A city municipality lost its primary data center when a tornado hit the facility. Which of the following should the city staff use immediately after the disaster to handle essential public services?
Answer(s): C
Option C is correct because a Disaster Recovery Plan (DRP) guides recovery of critical IT systems and data after a catastrophic event to restore essential public services. A) Incorrect — BCP (Business Continuity Plan) focuses on sustaining operations during an event, not the post-disaster restoration of IT infrastructure. B) Incorrect — Communication plan outlines stakeholder and public communications, not the technical recovery of systems. D) Incorrect — IRP (Incident Response Plan) handles detecting, responding to, and recovering from cybersecurity incidents, not broad disaster recovery of data center services.
Which of the following is considered a preventive control?
Answer(s): D
Option D is correct because segregation of duties prevents fraud and error by ensuring no single user has conflicting responsibilities, a preventive control implemented to stop improper actions before they occur. A) Incorrect — configuration auditing is detective, not preventive, as it reviews changes after the fact. B) Incorrect — log correlation analyzes and detects patterns; it’s a detective/control rather than preventive. C) Incorrect — incident alerts notify when an event has occurred, serving as a detection/response mechanism, not a preventive control.
A systems administrator notices that a testing system is down. While investigating, the systems administrator finds that the servers are online and accessible from any device on the server network. The administrator reviews the following information from the monitoring system:Which of the following is the most likely cause of the outage?
Answer(s): A
Option A is correct because a Denial of Service (DoS) causes services to be unavailable to legitimate users, consistent with servers being online but inaccessible on the network from clients. Incorrect — B (ARP poisoning) disrupts local network by spoofing MAC addresses, not fully making servers unreachable from all devices. Incorrect — C (Jamming) typically affects wireless networks; the scenario mentions server network access rather than RF interference. Incorrect — D (Kerberoasting) is an authentication attack against Kerberos; it does not explain a total outage or widespread access from the server network.
A security team has been alerted to a flood of incoming emails that have various subject lines and are addressed to multiple email inboxes. Each email contains a URL shortener link that is redirecting to a dead domain. Which of the following is the best step for the security team to take?
Option D is correct because blocking the URL shortener domain at the web proxy directly prevents users from reaching the malicious redirect, mitigating phishing delivery at the gateway. A) Blocklisting all subject lines is impractical and prone to false positives; attackers can vary subjects. B) DNS sinkhole for the dead domain would only affect DNS lookups, not the actual URL redirection once the link is clicked. C) Quarantining all emails and notifying users is reactive and disruptive; it does not stop the immediate malicious payloads from reaching employees.
A security administrator is working to secure company data on corporate laptops in case the laptops are stolen. Which of the following solutions should the administrator consider?
Option A is correct because disk encryption protects data at rest on laptops, making stolen devices unreadable without the decryption key. B is incorrect since DLP focuses on preventing data loss or exfiltration, not protecting data on a stolen device. C is incorrect because OS hardening reduces vulnerabilities but does not by itself render data unreadable if the device is stolen. D is incorrect since boot security guards startup integrity but does not ensure existing data is inaccessible if the disk is encrypted. Correct — disk encryption ensures confidentiality of stored data on lost or stolen laptops. A) reasonB) reasonC) reasonD) reason
A company needs to keep the fewest records possible, meet compliance needs, and ensure destruction of records that are no longer needed. Which of the following best describes the policy that meets these requirements?
Option C is correct because a retention policy specifies how long records are kept to meet compliance and ensure timely destruction of data no longer needed, supporting data lifecycle management.A) Incorrect — A security policy outlines acceptable use, risk management, and controls, not data retention timelines or destruction requirements.B) Incorrect — A classification policy defines data sensitivity levels and handling rules, but not retention durations or destruction schedules.D) Incorrect — An access control policy governs who can access resources, not retention periods or deletion requirements.
Which of the following is a common source of unintentional corporate credential leakage in cloud environments?
Option A is correct because code repositories often contain hard-coded credentials, API keys, or secrets that admins inadvertently commit, leading to credential leakage in cloud environments. A) correct — Credentials or secrets may be committed in source code or configuration files, leaking access to cloud services. B) incorrect — Dark web exposure is a potential risk but not a common source of inadvertent leakage from internal workflows. C) incorrect — Threat feeds provide intel on threats, not typically a source of leaked credentials. D) incorrect — State actors are potential adversaries, not a common inadvertent leakage source. E) incorrect — Vulnerability databases document flaws, not credentials.
Which of the following is the best reason an organization should enforce a data classification policy to help protect its most sensitive information?
Option C is correct because a data classification policy enables security controls to be defined and enforced based on classification levels, aligning protections with data value and risk. Incorrect — A: While awareness may improve, requiring end users to consider classification does not directly establish security controls. Incorrect — B: Access levels can be derived from classification, but the core purpose is to enforce security requirements; B describes a consequence, not the primary rationale. Incorrect — D: Visibility to analysts before opening a document is not the fundamental reason for policy; access control and protection based on classification is the key.
Share your comments for CompTIA SY0-701 exam with other users:
this is useful information
looks usefull
question 81 should be c.
question 18 : response isnt a ?
plaese add questions
is dumps still valid ?
thanks for this
please upload questions
please upload the question dump for professional machinelearning
question 4 answer is c. this site shows the correct answer as b. "adopt a consumption model" is clearly a cost optimization design principle. looks like im done using this site to study!!!
number 52 answer is d
just started preparing for my exam , and this site is so much help
question 35 is incorrect, the correct answer is c, it even states so: explanation: when a vm is infected with ransomware, you should not restore the vm to the infected vm. this is because the ransomware will still be present on the vm, and it will encrypt the files again. you should also not restore the vm to any vm within the companys subscription. this is because the ransomware could spread to other vms in the subscription. the best way to restore a vm that is infected with ransomware is to restore it to a new azure vm. this will ensure that the ransomware is not present on the new vm.
i would like to take psm1 exam.
cbd and pdb are key to the database
the purchase and download process is very much streamlined. the xengine application is very nice and user-friendly but there is always room for improvement.
please upload p_sapea_2023
anyone use this? the question dont seem to follow other formats and terminology i have been studying im getting worried
good questions
hello are these questions valid for ms-102
some questions are wrongly answered but its good nonetheless
how to get system serial number using intune
is it really helpful to pass the exam
#229 in incorrect - all the customers require an annual review
kindy upload
fantastic assessment on psm 1
56 question correct answer a,b
thank you for providing the q bank
true quesstions
i can´t believe ms asks things like this, seems to be only marketing material.
hi, could you please add the last update of ns0-527
question #3 refers to vnet4 and vnet5. however, there is no vnet5 listed in the case study (testlet 2).
sometimes it may be good some times it may be
qs 4 answer seems wrong- please check