Free SY0-701 Exam Braindumps

- (Exam Topic 2)
During a security incident the security operations team identified sustained network traffic from a malicious IP address: 10.1.4.9 A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization's network. Which of the following fulfills this request?

1. A. access-list inbound deny ip source 0.0.0.0/0 destination 10.1.4.9/32
2. B. access-list inbound deny ip source 10.1.4.9/32 destination 0.0.0.0/0
3. C. access-list inbound permit ip source 10.1.4.9/32 destination 0.0.0.0/0
4. D. access-list inbound permit ip source 0.0.0.0/0 destination 10.1.4.9/32

Correct Answer: B
This command creates an inbound access list that denies any IP traffic from the source IP address of 10.1.4.9/32 to any destination IP address (0.0.0.0/0). It blocks the originating source of malicious traffic from accessing the organization’s network.

- (Exam Topic 2)
Which of the following describes business units that purchase and implement scripting software without approval from an organization's technology Support staff?

1. A. Shadow IT
2. B. Hacktivist
3. C. Insider threat
4. D. script kiddie

Correct Answer: A
shadow IT is the use of IT-related hardware or software by a department or individual without the knowledge or approval of the IT or security group within the organization12. Shadow IT can encompass cloud services, software, and hardware. The main area of concern today is the rapid adoption of cloud-based service1s.
According to one source3, shadow IT helps you know and identify which apps are being used and what your risk level is. 80% of employees use non-sanctioned apps that no one has reviewed, and may not be compliant with your security and compliance policies.

- (Exam Topic 2)
An engineer recently deployed a group of 100 web servers in a cloud environment. Per the security policy, all web-server ports except 443 should be disabled. Which of the following can be
used to accomplish this task?

1. A. Application allow list
2. B. Load balancer
3. C. Host-based firewall
4. D. VPN

Correct Answer: C
A host-based firewall is a software application that runs on each individual host and controls the incoming and outgoing network traffic based on a set of rules. A host-based firewall can be used to block or allow specific ports, protocols, IP addresses, or applications.
An engineer can use a host-based firewall to accomplish the task of disabling all web-server ports except 443 on a group of 100 web servers in a cloud environment. The engineer can configure the firewall rules on each web server to allow only HTTPS traffic on port 443 and deny any other traffic. Alternatively, the engineer can use a centralized management tool to deploy and enforce the firewall rules across all web servers.

- (Exam Topic 2)
Which of the following automation use cases would best enhance the security posture Of an organi-zation by rapidly updating permissions when employees leave a company Or change job roles inter-nally?

1. A. Provisioning resources
2. B. Disabling access
3. C. APIs
4. D. Escalating permission requests

Correct Answer: B
Disabling access is an automation use case that can enhance the security posture of an organization by rapidly updating permissions when employees leave a company or change job roles internally. It can prevent unauthorized access and data leakage by revoking or modifying the access rights of employees based on their current status and role.

- (Exam Topic 2)
A software developer used open-source libraries to streamline development. Which of the following is the greatest risk when using this approach?

1. A. Unsecure root accounts
2. B. Lack of vendor support
3. C. Password complexity
4. D. Default settings

Correct Answer: A