Valid SY0-701 Dumps shared by ExamDiscuss.com for Helping Passing SY0-701 Exam! ExamDiscuss.com now offer the newest SY0-701 exam dumps, the ExamDiscuss.com SY0-701 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com SY0-701 dumps with Test Engine here:
Access SY0-701 Dumps Premium Version
(645 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 135/222
Security controls in a data center are being reviewed to ensure data is properly protected and that human life considerations are included. Which of the following best describes how the controls should be set up?
Correct Answer: C
Safety controls are security controls that are designed to protect human life and physical assets from harm or damage. Examples of safety controls include fire alarms, sprinklers, emergency exits, backup generators, and surge protectors. Safety controls should fail open, which means that they should remain operational or allow access when a failure or error occurs. Failing open can prevent or minimize the impact of a disaster, such as a fire, flood, earthquake, or power outage, on human life and physical assets. For example, if a fire alarm fails, it should still triggerthe sprinklers and unlock the emergency exits, rather than remain silent and locked.
Failing open can also ensure that essential services, such as healthcare, transportation, or communication, are available during a crisis. Remote access points, logging controls, and logical security controls are other types of security controls, but they should not fail open in a data center. Remote access points are security controls that allow users or systems to access a network or a system from a remote location, such as a VPN, a web portal, or a wireless access point. Remote access points should fail closed, which means that they should deny access when a failure or error occurs. Failing closed can prevent unauthorized or malicious access to the data center's network or systems, such as by hackers, malware, or rogue devices. Logging controls are security controls that record and monitor the activities and events that occur on a network or a system, such as user actions, system errors, security incidents, or performance metrics. Logging controls should also fail closed, which means that they should stop or suspend the activities or events when a failure or error occurs. Failing closed can prevent data loss, corruption, or tampering, as well as ensure compliance with regulations and standards. Logical security controls are security controls that use software or code to protect data and systems from unauthorized or malicious access, modification, or destruction, such as encryption, authentication, authorization, or firewall. Logical security controls should also fail closed, which means that they should block or restrict access when a failure or error occurs. Failing closed can prevent data breaches, cyberattacks, or logical flaws, as well as ensure confidentiality, integrity, and availability of data and systems. References:
CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 142-143, 372-373, 376-377
Failing open can also ensure that essential services, such as healthcare, transportation, or communication, are available during a crisis. Remote access points, logging controls, and logical security controls are other types of security controls, but they should not fail open in a data center. Remote access points are security controls that allow users or systems to access a network or a system from a remote location, such as a VPN, a web portal, or a wireless access point. Remote access points should fail closed, which means that they should deny access when a failure or error occurs. Failing closed can prevent unauthorized or malicious access to the data center's network or systems, such as by hackers, malware, or rogue devices. Logging controls are security controls that record and monitor the activities and events that occur on a network or a system, such as user actions, system errors, security incidents, or performance metrics. Logging controls should also fail closed, which means that they should stop or suspend the activities or events when a failure or error occurs. Failing closed can prevent data loss, corruption, or tampering, as well as ensure compliance with regulations and standards. Logical security controls are security controls that use software or code to protect data and systems from unauthorized or malicious access, modification, or destruction, such as encryption, authentication, authorization, or firewall. Logical security controls should also fail closed, which means that they should block or restrict access when a failure or error occurs. Failing closed can prevent data breaches, cyberattacks, or logical flaws, as well as ensure confidentiality, integrity, and availability of data and systems. References:
CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 142-143, 372-373, 376-377
- Question List (222q)
- Question 1: Which of the following is used to protect a computer from vi...
- Question 2: During a recent log review, an analyst discovers evidence of...
- Question 3: Which of the following security concepts is the best reason ...
- Question 4: Which of the following cryptographic methods is preferred fo...
- Question 5: A database administrator is updating the company's SQL datab...
- Question 6: Which of the following is a hardware-specific vulnerability?...
- Question 7: Which of the following is the stage in an investigation when...
- Question 8: Which of the following aspects of the data management life c...
- Question 9: A security team is setting up a new environment for hosting ...
- Question 10: A systems administrator is concerned about vulnerabilities w...
- Question 11: A Chief Information Security Officer (CISO) wants to explici...
- Question 12: A systems administrator notices that one of the systems crit...
- Question 13: An important patch for a critical application has just been ...
- Question 14: Which of the following is the first step to take when creati...
- Question 15: An administrator wants to automate an account permissions up...
- Question 16: A company is adding a clause to its AUP that states employee...
- Question 17: Which of the following is the final step of the modem respon...
- Question 18: Which of the following is used to validate a certificate whe...
- Question 19: A company must ensure sensitive data at rest is rendered unr...
- Question 20: A security team created a document that details the order in...
- Question 21: A business uses Wi-Fi with content filleting enabled. An emp...
- Question 22: Client files can only be accessed by employees who need to k...
- Question 23: An administrator must replace an expired SSL certificate. Wh...
- Question 24: A company is discarding a classified storage array and hires...
- Question 25: A security analyst learns that an attack vector, used as par...
- Question 26: An organization is developing a security program that convey...
- Question 27: An organization is looking to optimize its environment and r...
- Question 28: An organization's internet-facing website was compromised wh...
- Question 29: An organization would like to calculate the time needed to r...
- Question 30: A security consultant is working with a client that wants to...
- Question 31: A security administrator observed the following in a web ser...
- Question 32: A security analyst finds a rogue device during a monthly aud...
- Question 33: An engineer needs to find a solution that creates an added l...
- Question 34: Which of the following is a benefit of an RTO when conductin...
- Question 35: An organization plans to expand its operations international...
- Question 36: A security engineer is installing an IPS to block signature-...
- Question 37: Which of the following types of identification methods can b...
- Question 38: Which of the following threat actors would most likely defac...
- Question 39: Which of the following is the best reason to complete an aud...
- Question 40: Which of the following allows a systems administrator to tun...
- Question 41: Which of the following is the most likely to be included as ...
- Question 42: A security analyst locates a potentially malicious video fil...
- Question 43: Which of the following actions could a security engineer tak...
- Question 44: Which of the following is the primary purpose of a service t...
- Question 45: Which of the following would best explain why a security ana...
- Question 46: Which of the following practices would be best to prevent an...
- Question 47: Employees in the research and development business unit rece...
- Question 48: An employee fell for a phishing scam, which allowed an attac...
- Question 49: Which of the following phases of an incident response involv...
- Question 50: After a security incident, a systems administrator asks the ...
- Question 51: A malicious update was distributed to a common software plat...
- Question 52: Which of the following would be the best way to test resilie...
- Question 53: A company is changing its mobile device policy. The company ...
- Question 54: Which of the following is die most important security concer...
- Question 55: A systems administrator is creating a script that would save...
- Question 56: An employee used a company's billing system to issue fraudul...
- Question 57: Which of the following documents details how to accomplish a...
- Question 58: A company decided to reduce the cost of its annual cyber ins...
- Question 59: The Chief Information Security Officer wants to put security...
- Question 60: Which of the following would most likely be deployed to obta...
- Question 61: While investigating a possible incident, a security analyst ...
- Question 62: A network administrator wants to ensure that network traffic...
- Question 63: While troubleshooting a firewall configuration, a technician...
- Question 64: Which of the following activities is included in the post-in...
- Question 65: An organization recently updated its security policy to incl...
- Question 66: A security analyst needs to improve the company's authentica...
- Question 67: A systems administrator set up a perimeter firewall but cont...
- Question 68: A company prevented direct access from the database administ...
- Question 69: An organization issued new laptops to all employees and want...
- Question 70: An enterprise has been experiencing attacks focused on explo...
- Question 71: While conducting a business continuity tabletop exercise, th...
- Question 72: An organization maintains intellectual property that it want...
- Question 73: An organization would like to store customer data on a separ...
- Question 74: Which of the following would be the best solution to deploy ...
- Question 75: Which of the following would a security administrator use to...
- Question 76: A network manager wants to protect the company's VPN by impl...
- Question 77: Which of the following best describes the concept of informa...
- Question 78: An organization is adopting cloud services at a rapid pace a...
- Question 79: Which of the following describes the procedures a penetratio...
- Question 80: A security operations center determines that the malicious a...
- Question 81: A security administrator needs a method to secure data in an...
- Question 82: Which of the following steps in the risk management process ...
- Question 83: A security administrator is reissuing a former employee's la...
- Question 84: A security analyst is assessing several company firewalls. W...
- Question 85: An administrator is installing an SSL certificate on a new s...
- Question 86: A vendor needs to remotely and securely transfer files from ...
- Question 87: Which of the following best represents an application that d...
- Question 88: An IT manager is putting together a documented plan describi...
- Question 89: The Chief Information Security Officer (CISO) at a large com...
- Question 90: A systems administrator works for a local hospital and needs...
- Question 91: The local administrator account for a company's VPN applianc...
- Question 92: Which of the following should an internal auditor check for ...
- Question 93: During the onboarding process, an employee needs to create a...
- Question 94: A security manager created new documentation to use in respo...
- Question 95: A security analyst is reviewing alerts in the SIEM related t...
- Question 96: A company installed cameras and added signs to alert visitor...
- Question 97: An organization is implementing a COPE mobile device managem...
- Question 98: Which of the following is a preventive physical security con...
- Question 99: The security team at a large global company needs to reduce ...
- Question 100: A company hired a consultant to perform an offensive securit...
- Question 101: Which of the following would be the best way to block unknow...
- Question 102: A certificate authority needs to post information about expi...
- Question 103: Which of the following activities are associated with vulner...
- Question 104: A financial institution would like to store its customer dat...
- Question 105: An employee receives a text message from an unknown number c...
- Question 106: A newly identified network access vulnerability has been fou...
- Question 107: A security officer is implementing a security awareness prog...
- Question 108: Which of the following should a systems administrator use to...
- Question 109: A company is concerned about weather events causing damage t...
- Question 110: During an investigation, an incident response team attempts ...
- Question 111: A bank set up a new server that contains customers' Pll. Whi...
- Question 112: A security analyst is evaluating a SaaS application that the...
- Question 113: An employee recently resigned from a company. The employee w...
- Question 114: Which of the following is the most relevant reason a DPO wou...
- Question 115: Which of the following is a risk of conducting a vulnerabili...
- Question 116: A systems administrator receives the following alert from a ...
- Question 117: Which of the following should a security team do first befor...
- Question 118: A systems administrator needs to ensure the secure communica...
- Question 119: Which of the following most accurately describes the order i...
- Question 120: Select the appropriate attack and remediation from each drop...
- Question 121: A cyber operations team informs a security analyst about a n...
- Question 122: A company wants to reduce the time and expense associated wi...
- Question 123: Which of the following actors attacking an organization is t...
- Question 124: A Chief Information Security Officer wants to monitor the co...
- Question 125: Which of the following is used to add extra complexity befor...
- Question 126: An accountant is transferring information to a bank over FTP...
- Question 127: Which of the following should be used to ensure a device is ...
- Question 128: A company wants to improve the availability of its applicati...
- Question 129: A newly appointed board member with cybersecurity knowledge ...
- Question 130: Which of the following is required for an organization to pr...
- Question 131: A security analyst finds a rogue device during a monthly aud...
- Question 132: A technician is opening ports on a firewall for a new system...
- Question 133: During a penetration test, a vendor attempts to enter an una...
- Question 134: A security administrator is addressing an issue with a legac...
- Question 135: Security controls in a data center are being reviewed to ens...
- Question 136: Which of the following would be the best way to handle a cri...
- Question 137: An organization has too many variations of a single operatin...
- Question 138: Which of the following best describes why me SMS DIP authent...
- Question 139: A company has a website in a server cluster. One server is e...
- Question 140: A recent penetration test identified that an attacker could ...
- Question 141: When trying to access an internal website, an employee repor...
- Question 142: A security manager is implementing MFA and patch management....
- Question 143: Which of the following techniques can be used to sanitize th...
- Question 144: A data administrator is configuring authentication for a Saa...
- Question 145: Which of the following definitions best describes the concep...
- Question 146: Which of the following should an organization focus on the m...
- Question 147: An organization implemented cloud-managed IP cameras to moni...
- Question 148: Which of the following is the best way to consistently deter...
- Question 149: Which of the following should an organization use to protect...
- Question 150: A security team is reviewing the findings in a report that w...
- Question 151: Which of the following is the first step to secure a newly d...
- Question 152: A company requires hard drives to be securely wiped before s...
- Question 153: A company has begun labeling all laptops with asset inventor...
- Question 154: Which of the following describes the category of data that i...
- Question 155: Which of the following cryptographic solutions protects data...
- Question 156: An engineer moved to another team and is unable to access th...
- Question 157: Which of the following security concepts is accomplished whe...
- Question 158: An enterprise security team is researching a new security ar...
- Question 159: A company is redesigning its infrastructure and wants to red...
- Question 160: A company has yearly engagements with a service provider. Th...
- Question 161: A company is implementing a vendor's security tool in the cl...
- Question 162: A hacker gained access to a system via a phishing attempt th...
- Question 163: A company implemented an MDM policy 10 mitigate risks after ...
- Question 164: A company is developing a business continuity strategy and n...
- Question 165: The Chief Information Security Officer wants to discuss opti...
- Question 166: A security analyst is reviewing the following logs: (Exhibit...
- Question 167: An organization is building a new backup data center with co...
- Question 168: An administrator is Investigating an incident and discovers ...
- Question 169: A company is planning a disaster recovery site and needs to ...
- Question 170: A security analyst receives alerts about an internal system ...
- Question 171: A spoofed identity was detected for a digital certificate. W...
- Question 172: An organization disabled unneeded services and placed a fire...
- Question 173: Which of the following types of vulnerabilities is primarily...
- Question 174: Which of the following is a reason why a forensic specialist...
- Question 175: Which of the following is a compensating control for providi...
- Question 176: Which of the following is the best method to reduce the atta...
- Question 177: The marketing department set up its own project management s...
- Question 178: A business received a small grant to migrate its infrastruct...
- Question 179: Which of the following describes a security alerting and mon...
- Question 180: A new security regulation was announced that will take effec...
- Question 181: Which of the following threat actors is the most likely to u...
- Question 182: Which of the following phases of the incident response proce...
- Question 183: A legacy device is being decommissioned and is no longer rec...
- Question 184: Which of the following teams combines both offensive and def...
- Question 185: During a SQL update of a database, a temporary field used as...
- Question 186: A systems administrator is working on a solution with the fo...
- Question 187: An organization is evaluating new regulatory requirements as...
- Question 188: A company is working with a vendor to perform a penetration ...
- Question 189: A client demands at least 99.99% uptime from a service provi...
- Question 190: Which of the following security measures is required when us...
- Question 191: A company plans to secure its systems by: Preventing users f...
- Question 192: An attacker used XSS to compromise a web server. Which of th...
- Question 193: An administrator finds that all user workstations and server...
- Question 194: A systems administrator creates a script that validates OS v...
- Question 195: An organization wants to limit potential impact to its log-i...
- Question 196: A systems administrator wants to prevent users from being ab...
- Question 197: An IT manager informs the entire help desk staff that only t...
- Question 198: Which of the following describes an executive team that is m...
- Question 199: A company processes and stores sensitive data on its own sys...
- Question 200: Which of the following would most likely be used by attacker...
- Question 201: An attacker posing as the Chief Executive Officer calls an e...
- Question 202: An accounting clerk sent money to an attacker's bank account...
- Question 203: A systems administrator is auditing all company servers to e...
- Question 204: The security operations center is researching an event conce...
- Question 205: An employee clicked a link in an email from a payment websit...
- Question 206: An employee in the accounting department receives an email c...
- Question 207: A company's end users are reporting that they are unable to ...
- Question 208: Which of the following explains how to determine the global ...
- Question 209: During a security incident, the security operations team ide...
- Question 210: Which of the following strategies should an organization use...
- Question 211: A legal department must maintain a backup from all devices t...
- Question 212: An IT manager is increasing the security capabilities of an ...
- Question 213: A human resources (HR) employee working from home leaves the...
- Question 214: The executive management team is mandating the company devel...
- Question 215: Which of the following best describes the practice of resear...
- Question 216: An administrator notices that several users are logging in f...
- Question 217: Various company stakeholders meet to discuss roles and respo...
- Question 218: Malware spread across a company's network after an employee ...
- Question 219: An administrator wants to perform a risk assessment without ...
- Question 220: Which of the following is an algorithm performed to verify t...
- Question 221: Which of the following would be the best ways to ensure only...
- Question 222: A company is required to use certified hardware when buildin...
