Sec + CertMaster SY0-701
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
Domain 3 Assessment exam with ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
correct answers ||\\||\\
A large multinational corporation is restructuring its IT
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
division. The corporation defines roles, responsibilities, ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
and levels of authority for different tasks across various
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
teams. What type of tool is the corporation likely to use to
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
document this information? - correct answers ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
✔✔Responsibility matrix ||\\||\\
A security engineer is updating the company's cyber
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
security strategy. Which of the following strategies is the
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
MOST effective in reducing the company's network attack
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
surface? - correct answers ✔✔Establish multiple control ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
categories and functions to enforce multiple layers of ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
protection.
During an annual review, a health services company's
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
leadership aims to scrutinize its disaster response and ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
,data recovery protocols. They focus on effectiveness,
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
hidden weaknesses, and clarity of employee roles during a ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
disaster. Which course of action would BEST serve these
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
objectives? - correct answers ✔✔Organizing tabletop ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
exercises
A financial services company tasks its IT security team
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
with reducing the network's attack surface. They have
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
segmented the network into security zones, put port ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
security measures in place, and physically isolated critical ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
servers. The IT security team wants to further reduce the ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
risk of attack by managing traffic flow between security
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
zones. Which of the following measures should the team ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
implement? - correct answers ✔✔Apply the principle of ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
least privilege when defining traffic policies between
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
zones.
A systems engineer must develop a design strategy for a
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
new data center that provides services around-the-clock,
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
and any disruptions must resolve quickly. Which of the
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
following is a primary consideration in the engineer's ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
, design to meet these requirements? - correct answers ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
✔✔Ease of recovery ||\\||\\ ||\\||\\
A multinational corporation wants to standardize and
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
automate the setup of its Information Technology (IT) ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
infrastructure across various branches. This would reduce ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
manual setup errors and allow for quicker deployment ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
and scaling of resources as per demand. Which
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
methodology should the corporation adopt to accomplish ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
this? - correct answers ✔✔Infrastructure as code ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
A major e-commerce company is planning for a disaster
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
recovery strategy that balances minimal data loss, quick ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
recovery, and budget considerations. It needs a recovery ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
site that does not necessitate instant recovery but
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
restores critical systems promptly. Which option BEST ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
suits the company's recovery site requirements? - correct
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
answers ✔✔Establishing a warm site ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
An organization implements a new network infrastructure
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
and plans to use an intrusion prevention system (IPS) for
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
Domain 3 Assessment exam with ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
correct answers ||\\||\\
A large multinational corporation is restructuring its IT
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
division. The corporation defines roles, responsibilities, ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
and levels of authority for different tasks across various
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
teams. What type of tool is the corporation likely to use to
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
document this information? - correct answers ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
✔✔Responsibility matrix ||\\||\\
A security engineer is updating the company's cyber
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
security strategy. Which of the following strategies is the
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
MOST effective in reducing the company's network attack
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
surface? - correct answers ✔✔Establish multiple control ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
categories and functions to enforce multiple layers of ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
protection.
During an annual review, a health services company's
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
leadership aims to scrutinize its disaster response and ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
,data recovery protocols. They focus on effectiveness,
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
hidden weaknesses, and clarity of employee roles during a ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
disaster. Which course of action would BEST serve these
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
objectives? - correct answers ✔✔Organizing tabletop ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
exercises
A financial services company tasks its IT security team
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
with reducing the network's attack surface. They have
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
segmented the network into security zones, put port ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
security measures in place, and physically isolated critical ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
servers. The IT security team wants to further reduce the ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
risk of attack by managing traffic flow between security
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
zones. Which of the following measures should the team ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
implement? - correct answers ✔✔Apply the principle of ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
least privilege when defining traffic policies between
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
zones.
A systems engineer must develop a design strategy for a
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
new data center that provides services around-the-clock,
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
and any disruptions must resolve quickly. Which of the
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
following is a primary consideration in the engineer's ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
, design to meet these requirements? - correct answers ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
✔✔Ease of recovery ||\\||\\ ||\\||\\
A multinational corporation wants to standardize and
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
automate the setup of its Information Technology (IT) ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
infrastructure across various branches. This would reduce ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
manual setup errors and allow for quicker deployment ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
and scaling of resources as per demand. Which
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
methodology should the corporation adopt to accomplish ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
this? - correct answers ✔✔Infrastructure as code ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
A major e-commerce company is planning for a disaster
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
recovery strategy that balances minimal data loss, quick ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
recovery, and budget considerations. It needs a recovery ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
site that does not necessitate instant recovery but
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
restores critical systems promptly. Which option BEST ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
suits the company's recovery site requirements? - correct
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
answers ✔✔Establishing a warm site ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
An organization implements a new network infrastructure
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
and plans to use an intrusion prevention system (IPS) for
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\
