Free Access to CompTIA.SY0-701.v2024-06-22.q184 with Valid Practice Test (Page 12)

Question 51

During a security incident, the security operations team identified sustained network traffic from a malicious IP address: 10.1.4.9. A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization's network. Which of the following fulfills this request?

A.access-list inbound permit ig source 0.0.0.0/0 destination 10.1.4.9/32
B.access-list inbound permit ig source 10.1.4.9/32 destination 0.0.0.0/0
C.access-list inbound deny ig source 10.1.4.9/32 destination 0.0.0.0/0
D.access-list inbound deny ig source 0.0.0.0/0 destination 10.1.4.9/32

Question 52

Malware spread across a company's network after an employee visited a compromised industry blog. Which of the following best describes this type of attack?

A.Impersonation
B.Disinformation
C.Watering-hole
D.Smishing

Question 53

Which of the following are cases in which an engineer should recommend the decommissioning of a network device? (Select two).

A.The device has been moved from a production environment to a test environment.
B.The device is configured to use cleartext passwords.
C.The device is moved to an isolated segment on the enterprise network.
D.The device is moved to a different location in the enterprise.
E.The device's encryption level cannot meet organizational standards.
F.The device is unable to receive authorized updates.

Question 54

A security consultant needs secure, remote access to a client environment. Which of the following should the security consultant most likely use to gain access?

A.EAP
B.DHCP
C.IPSec
D.NAT

Question 55

Which of the following automation use cases would best enhance the security posture of an organization by rapidly updating permissions when employees leave a company?

A.Provisioning resources
B.Disabling access
C.Reviewing change approvals
D.Escalating permission requests

Question 51

Question 52

Question 53

Question 54

Question 55

Download PDF File