Valid SY0-701 Dumps shared by ExamDiscuss.com for Helping Passing SY0-701 Exam! ExamDiscuss.com now offer the newest SY0-701 exam dumps, the ExamDiscuss.com SY0-701 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com SY0-701 dumps with Test Engine here:
Access SY0-701 Dumps Premium Version
(645 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 32/179
A penetration test has demonstrated that domain administrator accounts were vulnerable to pass-the-hash attacks. Which of the following would have been the best strategy to prevent the threat actor from using domain administrator accounts?
Correct Answer: B
Detailed Privileged access management (PAM) solutions effectively mitigate pass-the-hash attacks by enforcing least privilege and session management for administrative accounts. These tools restrict how and when credentials can be accessed, thereby reducing attack surfaces. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 2: Vulnerabilities, Section: "Mitigation Techniques".
- Question List (179q)
- Question 1: A small business uses kiosks on the sales floor to display p...
- Question 2: After a recent vulnerability scan, a security engineer needs...
- Question 3: A bank insists all of its vendors must prevent data loss on ...
- Question 4: Which of the following should an organization focus on the m...
- Question 5: An organization recently updated its security policy to incl...
- Question 6: A systems administrator is creating a script that would save...
- Question 7: Which of the following threat actors is the most likely to u...
- Question 8: Which of the following is used to validate a certificate whe...
- Question 9: You are security administrator investigating a potential inf...
- Question 10: Which of the following is the best way to prevent an unautho...
- Question 11: Security controls in a data center are being reviewed to ens...
- Question 12: An administrator is reviewing a single server's security log...
- Question 13: A systems administrator wants to prevent users from being ab...
- Question 14: Which of the following is the best reason to complete an aud...
- Question 15: A company is changing its mobile device policy. The company ...
- Question 16: An organization wants to limit potential impact to its log-i...
- Question 17: A certificate authority needs to post information about expi...
- Question 18: A growing company would like to enhance the ability of its s...
- Question 19: An engineer needs to find a solution that creates an added l...
- Question 20: After a company was compromised, customers initiated a lawsu...
- Question 21: Which of the following describes the maximum allowance of ac...
- Question 22: An administrator has identified and fingerprinted specific f...
- Question 23: A security analyst needs to improve the company's authentica...
- Question 24: An enterprise is trying to limit outbound DNS traffic origin...
- Question 25: A vendor needs to remotely and securely transfer files from ...
- Question 26: Which of the following factors are the most important to add...
- Question 27: A group of developers has a shared backup account to access ...
- Question 28: A company is currently utilizing usernames and passwords, an...
- Question 29: The security team at a large global company needs to reduce ...
- Question 30: Which of the following should a security operations center u...
- Question 31: Which of the following alert types is the most likely to be ...
- Question 32: A penetration test has demonstrated that domain administrato...
- Question 33: Company A jointly develops a product with Company B, which i...
- Question 34: Which of the following best represents an application that d...
- Question 35: An IT manager informs the entire help desk staff that only t...
- Question 36: Which of the following is the best way to consistently deter...
- Question 37: Which of the following describes a security alerting and mon...
- Question 38: An employee recently resigned from a company. The employee w...
- Question 39: A company relies on open-source software libraries to build ...
- Question 40: A company wants to verify that the software the company is d...
- Question 41: Several employees received a fraudulent text message from so...
- Question 42: Which of the following scenarios describes a possible busine...
- Question 43: While conducting a business continuity tabletop exercise, th...
- Question 44: Which of the following is best used to detect fraud by assig...
- Question 45: Various company stakeholders meet to discuss roles and respo...
- Question 46: Which of the following is die most important security concer...
- Question 47: A security analyst discovers that a large number of employee...
- Question 48: A security analyst finds a rogue device during a monthly aud...
- Question 49: A company wants to track modifications to the code used to b...
- Question 50: A business needs a recovery site but does not require immedi...
- Question 51: While a user reviews their email, a host gets infected by ma...
- Question 52: Which of the following describes the procedures a penetratio...
- Question 53: An employee receives a text message that appears to have bee...
- Question 54: A security consultant needs secure, remote access to a clien...
- Question 55: An employee receives a text message from an unknown number c...
- Question 56: Which of the following is used to add extra complexity befor...
- Question 57: A security administrator is deploying a DLP solution to prev...
- Question 58: Which of the following risk management strategies should an ...
- Question 59: Which of the following topics would most likely be included ...
- Question 60: A company is developing a business continuity strategy and n...
- Question 61: Which of the following phases of an incident response involv...
- Question 62: A company's marketing department collects, modifies, and sto...
- Question 63: Which of the following would be most useful in determining w...
- Question 64: A penetration tester begins an engagement by performing port...
- Question 65: Which of the following allows a systems administrator to tun...
- Question 66: A security analyst is investigating an application server an...
- Question 67: Which of the following is the primary purpose of a service t...
- Question 68: During a security incident, the security operations team ide...
- Question 69: The local administrator account for a company's VPN applianc...
- Question 70: A user needs to complete training at https://comptiatraining...
- Question 71: Which of the following should be used to ensure an attacker ...
- Question 72: An administrator must replace an expired SSL certificate. Wh...
- Question 73: Which of the following is a hardware-specific vulnerability?...
- Question 74: A company needs to provide administrative access to internal...
- Question 75: A systems administrator is changing the password policy with...
- Question 76: Which of the following is required for an organization to pr...
- Question 77: A new employee logs in to the email system for the first tim...
- Question 78: Which of the following threat vectors is most commonly utili...
- Question 79: A systems administrator receives a text message from an unkn...
- Question 80: Which of the following teams combines both offensive and def...
- Question 81: A company wants to improve the availability of its applicati...
- Question 82: Which of the following is the most likely outcome if a large...
- Question 83: A systems administrator works for a local hospital and needs...
- Question 84: A security manager created new documentation to use in respo...
- Question 85: An organization is leveraging a VPN between its headquarters...
- Question 86: A systems administrator is auditing all company servers to e...
- Question 87: Which of the following actions could a security engineer tak...
- Question 88: Which of the following can best protect against an employee ...
- Question 89: Which of the following best describe why a process would req...
- Question 90: Which of the following should a company use to provide proof...
- Question 91: During a penetration test, a vendor attempts to enter an una...
- Question 92: An organization is evaluating new regulatory requirements as...
- Question 93: A user would like to install software and features that are ...
- Question 94: Which of the following describes the process of concealing c...
- Question 95: Which of the following most accurately describes the order i...
- Question 96: An organization wants a third-party vendor to do a penetrati...
- Question 97: The management team notices that new accounts that are set u...
- Question 98: Various stakeholders are meeting to discuss their hypothetic...
- Question 99: The physical security team at a company receives reports tha...
- Question 100: A security administrator recently reset local passwords and ...
- Question 101: Which of the following activities should a systems administr...
- Question 102: After reviewing the following vulnerability scanning report:...
- Question 103: A newly identified network access vulnerability has been fou...
- Question 104: Which of the following best describe a penetration test that...
- Question 105: Which of the following is a benefit of an RTO when conductin...
- Question 106: Which of the following would be the best way to test resilie...
- Question 107: Which of the following are the best security controls for co...
- Question 108: A systems administrator set up a perimeter firewall but cont...
- Question 109: Which of the following is the stage in an investigation when...
- Question 110: A security operations center determines that the malicious a...
- Question 111: Malware spread across a company's network after an employee ...
- Question 112: The Cruel Information Security Officer (CISO) asks a securit...
- Question 113: An IT security team is concerned about the confidentiality o...
- Question 114: An administrator is reviewing a single server's security log...
- Question 115: An IT manager is increasing the security capabilities of an ...
- Question 116: A security engineer is installing an IPS to block signature-...
- Question 117: Which of the following can be used to identify potential att...
- Question 118: A security engineer is working to address the growing risks ...
- Question 119: Which of the following is a type of vulnerability that refer...
- Question 120: A systems administrator is redesigning now devices will perf...
- Question 121: A security professional discovers a folder containing an emp...
- Question 122: Which of the following involves an attempt to take advantage...
- Question 123: Which of the following is a type of vulnerability that invol...
- Question 124: Which of the following should be used to ensure a device is ...
- Question 125: A company recently decided to allow employees to work remote...
- Question 126: After a recent ransomware attack on a company's system, an a...
- Question 127: After a security awareness training session, a user called t...
- Question 128: Cadets speaking a foreign language are using company phone n...
- Question 129: A software developer would like to ensure. The source code c...
- Question 130: A security engineer is implementing FDE for all laptops in a...
- Question 131: Which of the following would help ensure a security analyst ...
- Question 132: Which of the following best practices gives administrators a...
- Question 133: Which of the following is a primary security concern for a c...
- Question 134: Which of the following is an algorithm performed to verify t...
- Question 135: Which of the following is prevented by proper data sanitizat...
- Question 136: After an audit, an administrator discovers all users have ac...
- Question 137: A client demands at least 99.99% uptime from a service provi...
- Question 138: Which of the following can a security director use to priori...
- Question 139: Which of the following is used to quantitatively measure the...
- Question 140: Which of the following control types is AUP an example of?...
- Question 141: Client files can only be accessed by employees who need to k...
- Question 142: A company's legal department drafted sensitive documents in ...
- Question 143: Which of the following security control types does an accept...
- Question 144: Which of the following would be best suited for constantly c...
- Question 145: During the onboarding process, an employee needs to create a...
- Question 146: Which of the following has been implemented when a host-base...
- Question 147: A security team created a document that details the order in...
- Question 148: Which of the following should a systems administrator use to...
- Question 149: A security administrator needs to reduce the attack surface ...
- Question 150: Which of the following Is a common, passive reconnaissance t...
- Question 151: A security team is reviewing the findings in a report that w...
- Question 152: A company wants to reduce the time and expense associated wi...
- Question 153: An organization would like to store customer data on a separ...
- Question 154: Which of the following are cases in which an engineer should...
- Question 155: A financial institution would like to store its customer dat...
- Question 156: Which of the following practices would be best to prevent an...
- Question 157: While considering the organization's cloud-adoption strategy...
- Question 158: Which of the following would best explain why a security ana...
- Question 159: An organization has a new regulatory requirement to implemen...
- Question 160: Which of the following tools can assist with detecting an em...
- Question 161: Which of the following is a reason environmental variables a...
- Question 162: An organization is developing a security program that convey...
- Question 163: Which of the following best describes the concept of informa...
- Question 164: A data administrator is configuring authentication for a Saa...
- Question 165: Which of the following is most likely associated with introd...
- Question 166: A cybersecurity incident response team at a large company re...
- Question 167: A security manager is implementing MFA and patch management....
- Question 168: Which of the following should a security administrator adher...
- Question 169: Which of the following should be used to aggregate log data ...
- Question 170: An organization is struggling with scaling issues on its VPN...
- Question 171: A security analyst is creating base for the server team to f...
- Question 172: Which of the following strategies should an organization use...
- Question 173: Which of the following security concepts is accomplished whe...
- Question 174: A company with a high-availability website is looking to har...
- Question 175: During a SQL update of a database, a temporary field used as...
- Question 176: A website user is locked out of an account after clicking an...
- Question 177: A company is concerned about weather events causing damage t...
- Question 178: Which of the following is the most effective way to protect ...
- Question 179: A company's end users are reporting that they are unable to ...
