2
Security+ SYO-701 CertMaster CE Domain 2.0 Exam || || || || || || ||
with accurate solutions || ||
An e-commerce company has detected unusual activity on its website, and the security team
|| || || || || || || || || || || || || ||
believes that malicious actors might have exploited a previously unknown vulnerability. Which of
|| || || || || || || || || || || ||
the following actions would be the most effective response to help more quickly identify issues
|| || || || || || || || || || || || || || || ||
such as this in the future? - ✔✔Implement intrusion detection systems and application firewalls.
|| || || || || || || || || || || || ||
A recent cyberattack led to massive disruptions in a country's power grid, causing widespread
|| || || || || || || || || || || || || ||
blackouts and significant economic and social damage. The country's cyber team traced the attack
|| || || || || || || || || || || || ||
to a hostile nation-state's cyber warfare division. In this case, what is the primary motivation of
|| || || || || || || || || || || || || || || || ||
the perpetrators? - ✔✔War
|| || ||
You are assessing a data center's physical security measures. During your assessment, you
|| || || || || || || || || || || || ||
identify potential vulnerabilities in the physical security controls that could allow unauthorized
|| || || || || || || || || || || ||
access to the data center. Which of the following is the most effective physical security measure to
|| || || || || || || || || || || || || || || ||
prevent unauthorized access to the data center? - ✔✔Implementing biometric access controls
|| || || || || || || || || || || ||
A web designer at a cybersecurity corporation receives an email from what appears to be a trusted
|| || || || || || || || || || || || || || || || ||
colleague within the company. The email requests sensitive financial information to complete an
|| || || || || || || || || || || || ||
urgent transaction and looks legitimate, displaying the colleague's name, company logo, and
|| || || || || || || || || || || ||
formatting. What type of sophisticated phishing attack occurs in this scenario? - ✔✔Business
|| || || || || || || || || || || || ||
email compromise ||
What technique does the threat actor use in a Bluetooth network attack to transmit malicious files
|| || || || || || || || || || || || || || || ||
to a user's device? - ✔✔Exploiting vulnerabilities or misconfigurations in the Bluetooth protocol
|| || || || || || || || || || || ||
A cybersecurity analyst at a large corporation observes unusual activity in the log entries for an
|| || || || || || || || || || || || || || || ||
employee account. The logs show access to sensitive company systems from one location, and
|| || || || || || || || || || || || || ||
then just an hour later from another location thousands of miles away, without any VPN usage or
|| || || || || || || || || || || || || || || || ||
other secure remote access tools being logged. The employee in question is known to be traveling
|| || || || || || || || || || || || || || || ||
, 2
without any company-issued secure remote access devices. Which security anomaly is most likely
|| || || || || || || || || || || ||
occurring in this situation? - ✔✔Impossible travel
|| || || || || || ||
As a security consultant for a regional bank, you have been asked to evaluate the risks associated
|| || || || || || || || || || || || || || || || ||
with employees using jailbroken or rooted smartphones under the company's BYOD (Bring Your
|| || || || || || || || || || || || ||
Own Device) policy. What are the security risks associated with allowing these devices to access
|| || || || || || || || || || || || || || ||
corporate data? (Select the two best options.) - ✔✔Increased susceptibility to malware infections
|| || || || || || || || || || || ||
Bypassing corporate security policies and controls || || || || ||
A threat actor infiltrates an organization's network and silently extracts sensitive proprietary data
|| || || || || || || || || || || || ||
without detection. The data is considered high value on the black market and the nefarious actor
|| || || || || || || || || || || || || || || ||
communicates to the company that it will expose its' secrets if they do not comply with demands. || || || || || || || || || || || || || || || || ||
Which motivations BEST align with this threat actor's likely objective? - ✔✔Extortion
|| || || || || || || || || || ||
An employee of a tech firm decides to leak confidential information to the public, revealing that
|| || || || || || || || || || || || || || || ||
the firm has been engaging in questionable privacy practices. The employee does not seek to
|| || || || || || || || || || || || || || ||
profit from this action but believes the public has a right to know. What primarily motivates this
|| || || || || || || || || || || || || || || || ||
type of threat actor? - ✔✔Ethical concerns
|| || || || || ||
A major online retailer experiences a sudden halt in its services during the peak holiday shopping
|| || || || || || || || || || || || || || || ||
season. It traces the cause back to an orchestrated distributed denial of service (DDoS) attack,
|| || || || || || || || || || || || || || ||
which overwhelmed the retailer's servers with traffic, making it impossible for legitimate users to
|| || || || || || || || || || || || || ||
access the site. What attack strategy best aligns with this scenario? - ✔✔Service disruption
|| || || || || || || || || || || || ||
You are a cybersecurity analyst at a large organization that extensively uses Instant Messaging
|| || || || || || || || || || || || || ||
(IM) services. The leadership team is concerned about potential attacks targeting the IM app.
|| || || || || || || || || || || || || ||
Which of the following actions can address this concern? - ✔✔Regularly update and patch the
|| || || || || || || || || || || || || || ||
Instant Messaging app. || ||
In a recent incident, a hacker group infiltrated a global financial institution's systems and stole the
|| || || || || || || || || || || || || || || ||
credit card information of millions of customers. The valuable information was soon available on
|| || || || || || || || || || || || || ||
the dark web. Based on the scenario, what is the MOST likely motivation of the hacker group? -
|| || || || || || || || || || || || || || || || || ||
✔✔Financial gain ||
Security+ SYO-701 CertMaster CE Domain 2.0 Exam || || || || || || ||
with accurate solutions || ||
An e-commerce company has detected unusual activity on its website, and the security team
|| || || || || || || || || || || || || ||
believes that malicious actors might have exploited a previously unknown vulnerability. Which of
|| || || || || || || || || || || ||
the following actions would be the most effective response to help more quickly identify issues
|| || || || || || || || || || || || || || || ||
such as this in the future? - ✔✔Implement intrusion detection systems and application firewalls.
|| || || || || || || || || || || || ||
A recent cyberattack led to massive disruptions in a country's power grid, causing widespread
|| || || || || || || || || || || || || ||
blackouts and significant economic and social damage. The country's cyber team traced the attack
|| || || || || || || || || || || || ||
to a hostile nation-state's cyber warfare division. In this case, what is the primary motivation of
|| || || || || || || || || || || || || || || || ||
the perpetrators? - ✔✔War
|| || ||
You are assessing a data center's physical security measures. During your assessment, you
|| || || || || || || || || || || || ||
identify potential vulnerabilities in the physical security controls that could allow unauthorized
|| || || || || || || || || || || ||
access to the data center. Which of the following is the most effective physical security measure to
|| || || || || || || || || || || || || || || ||
prevent unauthorized access to the data center? - ✔✔Implementing biometric access controls
|| || || || || || || || || || || ||
A web designer at a cybersecurity corporation receives an email from what appears to be a trusted
|| || || || || || || || || || || || || || || || ||
colleague within the company. The email requests sensitive financial information to complete an
|| || || || || || || || || || || || ||
urgent transaction and looks legitimate, displaying the colleague's name, company logo, and
|| || || || || || || || || || || ||
formatting. What type of sophisticated phishing attack occurs in this scenario? - ✔✔Business
|| || || || || || || || || || || || ||
email compromise ||
What technique does the threat actor use in a Bluetooth network attack to transmit malicious files
|| || || || || || || || || || || || || || || ||
to a user's device? - ✔✔Exploiting vulnerabilities or misconfigurations in the Bluetooth protocol
|| || || || || || || || || || || ||
A cybersecurity analyst at a large corporation observes unusual activity in the log entries for an
|| || || || || || || || || || || || || || || ||
employee account. The logs show access to sensitive company systems from one location, and
|| || || || || || || || || || || || || ||
then just an hour later from another location thousands of miles away, without any VPN usage or
|| || || || || || || || || || || || || || || || ||
other secure remote access tools being logged. The employee in question is known to be traveling
|| || || || || || || || || || || || || || || ||
, 2
without any company-issued secure remote access devices. Which security anomaly is most likely
|| || || || || || || || || || || ||
occurring in this situation? - ✔✔Impossible travel
|| || || || || || ||
As a security consultant for a regional bank, you have been asked to evaluate the risks associated
|| || || || || || || || || || || || || || || || ||
with employees using jailbroken or rooted smartphones under the company's BYOD (Bring Your
|| || || || || || || || || || || || ||
Own Device) policy. What are the security risks associated with allowing these devices to access
|| || || || || || || || || || || || || || ||
corporate data? (Select the two best options.) - ✔✔Increased susceptibility to malware infections
|| || || || || || || || || || || ||
Bypassing corporate security policies and controls || || || || ||
A threat actor infiltrates an organization's network and silently extracts sensitive proprietary data
|| || || || || || || || || || || || ||
without detection. The data is considered high value on the black market and the nefarious actor
|| || || || || || || || || || || || || || || ||
communicates to the company that it will expose its' secrets if they do not comply with demands. || || || || || || || || || || || || || || || || ||
Which motivations BEST align with this threat actor's likely objective? - ✔✔Extortion
|| || || || || || || || || || ||
An employee of a tech firm decides to leak confidential information to the public, revealing that
|| || || || || || || || || || || || || || || ||
the firm has been engaging in questionable privacy practices. The employee does not seek to
|| || || || || || || || || || || || || || ||
profit from this action but believes the public has a right to know. What primarily motivates this
|| || || || || || || || || || || || || || || || ||
type of threat actor? - ✔✔Ethical concerns
|| || || || || ||
A major online retailer experiences a sudden halt in its services during the peak holiday shopping
|| || || || || || || || || || || || || || || ||
season. It traces the cause back to an orchestrated distributed denial of service (DDoS) attack,
|| || || || || || || || || || || || || || ||
which overwhelmed the retailer's servers with traffic, making it impossible for legitimate users to
|| || || || || || || || || || || || || ||
access the site. What attack strategy best aligns with this scenario? - ✔✔Service disruption
|| || || || || || || || || || || || ||
You are a cybersecurity analyst at a large organization that extensively uses Instant Messaging
|| || || || || || || || || || || || || ||
(IM) services. The leadership team is concerned about potential attacks targeting the IM app.
|| || || || || || || || || || || || || ||
Which of the following actions can address this concern? - ✔✔Regularly update and patch the
|| || || || || || || || || || || || || || ||
Instant Messaging app. || ||
In a recent incident, a hacker group infiltrated a global financial institution's systems and stole the
|| || || || || || || || || || || || || || || ||
credit card information of millions of customers. The valuable information was soon available on
|| || || || || || || || || || || || || ||
the dark web. Based on the scenario, what is the MOST likely motivation of the hacker group? -
|| || || || || || || || || || || || || || || || || ||
✔✔Financial gain ||
