Dumps4free
Go Back on SY0-701 Exam
Available in 1, 3, 6 and 12 Months Free Updates Plans
PDF: $15 $60

Test Engine: $20 $80

PDF + Engine: $25 $99

SY0-701 Practice Test


Page 2 out of 78 Pages

A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?


A. Default credentials


B. Non-segmented network


C. Supply chain vendor


D. Vulnerable software





C.   Supply chain vendor




Explanation:

A supply chain vendor is a third-party entity that provides goods or services to an organization, such as a SaaS provider. A supply chain vendor can pose a risk to the new system if the vendor has poor security practices, breaches, or compromises that could affect the confidentiality, integrity, or availability of the system or its data. The organization should perform due diligence and establish a service level agreement with the vendor to mitigate this risk. The other options are not specific to the scenario of using a SaaS provider, but rather general risks that could apply to any system.

An attacker posing as the Chief Executive Officer calls an employee and instructs the employee to buy gift cards. Which of the following techniques is the attacker using?


A. Smishing


B. Disinformation


C. Impersonating


D. Whaling





C.   Impersonating

Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?


A. Compensating control


B. Network segmentation


C. Transfer of risk


D. SNMP traps





A.   Compensating control

Which of the following is the most likely outcome if a large bank fails an internal PCI DSS compliance assessment?


A. Fines


B. Audit findings


C. Sanctions


D. Reputation damage





B.   Audit findings

A system administrator is assessing the broader context of the company's IT security posture in light of recent expansions in both workstations and servers. This assessment includes understanding the impact of various external and internal factors on the organization's IT infrastructure. Aside from the organization's IT infrastructure itself, what are two other significant factors that should be considered in this assessment? (Select the two best options.)


A. External threat landscape


B. Regulatory/compliance environment


C. Employee cybersecurity awareness


D. Business continuity planning





A.   External threat landscape

B.   Regulatory/compliance environment


Page 2 out of 78 Pages
Previous