished with the installation of a RADIUS server?
Option B is correct because a RADIUS server provides Authentication, Authorization, and Accounting (AAA) services for centralized access control. A) CIA is not specifically accomplished by RADIUS; confidentiality, integrity, and availability are broader objectives of security but not uniquely implemented by RADIUS. C) ACLs are access control lists used on devices to permit/deny traffic, not a RADIUS service. D) PEM refers to Privacy-Enhanced Mail or a certificate/key container format, not a RADIUS-based AAA solution.
After creating a contract for IT contractors, the human resources department changed several clauses. The contract has gone through three revisions. Which of the following processes should the human resources department follow to track revisions?
Option D is correct because version control tracks changes to documents, preserves history, and supports auditability across revisions, which is essential for contractual documents with multiple revisions. Incorrect — A (version validation) implies checking validity of a version, not tracking changes. Incorrect — B (version changes) describes changes themselves, not the mechanism to manage versions. Incorrect — C (version updates) suggests updating versions but not the formal system that records all revisions and authors.
The executive management team is mandating the company develop a disaster recovery plan. The cost must be kept to a minimum, and the money to fund additional internet connections is not available. Which of the following would be the best option?
Option B is correct because a cold site provides minimal facility with basic power, cooling, and space but requires the longest time to recover and lowest ongoing costs, aligning with a low-cost DR strategy. A) Hot site is immediately usable with full replication and high cost, not suitable when funds are limited. C) Failover site is not a standard DR site type; it’s a process/ capability term often implying automatic switching, not a facility option. D) Warm site requires more infrastructure and faster failover than cold but higher cost than a cold site, which contradicts the cost constraint.
Share your comments for CompTIA SY0-701 exam with other users:
i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.
in question 272 the right answer states that an autonomous acces point is "configured and managed by the wlc" but this is not what i have learned in my ccna course. is this a mistake? i understand that lightweight aps are managed by wlc while autonomous work as standalones on the wlan.
it was helpful
good question
really nice
please i need dumps for isc2 cybersecuity
ans is coldline i think
very helpful
can you please provide dumps so that it helps me more
thank you for providing me with the updated question and answers. this version has all the questions from the exam. i just saw them in my exam this morning. i passed my exam today.
how i can see exam questions?
can you please upload please?
question 75: option c is correct answer
please add this exam
please upoad
has anyone recently attended safe 6.0 certification? is it the samq question from here.
expository experience
52 should be b&c. controller failure has nothing to do with this type of issue. degraded state tells us its a raid issue, and if the os is missing then the bootable device isnt found. the only other consideration could be data loss but thats somewhat broad whereas b&c show understanding of the specific issues the question is asking about.
great help!!!
very useful tools
looks a good platform to prepare az-104
want to pass the exam
good resource
question 11 : d
only the free dumps will be enough for pass, or have to purchase the premium one. please suggest.
good questions. thanks.
good for practice.
great case study
the questions in this exam dumps is valid. i passed my test last monday. i only whish they had their pricing in inr instead of usd. but it is still worth it.
q40 the answer is not d, why are you giving incorrect answers? snapshot consolidation is used to merge the snapshot delta disk files to the vm base disk
thanks, very relevant
wrong answer. it is true not false.
please i need the mo-100 questions
very good use full