Master CompTIA SY0-701 Exam with Reliable Practice Questions
Upgrade to Premium
A security analyst developed a script to automate a trivial and repeatable task. Which of the following best describes the benefits of ensuring other team members understand how the script works?
Correct : D
Ensuring that other team members understand how a script works is essential to prevent a single point of failure. If only one person knows how the script operates, the organization risks being unable to maintain or troubleshoot it if that person is unavailable. Sharing knowledge ensures continuity and reduces dependence on one individual.
Reducing implementation cost and remediating technical debt are secondary considerations in this context.
Identifying complexity is important, but the main benefit is to avoid a single point of failure.
Start a Discussions
A bank set up a new server that contains customers' Pll. Which of the following should the bank use to make sure the sensitive data is not modified?
Correct : C
To ensure that sensitive data, such as Personally Identifiable Information (PII), is not modified, the bank should implement file integrity monitoring (FIM). FIM tracks changes to files and provides alerts if unauthorized modifications are detected, ensuring data integrity.
Full disk encryption protects data at rest but does not prevent or monitor modifications.
Network access control (NAC) manages access to the network but doesn't monitor file changes.
User behavior analytics (UBA) detects suspicious user activities but is not focused on file integrity.
Start a Discussions
A legacy device is being decommissioned and is no longer receiving updates or patches. Which of the following describes this scenario?
Correct : D
When a legacy device is no longer receiving updates or patches, it is considered to be at the end of life (EOL). This means the manufacturer has ceased support for the device, and it will no longer receive updates, security patches, or technical assistance. EOL devices pose security risks and are often decommissioned or replaced.
End of support may seem similar but typically refers to the cessation of technical support, whereas EOL means the device is fully retired.
End of business and End of testing do not apply in this context.
Start a Discussions
Employees located off-site must have access to company resources in order to complete their assigned tasks These employees utilize a solution that allows remote access without interception concerns. Which of the following best describes this solution?
Correct : C
A Virtual Private Network (VPN) is the best solution to allow remote employees secure access to company resources without interception concerns. A VPN establishes an encrypted tunnel over the internet, ensuring that data transferred between remote employees and the company is secure from eavesdropping.
Proxy server helps with web content filtering and anonymization but does not provide encrypted access.
NGFW (Next-Generation Firewall) enhances security but is not the primary tool for enabling remote access.
Security zone is a network segmentation technique but does not provide remote access capabilities.
Start a Discussions
Which of the following alert types is the most likely to be ignored over time?
Correct : C
A false positive is an alert that incorrectly identifies benign activity as malicious. Over time, if an alerting system generates too many false positives, security teams are likely to ignore these alerts, resulting in 'alert fatigue.' This increases the risk of missing genuine threats.
True positives and true negatives are accurate and should be acted upon.
False negatives are more dangerous because they fail to identify real threats, but they are not 'ignored' since they do not trigger alerts.
Start a Discussions