CompTIA SY0-701 Practice Test - Questions Answers, Page 17

Shadow IT is the term used to describe the use of unauthorized or unapproved IT resources within an organization. The marketing department set up its own project management software without telling the appropriate departments, such as IT, security, or compliance.This could pose a risk to the organization's security posture, data integrity, and regulatory compliance1.

A firewall ACL (access control list) is a set of rules that determines which traffic is allowed or denied by the firewall. The rules are processed in order, from top to bottom, until a match is found. The syntax of a firewall ACL rule is:

Access list <direction> <source address> <destination address>

To limit outbound DNS traffic originating from the internal network, the firewall ACL should allow only the device with the IP address 10.50.10.25 to send DNS requests to any destination on port 53, and deny all other outbound traffic on port 53. The correct firewall ACL is:

Access list outbound permit 10.50.10.25/32 0.0.0.0/0 port 53 Access list outbound deny 0.0.0.0/0 0.0.0.0/0 port 53

The first rule permits outbound traffic from the source address 10.50.10.25/32 (a single host) to any destination address (0.0.0.0/0) on port 53 (DNS).The second rule denies all other outbound traffic on port 532.

Thin clients are devices that rely on a server or a cloud service to perform most of the processing and storage tasks, while only providing a minimal interface for the user. Thin clients are low-cost solutions that can enable users on the shop floor to log in to the VDI (virtual desktop infrastructure) environment directly, without requiring a full-fledged computer or laptop.

Security awareness training is an administrative control that educates users on the best practices and policies for protecting the organization's data and systems from various threats, such as malware, phishing, social engineering, etc. Security awareness training can reduce the occurrence of malware execution by increasing the users' ability to recognize and avoid malicious links, attachments, downloads, or websites.

A service level agreement (SLA) is a document that defines the level of service expected by a customer from a service provider, indicating the metrics by which that service is measured, and the remedies or penalties, if any, should the agreed-upon levels not be achieved. An SLA can specify the minimum uptime or availability of a service, such as 99.99%, and the consequences for failing to meet that standard. A memorandum of agreement (MOA), a statement of work (SOW), and a memorandum of understanding (MOU) are other types of documents that can be used to establish a relationship between parties, but they do not typically include the details of service levels and performance metrics that an SLA does.

Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 16-17

Jailbreaking is the process of removing the restrictions imposed by the manufacturer or carrier on a mobile device, such as an iPhone or iPad. Jailbreaking allows users to install unauthorized applications, modify system settings, and access root privileges. However, jailbreaking also exposes the device to potential security risks, such as malware, spyware, unauthorized access, data loss, and voided warranty.Therefore, an organization may prohibit employees from jailbreaking their mobile devices to prevent these vulnerabilities and protect the corporate data and network.Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 10: Mobile Device Security, page 5072

Peer review and approval is a practice that involves having other developers or experts review the code before it is deployed or released. Peer review and approval can help detect and prevent malicious code, errors, bugs, vulnerabilities, and poor quality in the development process. Peer review and approval can also enforce coding standards, best practices, and compliance requirements.Peer review and approval can be done manually or with the help of tools, such as code analysis, code review, and code signing.Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, Chapter 11: Secure Application Development, page 5432

Orchestration is the process of automating multiple tasks across different systems and applications. It can help save time and reduce human error by executing predefined workflows and scripts.In this case, the systems administrator can use orchestration to create accounts for a large number of end users without having to manually enter their information and assign permissions.Reference:CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 4571

Access control lists (ACLs) are rules that specify which users or groups can access which resources on a file server. They can help restrict access to confidential data by granting or denying permissions based on the identity or role of the user.In this case, the administrator can use ACLs to quickly modify the access rights of the users and prevent them from accessing the data they are not authorized to see.Reference:CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 3081