SY0-601

The CSIRT is reviewing the lessons learned from a recent incident. A worm was able to spread unhindered throughout the network and infect a large number of computers and servers . Which of the following recommendations would be BEST to mitigate the impacts of a similar incident in the future?A...

Joe, a user at a company, clicked an email link led to a website that infected his workstation. Joe, was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and It has continues to evade detection . Which of...

An organization has implemented a policy requiring the use of conductive metal lockboxes for personal electronic devices outside of a secure research lab . Which of the following did the organization determine to be the GREATEST risk to intellectual property when creating this policy?A . The theft of portable electronic...

A global pandemic is forcing a private organization to close some business units and reduce staffing at others . Which of the following would be BEST to help the organization’s executives determine the next course of action?A . An incident response planB . A communications planC . A disaster recovery...

A university with remote campuses, which all use different service providers, loses Internet connectivity across all locations. After a few minutes, Internet and VoIP services are restored, only to go offline again at random intervals, typically within four minutes of services being restored. Outages continue throughout the day, impacting all...

Which of the following is a team of people dedicated testing the effectiveness of organizational security programs by emulating the techniques of potential attackers?A . Red teamB . While teamC . Blue teamD . Purple teamView AnswerAnswer: A Explanation: Red team―performs the offensive role to try to infiltrate the target.

A recently discovered zero-day exploit utilizes an unknown vulnerability in the SMB network protocol to rapidly infect computers. Once infected, computers are encrypted and held for ransom . Which of the following would BEST prevent this attack from reoccurring?A . Configure the perimeter firewall to deny inbound external connections to...

A system administrator needs to implement an access control scheme that will allow an object’s access policy be determined by its owner . Which of the following access control schemes BEST fits the requirements?A . Role-based access controlB . Discretionary access controlC . Mandatory access controlD . Attribute-based access controlView...

An employee has been charged with fraud and is suspected of using corporate assets. As authorities collect evidence, and to preserve the admissibility of the evidence, which of the following forensic techniques should be used?A . Order of volatilityB . Data recoveryC . Chain of custodyD . Non-repudiationView AnswerAnswer: C

A researcher has been analyzing large data sets for the last ten months. The researcher works with colleagues from other institutions and typically connects via SSH to retrieve additional data. Historically, this setup has worked without issue, but the researcher recently started getting the following message: Which of the following...