A city municipality lost its primary data center when a tornado hit the facility. Which of the following should the city staff use immediately after the disaster to handle essential public services?
Answer(s): C
Option C is correct because a Disaster Recovery Plan (DRP) guides recovery of critical IT systems and data after a catastrophic event to restore essential public services. A) Incorrect — BCP (Business Continuity Plan) focuses on sustaining operations during an event, not the post-disaster restoration of IT infrastructure. B) Incorrect — Communication plan outlines stakeholder and public communications, not the technical recovery of systems. D) Incorrect — IRP (Incident Response Plan) handles detecting, responding to, and recovering from cybersecurity incidents, not broad disaster recovery of data center services.
Which of the following is considered a preventive control?
Answer(s): D
Option D is correct because segregation of duties prevents fraud and error by ensuring no single user has conflicting responsibilities, a preventive control implemented to stop improper actions before they occur. A) Incorrect — configuration auditing is detective, not preventive, as it reviews changes after the fact. B) Incorrect — log correlation analyzes and detects patterns; it’s a detective/control rather than preventive. C) Incorrect — incident alerts notify when an event has occurred, serving as a detection/response mechanism, not a preventive control.
A systems administrator notices that a testing system is down. While investigating, the systems administrator finds that the servers are online and accessible from any device on the server network. The administrator reviews the following information from the monitoring system:Which of the following is the most likely cause of the outage?
Answer(s): A
Option A is correct because a Denial of Service (DoS) causes services to be unavailable to legitimate users, consistent with servers being online but inaccessible on the network from clients. Incorrect — B (ARP poisoning) disrupts local network by spoofing MAC addresses, not fully making servers unreachable from all devices. Incorrect — C (Jamming) typically affects wireless networks; the scenario mentions server network access rather than RF interference. Incorrect — D (Kerberoasting) is an authentication attack against Kerberos; it does not explain a total outage or widespread access from the server network.
A security team has been alerted to a flood of incoming emails that have various subject lines and are addressed to multiple email inboxes. Each email contains a URL shortener link that is redirecting to a dead domain. Which of the following is the best step for the security team to take?
Option D is correct because blocking the URL shortener domain at the web proxy directly prevents users from reaching the malicious redirect, mitigating phishing delivery at the gateway. A) Blocklisting all subject lines is impractical and prone to false positives; attackers can vary subjects. B) DNS sinkhole for the dead domain would only affect DNS lookups, not the actual URL redirection once the link is clicked. C) Quarantining all emails and notifying users is reactive and disruptive; it does not stop the immediate malicious payloads from reaching employees.
A security administrator is working to secure company data on corporate laptops in case the laptops are stolen. Which of the following solutions should the administrator consider?
Option A is correct because disk encryption protects data at rest on laptops, making stolen devices unreadable without the decryption key. B is incorrect since DLP focuses on preventing data loss or exfiltration, not protecting data on a stolen device. C is incorrect because OS hardening reduces vulnerabilities but does not by itself render data unreadable if the device is stolen. D is incorrect since boot security guards startup integrity but does not ensure existing data is inaccessible if the disk is encrypted. Correct — disk encryption ensures confidentiality of stored data on lost or stolen laptops. A) reasonB) reasonC) reasonD) reason
A company needs to keep the fewest records possible, meet compliance needs, and ensure destruction of records that are no longer needed. Which of the following best describes the policy that meets these requirements?
Option C is correct because a retention policy specifies how long records are kept to meet compliance and ensure timely destruction of data no longer needed, supporting data lifecycle management.A) Incorrect — A security policy outlines acceptable use, risk management, and controls, not data retention timelines or destruction requirements.B) Incorrect — A classification policy defines data sensitivity levels and handling rules, but not retention durations or destruction schedules.D) Incorrect — An access control policy governs who can access resources, not retention periods or deletion requirements.
Which of the following is a common source of unintentional corporate credential leakage in cloud environments?
Option A is correct because code repositories often contain hard-coded credentials, API keys, or secrets that admins inadvertently commit, leading to credential leakage in cloud environments. A) correct — Credentials or secrets may be committed in source code or configuration files, leaking access to cloud services. B) incorrect — Dark web exposure is a potential risk but not a common source of inadvertent leakage from internal workflows. C) incorrect — Threat feeds provide intel on threats, not typically a source of leaked credentials. D) incorrect — State actors are potential adversaries, not a common inadvertent leakage source. E) incorrect — Vulnerability databases document flaws, not credentials.
Which of the following is the best reason an organization should enforce a data classification policy to help protect its most sensitive information?
Option C is correct because a data classification policy enables security controls to be defined and enforced based on classification levels, aligning protections with data value and risk. Incorrect — A: While awareness may improve, requiring end users to consider classification does not directly establish security controls. Incorrect — B: Access levels can be derived from classification, but the core purpose is to enforce security requirements; B describes a consequence, not the primary rationale. Incorrect — D: Visibility to analysts before opening a document is not the fundamental reason for policy; access control and protection based on classification is the key.
Share your comments for CompTIA SY0-701 exam with other users:
do we need c# coding to be az204 certified
excellent topics covered
are these really financial cloud questions and answers, seems these are basic admin question and answers
are these comments real
please upload the latest dumps
a company runs its workloads on premises. the company wants to forecast the cost of running a large application on aws. which aws service or tool can the company use to obtain this information? pricing calculator ... the aws pricing calculator is primarily used for estimating future costs
looks interesting
thanks! that’s amazing
the exam dumps are helping me get a solid foundation on the practical techniques and practices needed to be successful in the auditing world.
q 14 should be dmz sever1 and notepad.exe why does note pad have a 443 connection
question # 108, correct answers are business growth and risk reduction.
are these valid chfi questions
question: 162 should be dlp (b)
good exam questions
I have to say this is really close to real exam. Passed my exam with this.
good analytics question
this looks accurate
question 46, the answer should be data "virtualization" (not visualization).
its useful.
Pass this exam 3 days ago. The PDF version and the Xengine App is quite useful.
informative for me.
question 134s answer shoule be "dlp"
in 72 the answer must be [sys_user_has_role] table.
i appreciated the mix of multiple-choice and short answer questions. i passed my exam this morning.
great to find this website, thanks
examination questions seem to be relevant.
planning to take psm test
please allow to download
please provide dumps
is the answer to question 15 correct ? i feel like the answer should be b
its getting more technical
i think these questions are what i need.
helpful assessment
i am confused about the answers to the questions. do you know if the answers are correct?