SY0-701 Exam Dumps | The CIRT is reviewing an incident that involved a human resources recruiter exfiltration sensitive company

Home
CompTIA
CompTIA Security+ Certification Exam
CompTIA.SY0-701.v2024-12-02.q162
Question 156

Valid SY0-701 Dumps shared by ExamDiscuss.com for Helping Passing SY0-701 Exam! ExamDiscuss.com now offer the newest SY0-701 exam dumps, the ExamDiscuss.com SY0-701 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com SY0-701 dumps with Test Engine here:

Access SY0-701 Dumps Premium Version
(645 Q&As Dumps, 35%OFF Special Discount Code: freecram)

<< Prev Question Next Question >>

Question 156/162

The CIRT is reviewing an incident that involved a human resources recruiter exfiltration sensitive company data. The CIRT found that the recruiter was able to use HTTP over port 53 to upload documents to a web server. Which of the following security infrastructure devices could have identified and blocked this activity?

A. WAF utilizing SSL decryption

B. NGFW utilizing application inspection

C. UTM utilizing a threat feed

D. SD-WAN utilizing IPSec

Correct Answer: B

An NGFW (Next-Generation Firewall) utilizing application inspection could have identified and blocked the unusual use of HTTP over port 53. Application inspection allows NGFWs to analyze traffic at the application layer, identifying and blocking suspicious or non-standard protocol usage, such as HTTP traffic on DNS port
53.
* NGFW utilizing application inspection: Inspects traffic at the application layer and can block non- standard protocol usage, such as HTTP over port 53.
* WAF utilizing SSL decryption: Focuses on protecting web applications and decrypting SSL traffic but may not detect the use of HTTP over port 53.
* UTM utilizing a threat feed: Provides comprehensive security but may not focus specifically on application layer inspection.
* SD-WAN utilizing IPSec: Enhances secure WAN connections but is not primarily designed to inspect and block specific application traffic.

Your email address will not be published. Required fields are marked *

Comment: *

Name: *

Email: *

Rating: *

Verification: *

Question List (162q): Question 1: Which of the following would most likely mitigate the impact...; Question 2: A company is utilizing an offshore team to help support the ...; Question 3: Which of the following involves an attempt to take advantage...; Question 4: Which of the following is used to validate a certificate whe...; Question 5: Which of the following describes an executive team that is m...; Question 6: A company has begun labeling all laptops with asset inventor...; Question 7: A security analyst scans a company's public network and disc...; Question 8: A security analyst discovers that a large number of employee...; Question 9: During an investigation, an incident response team attempts ...; Question 10: Which of the following environments utilizes a subset of cus...; Question 11: A growing company would like to enhance the ability of its s...; Question 12: Which of the following describes the category of data that i...; Question 13: Which of the following is a reason why a forensic specialist...; Question 14: During a recent breach, employee credentials were compromise...; Question 15: A technician is opening ports on a firewall for a new system...; Question 16: An organization's internet-facing website was compromised wh...; Question 17: A security practitioner completes a vulnerability assessment...; Question 18: To improve the security at a data center, a security adminis...; Question 19: A company most likely is developing a critical system for th...; Question 20: Two companies are in the process of merging. The companies n...; Question 21: A company is developing a business continuity strategy and n...; Question 22: A company is currently utilizing usernames and passwords, an...; Question 23: After a recent ransomware attack on a company's system, an a...; Question 24: A company wants to get alerts when others are researching an...; Question 25: An organization would like to calculate the time needed to r...; Question 26: A security administrator identifies an application that is s...; Question 27: A company is planning a disaster recovery site and needs to ...; Question 28: Which of the following scenarios describes a possible busine...; Question 29: An enterprise is trying to limit outbound DNS traffic origin...; Question 30: A security analyst developed a script to automate a trivial ...; Question 31: Which of the following tasks is typically included in the BI...; Question 32: Which of the following is the most common data loss path for...; Question 33: A company requires hard drives to be securely wiped before s...; Question 34: The marketing department set up its own project management s...; Question 35: Visitors to a secured facility are required to check in with...; Question 36: A security analyst is reviewing the following logs: Which of...; Question 37: Which of the following examples would be best mitigated by i...; Question 38: Which of the following are cases in which an engineer should...; Question 39: A security audit of an organization revealed that most of th...; Question 40: A legacy device is being decommissioned and is no longer rec...; Question 41: Select the appropriate attack and remediation from each drop...; Question 42: An IT security team is concerned about the confidentiality o...; Question 43: A bank set up a new server that contains customers' Pll. Whi...; Question 44: A company prevented direct access from the database administ...; Question 45: A security team created a document that details the order in...; Question 46: During a security incident, the security operations team ide...; Question 47: Which of the following would best explain why a security ana...; Question 48: A systems administrator wants to prevent users from being ab...; Question 49: An administrator is reviewing a single server's security log...; Question 50: Which of the following is used to add extra complexity befor...; Question 51: An employee fell for a phishing scam, which allowed an attac...; Question 52: A company implemented an MDM policy 10 mitigate risks after ...; Question 53: An analyst is evaluating the implementation of Zero Trust pr...; Question 54: A company wants to verify that the software the company is d...; Question 55: An IT manager is putting together a documented plan describi...; Question 56: A website user is locked out of an account after clicking an...; Question 57: Which of the following would help ensure a security analyst ...; Question 58: Which of the following describes the reason root cause analy...; Question 59: In a rush to meet an end-of-year business goal, the IT depar...; Question 60: An enterprise has been experiencing attacks focused on explo...; Question 61: A security analyst is reviewing alerts in the SIEM related t...; Question 62: A newly identified network access vulnerability has been fou...; Question 63: A security analyst finds a rogue device during a monthly aud...; Question 64: An organization is leveraging a VPN between its headquarters...; Question 65: The management team notices that new accounts that are set u...; Question 66: A manager receives an email that contains a link to receive ...; Question 67: An organization recently started hosting a new service that ...; Question 68: A security analyst is reviewing the source code of an applic...; Question 69: Which of the following describes the maximum allowance of ac...; Question 70: A company's legal department drafted sensitive documents in ...; Question 71: Which of the following describes effective change management...; Question 72: Which of the following is the best way to secure an on-site ...; Question 73: Which of the following best practices gives administrators a...; Question 74: A security analyst locates a potentially malicious video fil...; Question 75: A security administrator is deploying a DLP solution to prev...; Question 76: After conducting a vulnerability scan, a systems administrat...; Question 77: While considering the organization's cloud-adoption strategy...; Question 78: A security analyst is assessing several company firewalls. W...; Question 79: Which of the following penetration testing teams is focused ...; Question 80: An administrator was notified that a user logged in remotely...; Question 81: A user is attempting to patch a critical system, but the pat...; Question 82: Which of the following risks can be mitigated by HTTP header...; Question 83: Which of the following security concepts is the best reason ...; Question 84: A healthcare organization wants to provide a web application...; Question 85: Which of the following incident response activities ensures ...; Question 86: Which of the following teams combines both offensive and def...; Question 87: Which of the following threat actors is the most likely to u...; Question 88: In which of the following scenarios is tokenization the best...; Question 89: A business received a small grant to migrate its infrastruct...; Question 90: A systems administrator is working on a solution with the fo...; Question 91: Which of the following best describe a penetration test that...; Question 92: A software development manager wants to ensure the authentic...; Question 93: A hacker gained access to a system via a phishing attempt th...; Question 94: An engineer moved to another team and is unable to access th...; Question 95: A company is planning to set up a SIEM system and assign an ...; Question 96: A company recently decided to allow employees to work remote...; Question 97: Which of the following can be used to identify potential att...; Question 98: A security team is reviewing the findings in a report that w...; Question 99: Which of the following methods would most likely be used to ...; Question 100: An organization recently updated its security policy to incl...; Question 101: An IT manager informs the entire help desk staff that only t...; Question 102: A spoofed identity was detected for a digital certificate. W...; Question 103: Which of the following must be considered when designing a h...; Question 104: An administrator discovers that some files on a database ser...; Question 105: After a recent vulnerability scan, a security engineer needs...; Question 106: After reviewing the following vulnerability scanning report:...; Question 107: Which of the following has been implemented when a host-base...; Question 108: Which of the following most impacts an administrator's abili...; Question 109: A company is implementing a vendor's security tool in the cl...; Question 110: After an audit, an administrator discovers all users have ac...; Question 111: A new employee logs in to the email system for the first tim...; Question 112: A network administrator deployed a DNS logging tool that tog...; Question 113: An administrator at a small business notices an increase in ...; Question 114: An accounting clerk sent money to an attacker's bank account...; Question 115: Which of the following would be the best ways to ensure only...; Question 116: A bank insists all of its vendors must prevent data loss on ...; Question 117: During a recent company safety stand-down, the cyber-awarene...; Question 118: During a penetration test, a vendor attempts to enter an una...; Question 119: During the onboarding process, an employee needs to create a...; Question 120: A security administrator is configuring fileshares. The admi...; Question 121: A vendor needs to remotely and securely transfer files from ...; Question 122: A company purchased cyber insurance to address items listed ...; Question 123: Which of the following is the best reason to complete an aud...; Question 124: One of a company's vendors sent an analyst a security bullet...; Question 125: A security analyst reviews domain activity logs and notices ...; Question 126: A systems administrator is looking for a low-cost applicatio...; Question 127: A security team is setting up a new environment for hosting ...; Question 128: An organization wants to limit potential impact to its log-i...; Question 129: Which of the following best describe why a process would req...; Question 130: Which of the following would be the best way to block unknow...; Question 131: An attacker posing as the Chief Executive Officer calls an e...; Question 132: Which of the following vulnerabilities is associated with in...; Question 133: A company's marketing department collects, modifies, and sto...; Question 134: A systems administrator is redesigning now devices will perf...; Question 135: A company is concerned about weather events causing damage t...; Question 136: Which of the following is most likely to be deployed to obta...; Question 137: Which of the following best describes why me SMS DIP authent...; Question 138: An IT manager is increasing the security capabilities of an ...; Question 139: A company is expanding its threat surface program and allowi...; Question 140: The marketing department set up its own project management s...; Question 141: A systems administrate wants to implement a backup solution....; Question 142: Which of the following is used to quantitatively measure the...; Question 143: Which of the following would be most useful in determining w...; Question 144: An organization disabled unneeded services and placed a fire...; Question 145: A systems administrator is changing the password policy with...; Question 146: Which of the following would be best suited for constantly c...; Question 147: Which of the following agreement types defines the time fram...; Question 148: An organization is building a new backup data center with co...; Question 149: A software developer released a new application and is distr...; Question 150: A security manager is implementing MFA and patch management....; Question 151: A security analyst is investigating an alert that was produc...; Question 152: A recent penetration test identified that an attacker could ...; Question 153: After a company was compromised, customers initiated a lawsu...; Question 154: An administrator has identified and fingerprinted specific f...; Question 155: Which of the following security control types does an accept...; Question 156: The CIRT is reviewing an incident that involved a human reso...; Question 157: Which of the following is used to protect a computer from vi...; Question 158: A security manager created new documentation to use in respo...; Question 159: A network administrator is working on a project to deploy a ...; Question 160: Which of the following should a systems administrator use to...; Question 161: An administrator is Investigating an incident and discovers ...; Question 162: While investigating a recent security breach an analyst find...

[×]

Download PDF File

Enter your email address to download CompTIA.SY0-701.v2024-12-02.q162.pdf

Email:

Disclaimer:
Freecram doesn't offer Real GIAC Exam Questions. Freecram doesn't offer Real SAP Exam Questions. Freecram doesn't offer Real (ISC)² Exam Questions. Freecram doesn't offer Real CompTIA Exam Questions. Freecram doesn't offer Real Microsoft Exam Questions.
Oracle and Java are registered trademarks of Oracle and/or its affiliates.
Freecram material do not contain actual actual Oracle Exam Questions or material.
Microsoft®, Azure®, Windows®, Windows Vista®, and the Windows logo are registered trademarks of Microsoft Corporation.
Freecram Materials do not contain actual questions and answers from Cisco's Certification Exams. The brand Cisco is a registered trademark of CISCO, Inc.
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Freecram does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. Freecram does not own or claim any ownership on any of the brands.

Question 156/162

LEAVE A REPLY

Download PDF File