SY0-701 Exam Dumps | A security officer observes that a software development team is not complying with its corporate security

<< Prev Question Next Question >>

Question 335/343

A security officer observes that a software development team is not complying with its corporate security policy on encrypting confidential data. Which of the following categories refers to this type of non- compliance?

A. External

B. Standard

C. Regulation

D. Internal

Question List (343q): Question 1: The local administrator account for a company's VPN applianc...; Question 2: Which of the following is a vulnerability concern for end-of...; Question 3: In which of the following scenarios is tokenization the best...; Question 4: Employees sign an agreement that restricts specific activiti...; Question 5: A store is setting up wireless access for employees. Managem...; Question 6: Which of the following is a common data removal option for c...; Question 7: Which of the following is the best way to improve the confid...; Question 8: Which of the following describes the category of data that i...; Question 9: An administrator finds that all user workstations and server...; Question 10: A systems administrator is auditing all company servers to e...; Question 11: Which of the following prevents unauthorized modifications t...; Question 12: A systems administrator is redesigning now devices will perf...; Question 13: An organization failed to account for the right-to-be-forgot...; Question 14: An administrator learns that users are receiving large quant...; Question 15: A new vulnerability enables a type of malware that allows th...; Question 16: A security analyst learns that an attack vector, used as par...; Question 17: An attacker used XSS to compromise a web server. Which of th...; Question 18: Employees located off-site must have access to company resou...; Question 19: Which of the following is the final step of the modem respon...; Question 20: Which of the following would be the most appropriate way to ...; Question 21: Which of the following involves an attempt to take advantage...; Question 22: A security engineer at a large company needs to enhance IAM ...; Question 23: Which of the following security control types does an accept...; Question 24: A user is attempting to patch a critical system, but the pat...; Question 25: An administrator is estimating the cost associated with an a...; Question 26: Which of the following describes the understanding between a...; Question 27: During an investigation, a security analyst discovers traffi...; Question 28: Client files can only be accessed by employees who need to k...; Question 29: Which of the following describes the reason root cause analy...; Question 30: A company's end users are reporting that they are unable to ...; Question 31: An engineer has ensured that the switches are using the late...; Question 32: A company with a high-availability website is looking to har...; Question 33: For which of the following reasons would a systems administr...; Question 34: Which of the following can be used to identify potential att...; Question 35: A systems administrator receives the following alert from a ...; Question 36: Which of the following are cases in which an engineer should...; Question 37: An employee clicked a link in an email from a payment websit...; Question 38: Which of the following is a compensating control for providi...; Question 39: A security manager wants to reduce the number of steps requi...; Question 40: Which of the following can assist in recovering data if the ...; Question 41: An organization issued new laptops to all employees and want...; Question 42: A systems administrator wants to use a technical solution to...; Question 43: Two companies are in the process of merging. The companies n...; Question 44: A company makes a change during the appropriate change windo...; Question 45: Which of the following would be the greatest concern for a c...; Question 46: A company wants to protect a specialized legacy platform tha...; Question 47: An organization maintains intellectual property that it want...; Question 48: A security analyst is reviewing the following logs about a s...; Question 49: A technician is opening ports on a firewall for a new system...; Question 50: Which of the following describes the maximum allowance of ac...; Question 51: A company that has a large IT operation is looking to better...; Question 52: Which of the following can best protect against an employee ...; Question 53: Which of the following explains how to determine the global ...; Question 54: One of a company's vendors sent an analyst a security bullet...; Question 55: The management team wants to assess the cybersecurity team's...; Question 56: A security analyst locates a potentially malicious video fil...; Question 57: A growing organization, which hosts an externally accessible...; Question 58: During a recent log review, an analyst discovers evidence of...; Question 59: Which of the following allows for the attribution of message...; Question 60: An organization has recently decided to implement SSO. The r...; Question 61: A small business uses kiosks on the sales floor to display p...; Question 62: Which of the following is a benefit of an RTO when conductin...; Question 63: A systems administrator just purchased multiple network devi...; Question 64: A network administrator deploys an FDE solution on all end u...; Question 65: Which of the following should be used to select a label for ...; Question 66: A company's online shopping website became unusable shortly ...; Question 67: Which of the following is the best reason to complete an aud...; Question 68: A company wants to minimize the chance of its outgoing marke...; Question 69: Which of the following must be considered when designing a h...; Question 70: Which of the following is the best safeguard to protect agai...; Question 71: A security engineer is implementing FDE for all laptops in a...; Question 72: Which of the following data states applies to data that is b...; Question 73: The management team reports employees are missing features o...; Question 74: Which of the following should an internal auditor check for ...; Question 75: A government official receives a blank envelope containing p...; Question 76: A security analyst created a fake account and saved the pass...; Question 77: An organization would like to calculate the time needed to r...; Question 78: Which of the following control types is AUP an example of?...; Question 79: An organization plans to expand its operations international...; Question 80: Which of the following describes an executive team that is m...; Question 81: Which of the following provides the best protection against ...; Question 82: A forensic engineer determines that the root cause of a comp...; Question 83: The security team at a large global company needs to reduce ...; Question 84: Which of the following environments utilizes a subset of cus...; Question 85: Which of the following would best ensure a controlled versio...; Question 86: Which of the following describes effective change management...; Question 87: A new employee can select a particular make and model of an ...; Question 88: A systems administrator needs to provide traveling employees...; Question 89: An IT manager is increasing the security capabilities of an ...; Question 90: A security administrator protects passwords by using hashing...; Question 91: A spoofed identity was detected for a digital certificate. W...; Question 92: Which of the following is an example of memory injection?...; Question 93: Which of the following security controls are a company imple...; Question 94: An employee in the accounting department receives an email c...; Question 95: Which of the following threat actors would most likely targe...; Question 96: Which of the following could potentially be introduced at th...; Question 97: Which of the following metrics impacts the backup schedule a...; Question 98: A security analyst sees an increase of vulnerabilities on wo...; Question 99: A security analyst receives an alert from a corporate endpoi...; Question 100: A security analyst is reviewing alerts in the SIEM related t...; Question 101: A systems administrator needs to ensure the secure communica...; Question 102: Which of the following tools is best for logging and monitor...; Question 103: A security analyst identifies an incident in the network. Wh...; Question 104: Which of the following strategies should an organization use...; Question 105: An attacker posing as the Chief Executive Officer calls an e...; Question 106: When trying to access an internal website, an employee repor...; Question 107: While a user reviews their email, a host gets infected by ma...; Question 108: Which of the following organizational documents is most ofte...; Question 109: While troubleshooting a firewall configuration, a technician...; Question 110: Which of the following is the most common data loss path for...; Question 111: An administrator needs to perform server hardening before de...; Question 112: Malware spread across a company's network after an employee ...; Question 113: An organization wants to improve the company's security auth...; Question 114: A security analyst investigates abnormal outbound traffic fr...; Question 115: A recent penetration test identified that an attacker could ...; Question 116: An engineer needs to ensure that a script has not been modif...; Question 117: A penetration test identifies that an SMBvl Is enabled on mu...; Question 118: Company A jointly develops a product with Company B, which i...; Question 119: A security practitioner completes a vulnerability assessment...; Question 120: Which of the following is an example of a false negative vul...; Question 121: An administrator notices that several users are logging in f...; Question 122: A human resources (HR) employee working from home leaves the...; Question 123: A company needs to determine whether authentication weakness...; Question 124: An attorney prints confidential documents to a copier in an ...; Question 125: A government worker secretly copies classified files that co...; Question 126: A systems administrator creates a script that validates OS v...; Question 127: A company hired a consultant to perform an offensive securit...; Question 128: Which of the following factors are the most important to add...; Question 129: Which of the following is the most likely benefit of conduct...; Question 130: A certificate authority needs to post information about expi...; Question 131: A company wants to track modifications to the code used to b...; Question 132: A customer has a contract with a CSP and wants to identify w...; Question 133: Which of the following most accurately describes the order i...; Question 134: During a recent company safety stand-down, the cyber-awarene...; Question 135: A company prevented direct access from the database administ...; Question 136: Which of the following is an example of a data protection st...; Question 137: Which of the following is prevented by proper data sanitizat...; Question 138: A systems administrator needs to encrypt all data on employe...; Question 139: An important patch for a critical application has just been ...; Question 140: A company wants to update its disaster recovery plan to incl...; Question 141: Which of the following is the best mitigation for a zero-day...; Question 142: Which of the following exercises should an organization use ...; Question 143: A systems administrator is working on a solution with the fo...; Question 144: An IT manager informs the entire help desk staff that only t...; Question 145: A company's antivirus solution is effective in blocking malw...; Question 146: A systems administrator receives an alert that a company's i...; Question 147: Which of the following methods will most likely be used to i...; Question 148: An administrator investigating an incident is concerned abou...; Question 149: Users at a company are reporting they are unable to access t...; Question 150: A company's web filter is configured to scan the URL for str...; Question 151: A company is expanding its threat surface program and allowi...; Question 152: An employee who was working remotely lost a mobile device co...; Question 153: A security analyst is creating the first draft of a network ...; Question 154: A software development manager wants to ensure the authentic...; Question 155: A company plans to secure its systems by: Preventing users f...; Question 156: Which of the following would be best suited for constantly c...; Question 157: The physical security team at a company receives reports tha...; Question 158: Which of the following is the main consideration when a lega...; Question 159: A cyber operations team informs a security analyst about a n...; Question 160: A few weeks after deploying additional email servers, a comp...; Question 161: A security analyst is reviewing the following logs: (Exhibit...; Question 162: During a routine audit, an analyst discovers that a departme...; Question 163: A security analyst is creating base for the server team to f...; Question 164: According to various privacy rules and regulations, users ha...; Question 165: Which of the following solutions would most likely be used i...; Question 166: The Chief Information Security Officer (CISO) at a large com...; Question 167: After reviewing the following vulnerability scanning report:...; Question 168: Which of the following mitigation techniques would a securit...; Question 169: Which of the following agreement types defines the time fram...; Question 170: Which of the following enables the use of an input field to ...; Question 171: Which of the following is the best way to securely store an ...; Question 172: An organization wants to limit potential impact to its log-i...; Question 173: A company discovers suspicious transactions that were entere...; Question 174: Which of the following alert types is the most likely to be ...; Question 175: A company receives an alert that a widely used network devic...; Question 176: Which of the following is a type of vulnerability that invol...; Question 177: While investigating a possible incident, a security analyst ...; Question 178: A company must ensure sensitive data at rest is rendered unr...; Question 179: Which of the following data protection strategies can be use...; Question 180: Which of the following data types relates to data sovereignt...; Question 181: An analyst discovers a suspicious item in the SQL server log...; Question 182: After failing an audit twice, an organization has been order...; Question 183: A penetration tester begins an engagement by performing port...; Question 184: A security team created a document that details the order in...; Question 185: A Chief Information Security Officer (CISO) wants to explici...; Question 186: An administrator is reviewing a single server's security log...; Question 187: A company wants to use new Wi-Fi-enabled environmental senso...; Question 188: The security team notices that the Always On VPN solution so...; Question 189: An administrator is Investigating an incident and discovers ...; Question 190: Sine a recent upgrade (o a WLAN infrastructure, several mobi...; Question 191: Which of the following actions would reduce the number of fa...; Question 192: Which solution is most likely used in the financial industry...; Question 193: An organization has a new regulatory requirement to implemen...; Question 194: Attackers created a new domain name that looks similar to a ...; Question 195: Which of the following should a security analyst consider wh...; Question 196: Which of the following teams combines both offensive and def...; Question 197: Which of the following threat actors is the most likely to b...; Question 198: During a penetration test in a hypervisor, the security engi...; Question 199: A security team installs an IPS on an organization's network...; Question 200: Which of the following best describe a penetration test that...; Question 201: A network administrator wants to ensure that network traffic...; Question 202: An employee from the accounting department logs in to the we...; Question 203: A cybersecurity incident response team at a large company re...; Question 204: A security administrator is implementing encryption on all h...; Question 205: The private key for a website was stolen, and a new certific...; Question 206: Which of the following tasks is typically included in the BI...; Question 207: An organization's internet-facing website was compromised wh...; Question 208: A business uses Wi-Fi with content filleting enabled. An emp...; Question 209: A store is setting up wireless access for their employees. M...; Question 210: Which of the following is a primary security concern for a c...; Question 211: Which vulnerability is most likely mitigated by setting up a...; Question 212: Which of the following attacks primarily targets insecure ne...; Question 213: In a rush to meet an end-of-year business goal, the IT depar...; Question 214: Which of the following examples would be best mitigated by i...; Question 215: Which of the following actions could a security engineer tak...; Question 216: An accounting employee recently used software that was not a...; Question 217: A company is currently utilizing usernames and passwords, an...; Question 218: The management team notices that new accounts that are set u...; Question 219: A user downloads a patch from an unknown repository... FIM a...; Question 220: An administrator assists the legal and compliance team with ...; Question 221: Which of the following best explains a concern with OS-based...; Question 222: Which of the following best practices gives administrators a...; Question 223: Which of the following is the most likely outcome if a large...; Question 224: While reviewing a recent compromise, a forensics team discov...; Question 225: A company discovered its data was advertised for sale on the...; Question 226: An organization has issues with deleted network share data a...; Question 227: Which of the following techniques can be used to sanitize th...; Question 228: The executive management team is mandating the company devel...; Question 229: A bank insists all of its vendors must prevent data loss on ...; Question 230: A hacker gained access to a system via a phishing attempt th...; Question 231: Which of the following phases of an incident response involv...; Question 232: A security analyst wants to automate a task that shares data...; Question 233: A penetration tester was able to gain unauthorized access to...; Question 234: An external security assessment report indicates a high clic...; Question 235: An office wants to install a Wi-Fi network. The security tea...; Question 236: A company wants to get alerts when others are researching an...; Question 237: A new employee accessed an unauthorized website. An investig...; Question 238: During the onboarding process, an employee needs to create a...; Question 239: Which of the following explains why an attacker cannot easil...; Question 240: Which of the following is the stage in an investigation when...; Question 241: A security analyst receives an alert that there was an attem...; Question 242: After a security awareness training session, a user called t...; Question 243: A security audit of an organization revealed that most of th...; Question 244: An administrator wants to automate an account permissions up...; Question 245: Which of the following is used to protect a computer from vi...; Question 246: A security analyst learns that an attack vector, which was u...; Question 247: During a SQL update of a database, a temporary field used as...; Question 248: A company is concerned about the theft of client data from d...; Question 249: Which of the following vulnerabilities is associated with in...; Question 250: Prior to implementing a design change, the change must go th...; Question 251: Which of the following activities would involve members of t...; Question 252: A security team is reviewing the findings in a report that w...; Question 253: A systems administrator is changing the password policy with...; Question 254: The analyst wants to move data from production to the UAT se...; Question 255: An enterprise is trying to limit outbound DNS traffic origin...; Question 256: An organization has learned that its data is being exchanged...; Question 257: The security operations center is researching an event conce...; Question 258: Which of the following is a prerequisite for a DLP solution?...; Question 259: Which of the following is the best way to prevent data from ...; Question 260: Which of the following should be used to ensure that a new s...; Question 261: A client demands at least 99.99% uptime from a service provi...; Question 262: Which of the following best describes the concept of informa...; Question 263: An IT manager is putting together a documented plan describi...; Question 264: Which of the following is the first step to take when creati...; Question 265: Which of the following best describes the practice of resear...; Question 266: Which of the following activities should a systems administr...; Question 267: A Chief Information Security Officer would like to conduct f...; Question 268: A few weeks after deploying additional email servers, employ...; Question 269: Which of the following control types describes an alert from...; Question 270: An organization recently started hosting a new service that ...; Question 271: Which of the following security concepts is being followed w...; Question 272: Which of the following security principles most likely requi...; Question 273: A security engineer is installing an IPS to block signature-...; Question 274: Which of the following is an algorithm performed to verify t...; Question 275: In which of the following scenarios is tokenization the best...; Question 276: After a company was compromised, customers initiated a lawsu...; Question 277: Which of the following is the best way to secure an on-site ...; Question 278: A company is developing a critical system for the government...; Question 279: Which of the following roles, according to the shared respon...; Question 280: Which of the following is the greatest advantage that networ...; Question 281: An organization is developing a security program that convey...; Question 282: An administrator discovers that some files on a database ser...; Question 283: An administrator is installing an SSL certificate on a new s...; Question 284: An organization implemented cloud-managed IP cameras to moni...; Question 285: A new employee logs in to the email system for the first tim...; Question 286: A security team is setting up a new environment for hosting ...; Question 287: A company is changing its mobile device policy. The company ...; Question 288: A security report shows that during a two-week test period. ...; Question 289: Which of the following technologies assists in passively ver...; Question 290: Which of the following allows a systems administrator to tun...; Question 291: After an audit, an administrator discovers all users have ac...; Question 292: A U.S.-based cloud-hosting provider wants to expand its data...; Question 293: The Chief Information Security Officer wants to discuss opti...; Question 294: A security analyst finds a rogue device during a monthly aud...; Question 295: You are security administrator investigating a potential inf...; Question 296: Which of the following outlines the configuration, maintenan...; Question 297: Which of the following provides the details about the terms ...; Question 298: A penetration testing report indicated that an organization ...; Question 299: At the start of a penetration test, the tester checks OSINT ...; Question 300: An organization is leveraging a VPN between its headquarters...; Question 301: A company receives an alert that a network device vendor, wh...; Question 302: The number of tickets the help desk has been receiving has i...; Question 303: A new corporate policy requires all staff to use multifactor...; Question 304: An administrator discovers that some files on a database ser...; Question 305: Which of the following should be used to prevent changes to ...; Question 306: A company processes and stores sensitive data on its own sys...; Question 307: A company is adding a clause to its AUP that states employee...; Question 308: Various company stakeholders meet to discuss roles and respo...; Question 309: A security analyst needs to improve the company's authentica...; Question 310: A database administrator is updating the company's SQL datab...; Question 311: Which of the following is used to quantitatively measure the...; Question 312: Which of the following can a security director use to priori...; Question 313: A company identified the potential for malicious insiders to...; Question 314: A company is in the process of cutting jobs to manage costs....; Question 315: A vendor needs to remotely and securely transfer files from ...; Question 316: Which of the following should a security administrator adher...; Question 317: An organization designs an inbound firewall with a fail-open...; Question 318: An IT security team is concerned about the confidentiality o...; Question 319: Which of the following methods would most likely be used to ...; Question 320: Which of the following actions must an organization take to ...; Question 321: A security administrator observed the following in a web ser...; Question 322: Select the appropriate attack and remediation from each drop...; Question 323: Which of the following would be the best way to block unknow...; Question 324: An employee receives a text message that appears to have bee...; Question 325: A company has begun labeling all laptops with asset inventor...; Question 326: The Chief Information Security Officer wants to put security...; Question 327: A security analyst discovers that a large number of employee...; Question 328: Which of the following best represents an application that d...; Question 329: An organization would like to store customer data on a separ...; Question 330: Which of the following should be used to aggregate log data ...; Question 331: An administrator implements web-filtering products but still...; Question 332: Which of the following is the most likely motivation for a h...; Question 333: A company needs to provide administrative access to internal...; Question 334: Which of the following would most likely be used by attacker...; Question 335: A security officer observes that a software development team...; Question 336: An organization is evaluating new regulatory requirements as...; Question 337: Which of the following types of vulnerabilities is primarily...; Question 338: A security analyst is investigating a workstation that is su...; Question 339: The marketing department set up its own project management s...; Question 340: A security analyst is concerned malicious actors are lurking...; Question 341: A company decides to purchase an insurance policy. Which of ...; Question 342: A security administrator recently reset local passwords and ...; Question 343: A company wants to track modifications to the code that is u...

Question 335/343

LEAVE A REPLY

Download PDF File