Valid SY0-701 Dumps shared by ExamDiscuss.com for Helping Passing SY0-701 Exam! ExamDiscuss.com now offer the newest SY0-701 exam dumps, the ExamDiscuss.com SY0-701 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com SY0-701 dumps with Test Engine here:
Access SY0-701 Dumps Premium Version
(645 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 102/200
A security analyst received a tip that sensitive proprietary information was leaked to the public.
The analyst is reviewing the PCAP and notices traffic between an internal server and an external host that includes the following:
...
12:47:22.327233 PPPoE [ses 0x8122] IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto IPv6 (41), length 331) 10.5.1.1 > 52.165.16.154: IP6 (hlim E3, next-header TCP (6) paylcad length: 271)
2001:67c:2158:a019::ace.53104 >
2001:0:5ef5:79fd:380c:dddd:a601:24fa.13788: Flags [P.], cksum 0xd7ee
(correct), seq 97:348, ack 102, win 16444, length 251
...
Which of the following was most likely used to exfiltrate the data?
The analyst is reviewing the PCAP and notices traffic between an internal server and an external host that includes the following:
...
12:47:22.327233 PPPoE [ses 0x8122] IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto IPv6 (41), length 331) 10.5.1.1 > 52.165.16.154: IP6 (hlim E3, next-header TCP (6) paylcad length: 271)
2001:67c:2158:a019::ace.53104 >
2001:0:5ef5:79fd:380c:dddd:a601:24fa.13788: Flags [P.], cksum 0xd7ee
(correct), seq 97:348, ack 102, win 16444, length 251
...
Which of the following was most likely used to exfiltrate the data?
Correct Answer: A
The PCAP shows traffic using IPv6 encapsulated within IPv4 (proto IPv6 (41)), which could be used to hide sensitive data within seemingly normal network traffic. This encapsulation technique can potentially bypass certain security controls and filters, making it an effective method for data exfiltration.
- Question List (200q)
- Question 1: An auditor discovered multiple insecure ports on some server...
- Question 2: A technician is opening ports on a firewall for a new system...
- Question 3: During a penetration test, a vendor attempts to enter an una...
- Question 4: An organization is adopting cloud services at a rapid pace a...
- Question 5: To improve the security at a data center, a security adminis...
- Question 6: A systems administrator set up a perimeter firewall but cont...
- Question 7: A security analyst is creating base for the server team to f...
- Question 8: An organization is struggling with scaling issues on its VPN...
- Question 9: A website user is locked out of an account after clicking an...
- Question 10: Which of the following best describes a use case for a DNS s...
- Question 11: The Cruel Information Security Officer (CISO) asks a securit...
- Question 12: A security officer is implementing a security awareness prog...
- Question 13: Which of the following is most likely to be deployed to obta...
- Question 14: Which of the following provides the details about the terms ...
- Question 15: Which of the following best practices gives administrators a...
- Question 16: A security team is setting up a new environment for hosting ...
- Question 17: A security analyst is assessing several company firewalls. W...
- Question 18: A systems administrator wants to prevent users from being ab...
- Question 19: A systems administrator would like to deploy a change to a p...
- Question 20: Which of the following is die most important security concer...
- Question 21: An organization completed a project to deploy SSO across all...
- Question 22: An enterprise has been experiencing attacks focused on explo...
- Question 23: An analyst is evaluating the implementation of Zero Trust pr...
- Question 24: A security audit of an organization revealed that most of th...
- Question 25: An IT manager informs the entire help desk staff that only t...
- Question 26: A company is concerned about the theft of client data from d...
- Question 27: Which of the following is best to use when determining the s...
- Question 28: Which of the following would be the best way to handle a cri...
- Question 29: A legacy device is being decommissioned and is no longer rec...
- Question 30: An administrator at a small business notices an increase in ...
- Question 31: A company wants to ensure that the software it develops will...
- Question 32: An IT manager is increasing the security capabilities of an ...
- Question 33: Which of the following explains why an attacker cannot easil...
- Question 34: Which of the following topics would most likely be included ...
- Question 35: An employee fell for a phishing scam, which allowed an attac...
- Question 36: Which of the following is the first step to take when creati...
- Question 37: Which of the following would be best suited for constantly c...
- Question 38: An organization wants a third-party vendor to do a penetrati...
- Question 39: A U.S.-based cloud-hosting provider wants to expand its data...
- Question 40: An employee receives a text message that appears to have bee...
- Question 41: A security consultant needs secure, remote access to a clien...
- Question 42: Which of the following agreement types defines the time fram...
- Question 43: An organization experienced a security breach that allowed a...
- Question 44: Which of the following would be the most appropriate way to ...
- Question 45: Which of the following can best protect against an employee ...
- Question 46: Which of the following describes the understanding between a...
- Question 47: A Chief Information Security Officer would like to conduct f...
- Question 48: Which of the following best describes a social engineering a...
- Question 49: A security manager is implementing MFA and patch management....
- Question 50: An organization's internet-facing website was compromised wh...
- Question 51: A security analyst is reviewing the source code of an applic...
- Question 52: A company allows customers to upload PDF documents to its pu...
- Question 53: A security administrator is working to secure company data o...
- Question 54: A company is reviewing options to enforce user logins after ...
- Question 55: A company hired a consultant to perform an offensive securit...
- Question 56: A company is discarding a classified storage array and hires...
- Question 57: Which of the following enables the use of an input field to ...
- Question 58: An organization plans to expand its operations international...
- Question 59: A company is redesigning its infrastructure and wants to red...
- Question 60: During the onboarding process, an employee needs to create a...
- Question 61: A company that is located in an area prone to hurricanes is ...
- Question 62: Which of the following control types is AUP an example of?...
- Question 63: An administrator discovers that some files on a database ser...
- Question 64: A user would like to install software and features that are ...
- Question 65: A data administrator is configuring authentication for a Saa...
- Question 66: Which of the following data roles is responsible for identif...
- Question 67: A systems administrator is auditing all company servers to e...
- Question 68: A manager receives an email that contains a link to receive ...
- Question 69: A security team is reviewing the findings in a report that w...
- Question 70: A company relies on open-source software libraries to build ...
- Question 71: Which of the following considerations is the most important ...
- Question 72: In which of the following scenarios is tokenization the best...
- Question 73: Which of the following alert types is the most likely to be ...
- Question 74: An organization wants to improve the company's security auth...
- Question 75: A company's online shopping website became unusable shortly ...
- Question 76: Which of the following best describes the risk present after...
- Question 77: An important patch for a critical application has just been ...
- Question 78: Two companies are in the process of merging. The companies n...
- Question 79: A systems administrator receives the following alert from a ...
- Question 80: A security administrator is hardening corporate systems and ...
- Question 81: A systems administrator notices that one of the systems crit...
- Question 82: A security administrator is configuring fileshares. The admi...
- Question 83: A security analyst needs to propose a remediation plan 'or e...
- Question 84: An engineer needs to find a solution that creates an added l...
- Question 85: A security administrator notices numerous unused, non-compli...
- Question 86: A multinational bank hosts several servers in its data cente...
- Question 87: A client asked a security company to provide a document outl...
- Question 88: Which of the following is a hardware-specific vulnerability?...
- Question 89: An organization has too many variations of a single operatin...
- Question 90: The security operations center is researching an event conce...
- Question 91: A company needs to keep the fewest records possible, meet co...
- Question 92: Which of the following vulnerabilities is associated with in...
- Question 93: A company implemented an MDM policy 10 mitigate risks after ...
- Question 94: Which of the following scenarios describes a possible busine...
- Question 95: The security team at a large global company needs to reduce ...
- Question 96: An organization is leveraging a VPN between its headquarters...
- Question 97: Which of the following teams is best suited to determine whe...
- Question 98: A healthcare organization wants to provide a web application...
- Question 99: Which of the following should be used to ensure an attacker ...
- Question 100: Which of the following involves an attempt to take advantage...
- Question 101: A security architect at a large, multinational organization ...
- Question 102: A security analyst received a tip that sensitive proprietary...
- Question 103: A recent malware outbreak across a subnet included successfu...
- Question 104: A company hired a security manager from outside the organiza...
- Question 105: Which of the following penetration testing teams is focused ...
- Question 106: A security analyst recently read a report about a flaw in se...
- Question 107: Which of the following is required for an organization to pr...
- Question 108: An organization would like to calculate the time needed to r...
- Question 109: Which of the following is considered a preventive control?...
- Question 110: A security administrator is performing an audit on a stand-a...
- Question 111: Which of the following is used to conceal credit card inform...
- Question 112: An administrator is Investigating an incident and discovers ...
- Question 113: Which of the following should a security administrator adher...
- Question 114: An administrator finds that all user workstations and server...
- Question 115: Which of the following would be the best ways to ensure only...
- Question 116: A company's web filter is configured to scan the URL for str...
- Question 117: A company's public-facing website, https://www.organization....
- Question 118: The Chief Information Security Officer (CISO) has determined...
- Question 119: The local administrator account for a company's VPN applianc...
- Question 120: A systems administrator is looking for a low-cost applicatio...
- Question 121: An organization implemented cloud-managed IP cameras to moni...
- Question 122: An employee receives a text message from an unknown number c...
- Question 123: Which of the following roles, according to the shared respon...
- Question 124: An external vendor recently visited a company's headquarters...
- Question 125: An administrator was notified that a user logged in remotely...
- Question 126: Which of the following would most likely mitigate the impact...
- Question 127: An employee in the accounting department receives an email c...
- Question 128: Which of the following threat actors is the most likely to b...
- Question 129: A company is developing a business continuity strategy and n...
- Question 130: A security administrator is reissuing a former employee's la...
- Question 131: An organization is adopting cloud services at a rapid pace a...
- Question 132: A security analyst reviews domain activity logs and notices ...
- Question 133: A newly identified network access vulnerability has been fou...
- Question 134: A company decided to reduce the cost of its annual cyber ins...
- Question 135: Which of the following security controls is most likely bein...
- Question 136: Several employees received a fraudulent text message from so...
- Question 137: A development team is launching a new public-facing web prod...
- Question 138: A security analyst is reviewing the source code of an applic...
- Question 139: A newly appointed board member with cybersecurity knowledge ...
- Question 140: A company wants to verify that the software the company is d...
- Question 141: A visitor plugs a laptop into a network jack in the lobby an...
- Question 142: A business needs a recovery site but does not require immedi...
- Question 143: A security practitioner completes a vulnerability assessment...
- Question 144: Which of the following physical controls can be used to both...
- Question 145: A security administrator recently reset local passwords and ...
- Question 146: A company has begun labeling all laptops with asset inventor...
- Question 147: Which of the following considerations is the most important ...
- Question 148: Which of the following is the most likely to be used to docu...
- Question 149: While investigating a possible incident, a security analyst ...
- Question 150: Which of the following is the best way to provide secure rem...
- Question 151: A security engineer is working to address the growing risks ...
- Question 152: A utility company is designing a new platform that will host...
- Question 153: A security operations center determines that the malicious a...
- Question 154: Which of the following most likely describes why a security ...
- Question 155: A Chief Information Security Officer wants to monitor the co...
- Question 156: A third-party vendor is moving a particular application to t...
- Question 157: A network administrator is working on a project to deploy a ...
- Question 158: A company wants to reduce the time and expense associated wi...
- Question 159: An organization requests a third-party full-spectrum analysi...
- Question 160: A company recently decided to allow employees to work remote...
- Question 161: An internet company has created a new collaboration applicat...
- Question 162: The Chief Information Security Officer wants to put security...
- Question 163: Which of the following describes an executive team that is m...
- Question 164: An organization wants to ensure the integrity of compiled bi...
- Question 165: A cybersecurity incident response team at a large company re...
- Question 166: An accounting clerk sent money to an attacker's bank account...
- Question 167: Which of the following is the best reason an organization sh...
- Question 168: An administrator notices that several users are logging in f...
- Question 169: Which of the following describes effective change management...
- Question 170: Which of the following phases of an incident response involv...
- Question 171: A security analyst receives alerts about an internal system ...
- Question 172: An organization maintains intellectual property that it want...
- Question 173: Malware spread across a company's network after an employee ...
- Question 174: Local guidelines require that all information systems meet a...
- Question 175: Which of the following types of identification methods can b...
- Question 176: An administrator finds that all user workstations and server...
- Question 177: A company is experiencing a web services outage on the publi...
- Question 178: An employee recently resigned from a company. The employee w...
- Question 179: Which of the following must be considered when designing a h...
- Question 180: A security investigation revealed that malicious software wa...
- Question 181: Which of the following is a common, passive reconnaissance t...
- Question 182: An attacker posing as the Chief Executive Officer calls an e...
- Question 183: A customer has a contract with a CSP and wants to identify w...
- Question 184: A company is developing a critical system for the government...
- Question 185: A systems administrator is creating a script that would save...
- Question 186: A company is adding a clause to its AUP that states employee...
- Question 187: Hotspot Question Select the appropriate attack and remediati...
- Question 188: During an annual review of the system design, an engineer id...
- Question 189: A systems administrator notices that a testing system is dow...
- Question 190: A security team created a document that details the order in...
- Question 191: A security analyst is reviewing the logs on an organization'...
- Question 192: A security analyst locates a potentially malicious video fil...
- Question 193: Users at a company are reporting they are unable to access t...
- Question 194: While considering the organization's cloud-adoption strategy...
- Question 195: The executive management team is mandating the company devel...
- Question 196: Which of the following data roles is responsible for identif...
- Question 197: A company wants to reduce the time and expense associated wi...
- Question 198: Which of the following agreement types is used to limit exte...
- Question 199: A company is working with a vendor to perform a penetration ...
- Question 200: After a recent ransomware attack on a company's system, an a...
