2
CompTIA SEC+ SYO 701 Exam with precise detailed solutions || || || || || || || ||
Which of the following answers can be used to describe technical security controls? (Select 3
|| || || || || || || || || || || || || || ||
answers) ||
a Focused on protecting material assets
|| || || || || ||
b Sometimes called logical security controls
|| || || || ||
c Executed by computer systems (instead of people)
|| || || || || || || ||
d Also known as administrative controls
|| || || || ||
e Implemented with technology f Primarily implemented and executed by people (as opposed to
|| || || || || || || || || || || || || ||
computer systems) - ✔✔b. Sometimes called logical security controls
|| || || || || || || ||
c. Executed by computer systems (instead of people)
|| || || || || || ||
|| e. Implemented with technology
|| || ||
*Any control that is implemented and executed with technology
|| || || || || || || ||
What does Thrid party Vendor Risk Mean? - ✔✔Your security is comprised by outside parties,
|| || || || || || || || || || || || || || ||
like vendors, suppliers and business that do business with you.
|| || || || || || || || ||
Supply Chain Risk with hardware manufacturing. - ✔✔devices must be vetted to be used by the a
|| || || || || || || || || || || || || || || || ||
low risk appetite like the DOD.
|| || || || ||
Supply Chain Attack - ✔✔Attackers target the weakest link, or weaker links in supply chain in
|| || || || || || || || || || || || || || || ||
order to bring down main targets within the supply chain.
|| || || || || || || || ||
Vendor Assesment - ✔✔Organizations evaluate the security, reliability and performance of
|| || || || || || || || || || ||
external entities. ||
,2
What is governance? - ✔✔Is a system of rules and guidelines that help an organization align its
|| || || || || || || || || || || || || || || || ||
IT infrastructure with its business goals.
|| || || || ||
You must distribute the network traffic among a collection of mirrored servers. Which device
|| || || || || || || || || || || || || ||
should you use? - ✔✔LOAD BALANCER Imagine a load balancer as a traffic manager for
|| || || || || || || || || || || || || || ||
websites. Its job is to make sure that when people visit a website, the load balancer distributes the
|| || || || || || || || || || || || || || || || || ||
visitors evenly among multiple servers, like having multiple cashiers at a store.
|| || || || || || || || || || ||
You are modifying the backup schedule for the thirteen Windows and seven Unix servers in your
|| || || || || || || || || || || || || || || ||
server room. Full backups will occur Saturdays at 9:00 A.M. and incremental backups will occur
|| || || || || || || || || || || || || || ||
every weekday starting at 7:00 P.M. Each server contains an average of 400GB of data. Backup
|| || || || || || || || || || || || || || || ||
tapes are stored in a safe down the hall in the IT manager's office. What problems exist with this
|| || || || || || || || || || || || || || || || || || ||
scenario?
-There is not enough time to perform incremental backups if the start time is 7:00 P.M.
|| || || || || || || || || || || || || || ||
-Backup tapes should be stored offsite. || || || || ||
-Differential backups can be used only with full backups. || || || || || || || ||
-Incremental backups must be used with differential backups. - ✔✔Backup tapes should be stored || || || || || || || || || || || || ||
offsite. In case of damage to the same location where other backups are stored. An alternate
|| || || || || || || || || || || || || || || || ||
location should be used. || || ||
Which type of tool is commonly used to automate incident response?
|| || || || || || || || || ||
PKI
MDM
SOAR
SIEM - ✔✔SOAR is correct. Security orchestration, automation, and response (SOAR) solutions
|| || || || || || || || || || || ||
use runbooks to automate incident response thus reducing incident response time.
|| || || || || || || || || ||
Imagine a Superhero Helper: || || ||
,2
SOAR is like a superhero helper for computer security. It stands for Security Orchestration,
|| || || || || || || || || || || || || ||
Automation, and Response. || ||
Runbooks are like Superhero Plans: || || || ||
In SOAR, there are things called runbooks. Think of runbooks like plans that superheroes follow
|| || || || || || || || || || || || || || ||
to tackle problems. These plans help them know what to do when there's trouble.
|| || || || || || || || || || || || ||
Super Speedy Incident Response: || || ||
SOAR makes these plans super fast! It automates responses to computer problems, making it
|| || || || || || || || || || || || || ||
quicker to fix things when there's a security issue. It's like having a superhero who can solve
|| || || || || || || || || || || || || || || || ||
problems in a blink! || || ||
So, SOAR is the Super Sidekick for Computer Security:
|| || || || || || || ||
In simple terms, SOAR is like a sidekick that helps computers stay safe. It follows fast plans
|| || || || || || || || || || || || || || || || ||
(runbooks) to fix things quickly when there's a problem, making sure everything is secure. It's like
|| || || || || || || || || || || || || || ||
having a superhero buddy for computer safety!
|| || || || || || ||
In which order should the following items be conducted?
|| || || || || || || ||
ALE, business analysis, risk analysis
|| || || ||
ALE, risk analysis, business impact analysis
|| || || || ||
Business impact analysis, ALE, risk analysis || || || || ||
Risk analysis, ALE, business impact analysis - ✔✔ALE, risk analysis, business impact analysis is
|| || || || || || || || || || || || ||
correct.
|| ||
ALE stands for Annualized Loss Expectancy. It's like a dollar figure used in risk analysis to help
|| || || || || || || || || || || || || || || || || ||
prioritize which risks are most important to tackle first. || || || || || || || || ||
The ALE is a dollar figure used in quantitative risk analysis to prioritize risks; therefore, it cannot
|| || || || || || || || || || || || || || || || ||
be calculated after a risk analysis. The business impact analysis can occur only after risks have
|| || || || || || || || || || || || || || || || ||
been identified. ||
, 2
ALE is like a money calculator for risks, helping you focus on the ones that could cost the most.
|| || || || || || || || || || || || || || || || || || || ||
It's a key part of risk analysis.
|| || || || || ||
Marcel, a security specialist, configures a network appliance to detect and block suspicious
|| || || || || || || || || || || || ||
network activity. What has Marcel configured? || || || || ||
Host-based NIDS ||
Anomaly-based NIDS ||
Signature-based NIDS ||
Anomaly-based NIPS - ✔✔Anomaly-Based NIPS is correct. || || || || || || ||
Imagine a guard for computers called Anomaly-based NIPS. It watches for weird computer
|| || || || || || || || || || || || ||
behavior that doesn't look normal. When it spots something strange (an anomaly), it can stop the
|| || || || || || || || || || || || || || || ||
strange activity, like a superhero stopping a villain's plan.
|| || || || || || || ||
Key Points: ||
Anomaly-based NIPS is like a computer guard. || || || || || ||
It stops weird computer behavior (anomalies).
|| || || || ||
It can prevent the strange activity from causing problems.
|| || || || || || || ||
NIPSs (network intrusion prevention systems)
|| || || ||
Which of the following are examples of spyware? (Choose three.)
|| || || || || || || || ||
Changing the web browser home page || || || || ||
Gathering entered user keystrokes || || ||
Broadcasting ARP cache updates to network hosts || || || || || ||
Flooding a host with network traffic || || || || ||
Manipulating search engine results - ✔✔Gathering entered user keystrokes, Manipulating search || || || || || || || || || || ||
engine results, and Changing the web browser home page are correct.
|| || || || || || || || || ||
CompTIA SEC+ SYO 701 Exam with precise detailed solutions || || || || || || || ||
Which of the following answers can be used to describe technical security controls? (Select 3
|| || || || || || || || || || || || || || ||
answers) ||
a Focused on protecting material assets
|| || || || || ||
b Sometimes called logical security controls
|| || || || ||
c Executed by computer systems (instead of people)
|| || || || || || || ||
d Also known as administrative controls
|| || || || ||
e Implemented with technology f Primarily implemented and executed by people (as opposed to
|| || || || || || || || || || || || || ||
computer systems) - ✔✔b. Sometimes called logical security controls
|| || || || || || || ||
c. Executed by computer systems (instead of people)
|| || || || || || ||
|| e. Implemented with technology
|| || ||
*Any control that is implemented and executed with technology
|| || || || || || || ||
What does Thrid party Vendor Risk Mean? - ✔✔Your security is comprised by outside parties,
|| || || || || || || || || || || || || || ||
like vendors, suppliers and business that do business with you.
|| || || || || || || || ||
Supply Chain Risk with hardware manufacturing. - ✔✔devices must be vetted to be used by the a
|| || || || || || || || || || || || || || || || ||
low risk appetite like the DOD.
|| || || || ||
Supply Chain Attack - ✔✔Attackers target the weakest link, or weaker links in supply chain in
|| || || || || || || || || || || || || || || ||
order to bring down main targets within the supply chain.
|| || || || || || || || ||
Vendor Assesment - ✔✔Organizations evaluate the security, reliability and performance of
|| || || || || || || || || || ||
external entities. ||
,2
What is governance? - ✔✔Is a system of rules and guidelines that help an organization align its
|| || || || || || || || || || || || || || || || ||
IT infrastructure with its business goals.
|| || || || ||
You must distribute the network traffic among a collection of mirrored servers. Which device
|| || || || || || || || || || || || || ||
should you use? - ✔✔LOAD BALANCER Imagine a load balancer as a traffic manager for
|| || || || || || || || || || || || || || ||
websites. Its job is to make sure that when people visit a website, the load balancer distributes the
|| || || || || || || || || || || || || || || || || ||
visitors evenly among multiple servers, like having multiple cashiers at a store.
|| || || || || || || || || || ||
You are modifying the backup schedule for the thirteen Windows and seven Unix servers in your
|| || || || || || || || || || || || || || || ||
server room. Full backups will occur Saturdays at 9:00 A.M. and incremental backups will occur
|| || || || || || || || || || || || || || ||
every weekday starting at 7:00 P.M. Each server contains an average of 400GB of data. Backup
|| || || || || || || || || || || || || || || ||
tapes are stored in a safe down the hall in the IT manager's office. What problems exist with this
|| || || || || || || || || || || || || || || || || || ||
scenario?
-There is not enough time to perform incremental backups if the start time is 7:00 P.M.
|| || || || || || || || || || || || || || ||
-Backup tapes should be stored offsite. || || || || ||
-Differential backups can be used only with full backups. || || || || || || || ||
-Incremental backups must be used with differential backups. - ✔✔Backup tapes should be stored || || || || || || || || || || || || ||
offsite. In case of damage to the same location where other backups are stored. An alternate
|| || || || || || || || || || || || || || || || ||
location should be used. || || ||
Which type of tool is commonly used to automate incident response?
|| || || || || || || || || ||
PKI
MDM
SOAR
SIEM - ✔✔SOAR is correct. Security orchestration, automation, and response (SOAR) solutions
|| || || || || || || || || || || ||
use runbooks to automate incident response thus reducing incident response time.
|| || || || || || || || || ||
Imagine a Superhero Helper: || || ||
,2
SOAR is like a superhero helper for computer security. It stands for Security Orchestration,
|| || || || || || || || || || || || || ||
Automation, and Response. || ||
Runbooks are like Superhero Plans: || || || ||
In SOAR, there are things called runbooks. Think of runbooks like plans that superheroes follow
|| || || || || || || || || || || || || || ||
to tackle problems. These plans help them know what to do when there's trouble.
|| || || || || || || || || || || || ||
Super Speedy Incident Response: || || ||
SOAR makes these plans super fast! It automates responses to computer problems, making it
|| || || || || || || || || || || || || ||
quicker to fix things when there's a security issue. It's like having a superhero who can solve
|| || || || || || || || || || || || || || || || ||
problems in a blink! || || ||
So, SOAR is the Super Sidekick for Computer Security:
|| || || || || || || ||
In simple terms, SOAR is like a sidekick that helps computers stay safe. It follows fast plans
|| || || || || || || || || || || || || || || || ||
(runbooks) to fix things quickly when there's a problem, making sure everything is secure. It's like
|| || || || || || || || || || || || || || ||
having a superhero buddy for computer safety!
|| || || || || || ||
In which order should the following items be conducted?
|| || || || || || || ||
ALE, business analysis, risk analysis
|| || || ||
ALE, risk analysis, business impact analysis
|| || || || ||
Business impact analysis, ALE, risk analysis || || || || ||
Risk analysis, ALE, business impact analysis - ✔✔ALE, risk analysis, business impact analysis is
|| || || || || || || || || || || || ||
correct.
|| ||
ALE stands for Annualized Loss Expectancy. It's like a dollar figure used in risk analysis to help
|| || || || || || || || || || || || || || || || || ||
prioritize which risks are most important to tackle first. || || || || || || || || ||
The ALE is a dollar figure used in quantitative risk analysis to prioritize risks; therefore, it cannot
|| || || || || || || || || || || || || || || || ||
be calculated after a risk analysis. The business impact analysis can occur only after risks have
|| || || || || || || || || || || || || || || || ||
been identified. ||
, 2
ALE is like a money calculator for risks, helping you focus on the ones that could cost the most.
|| || || || || || || || || || || || || || || || || || || ||
It's a key part of risk analysis.
|| || || || || ||
Marcel, a security specialist, configures a network appliance to detect and block suspicious
|| || || || || || || || || || || || ||
network activity. What has Marcel configured? || || || || ||
Host-based NIDS ||
Anomaly-based NIDS ||
Signature-based NIDS ||
Anomaly-based NIPS - ✔✔Anomaly-Based NIPS is correct. || || || || || || ||
Imagine a guard for computers called Anomaly-based NIPS. It watches for weird computer
|| || || || || || || || || || || || ||
behavior that doesn't look normal. When it spots something strange (an anomaly), it can stop the
|| || || || || || || || || || || || || || || ||
strange activity, like a superhero stopping a villain's plan.
|| || || || || || || ||
Key Points: ||
Anomaly-based NIPS is like a computer guard. || || || || || ||
It stops weird computer behavior (anomalies).
|| || || || ||
It can prevent the strange activity from causing problems.
|| || || || || || || ||
NIPSs (network intrusion prevention systems)
|| || || ||
Which of the following are examples of spyware? (Choose three.)
|| || || || || || || || ||
Changing the web browser home page || || || || ||
Gathering entered user keystrokes || || ||
Broadcasting ARP cache updates to network hosts || || || || || ||
Flooding a host with network traffic || || || || ||
Manipulating search engine results - ✔✔Gathering entered user keystrokes, Manipulating search || || || || || || || || || || ||
engine results, and Changing the web browser home page are correct.
|| || || || || || || || || ||
