SY0-701 Lesson 10: Assess Endpoint Security Capabilities
Which intrusion detection method involves the analysis engine trained to recognize baseline "normal" traffic and generates an incident when it detects deviations from this baseline?
Behavioral- and anomaly-based detection
An organization has a significant amount of mobile devices that it manages. Which mobile device deployment model gives the organization the MOST control over the device, thereby improving security?
COBO
A large manufacturing company relies heavily on industrial control systems to operate its production lines. The company has a range of devices, including programmable logic controllers (PLCs) and human-machine interfaces (HMIs), spread across the factory floor. Due to recent concerns about potential cyber threats, management wants to improve the security of these devices. How would the cybersecurity manager convince senior management of the primary objective of implementing physical device port hardening?
It restricts access to physical interfaces.
A critical infrastructure organization responsible for managing energy distribution across a large region relies heavily on industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems to monitor and control the power grid. Given the critical nature of the operations, the IT team has implemented a control to safeguard these systems. Which control did the IT team use to protect ICS and SCADA systems?
Network segmentation
An organization's cyber security analyst is currently assessing various web filtering technologies for implementation. What is one of the key benefits of web filtering in cybersecurity operations?
Preventing malware infections and phishing attacks from malicious websites
A cybersecurity team for a technology company specializes in developing mobile applications for various industries. The team is working on a new app that utilizes location services to provide users with real-time updates on nearby events and activities. The app's success depends on its ability to provide accurate and relevant information based on the user's current location. However, the project stakeholders have expressed concerns about certain aspects of location services. What is the primary concern surrounding location services in mobile devices?
Privacy
Which security feature in the Linux kernel supports access control security policies, including mandatory access controls (MAC)?
SELinux
What is the purpose of implementing the principle of least privilege in endpoint protection?
To grant minimum permissions needed to perform tasks
A small company recently installed an intrusion detection system (IDS). What is the purpose of the analysis engine in the IDS?
To interpret and scan captured traffic for suspicious activity
A large financial corporation wants to incorporate a sandbox in its network. What is the purpose of using a sandbox in endpoint security?
To isolate and contain malicious files or processes
What is the primary purpose of the cybersecurity approach of User Behavior Analytics (UBA) or User and Entity Behavior Analytics (UEBA)?
To monitor and analyze users' behavior to detect potential threats
An organization uses host-based intrusion detection/prevention (HIDS/HIPS) to secure the enterprise. Why would the organization use this type of mitigation technique?
To monitor and protect individual hosts, like a computer or server, from unauthorized access or malicious activities
A medium-sized company has entrusted its IT administrator with the crucial responsibility of improving network security. The company's network contains sensitive financial data, proprietary software, and employee records. Since the IT administrator's task is implementing access control lists (ACLs), what is the primary objective for using them in computer systems and networks?
To regulate and manage permissions for resource access and actions
Which cybersecurity approach monitors and analyzes the behavior of users within an organization to detect anomalies indicative of potential threats, such as insider threats, compromised accounts, or fraud?
User Behavior Analytics (UBA)/User and Entity Behavior Analytics (UEBA)
