

Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Security+ SYO-701 CertMaster CE Domain 3.0 Test
Typology: Exams
1 / 3
This page cannot be seen from the preview
Don't miss anything!


An organization is implementing an intrusion prevention system (IPS) as part of its efforts to secure its enterprise infrastructure. The IT manager is considering the failure modes of the IPS and is deciding between a fail-open and a fail-closed configuration. What are the implications of each configuration on network traffic in the event of a system failure? - ANSWER - Fail-open will allow all traffic; fail-closed will block all traffic. A multinational corporation is planning to restructure its IT division. The leadership team has decided to define roles, responsibilities, and levels of authority for different tasks across various technical teams. Which tool would be the most appropriate for the leadership team to use in documenting this work? - ANSWER - Responsibility matrix An organization is considering a hybrid cloud deployment to leverage the benefits of both private and public cloud resources. While reviewing third-party vendors, what critical aspect should the employees consider for a secure and effective transition? - ANSWER - Establish clear service level agreements An organization implements measures to protect critical business records. Which term best describes information that, if breached, could harm the company by damaging its reputation? - ANSWER - Sensitive A network engineer is optimizing an existing cloud-based system. The primary goal is to ensure the system remains operational, minimizing downtime, even under adverse conditions or potential failure points. What key characteristic of system design should the engineer prioritize? - ANSWER - Availability A multinational corporation wants to standardize and automate the setup of its technology infrastructure to reduce manual setup errors and support quicker deployment of resources. Which methodology should the corporation adopt to accomplish this? - ANSWER - Infrastructure as code A company is considering upgrading its Wi-Fi network infrastructure. The network team is evaluating the advantages and disadvantages of having a network with a single main Access Point (AP) versus having service distributed among multiple APs. What network design concept are they considering? - ANSWER - Centralized/decentralized A company is developing an aircraft flight control system that requires instantaneous response to certain inputs. Which of the following is MOST suitable for this scenario? - ANSWER - Real-time operating system During an annual review, a health services company's leadership aims to scrutinize its disaster response and data recovery protocols. They focus on effectiveness, hidden weaknesses, and clarity of employee roles during a disaster. Which course of action would BEST serve these objectives? - ANSWER - Organizing tabletop exercises A logistics company must fortify its data center systems against extended-duration power outages. What is the most suitable approach the company should pursue? - ANSWER - D.Deploying onsite generators
You are the IT manager for a growing online retail company planning to migrate its website and customer database to an Infrastructure as a Service (IaaS) platform. Aware of the shared responsibility model in cloud services, you must ensure the security of customer data as part of the migration. In an IaaS environment, which of the following is the MOST critical security consideration for protecting the online retail company's customer database? - ANSWER - Implement strong network access controls You are an analyst in the IT department of a software development company that supports a remote workforce. To ensure the environment's security, you are evaluating an agent-based monitoring solution for employee devices. What is the primary benefit of using an agent-based monitoring solution in a remote work environment? - ANSWER - Provides real- time detection and response to threats on devices The IT manager of a small government agency is designing a new secure network infrastructure and implementing an Intrusion Prevention System (IPS) and an Intrusion Detection System (IDS). To optimize their effectiveness, the manager is considering different deployment methods for the IPS/IDS. The organization's network includes multiple security zones, a virtual private network (VPN) for remote access, and a web application firewall (WAF). Which deployment method provides the most effective solution in this scenario? - ANSWER - Deploy the IPS/IDS devices in inline mode at the network perimeter. A global banking organization requires its cybersecurity team to minimize the network's vulnerability to cyber threats. The team has divided the network into secure segments, implemented port security, and physically isolated key servers. The team plans to restrict traffic flow between network segments to reduce the threat of attack further. Which of the following approaches can best help with this plan? - ANSWER - Enforce role-based access control for traffic policies between zones. The IT department of a healthcare provider maintains a database containing personal health information for its patients. Which of the following labels best describes this data? - ANSWER - Regulated A financial services company is defining the appropriate level of access controls for a specific type of data. The data includes company financial reports that should only be accessible to the senior management team. How should the organization most likely classify this data? - ANSWER - Confidential A bank is implementing a new network security appliance to protect financial data. In the event of a failure, the confidentiality and integrity of the financial data must take precedence over system availability. What should the financial institution set as the failure mode configuration for this appliance? - ANSWER - The security control device should be configured to fail-closed. A parts manufacturer is experiencing frequent power failures in its computer room, which are causing downtime. Which strategy can the manufacturer employ to minimize the impact of these power failures? - ANSWER - Implement a UPS system