SY0-601

Joe, a user at a company, clicked an email link led to a website that infected his workstation. Joe, was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and It has continues to evade detection. Which of the...

An organization with a low tolerance for user inconvenience wants to protect laptop hard drives against loss or data theft. Which of the following would be the MOST acceptable?A . SEDB . HSMC . DLPD . TPMView AnswerAnswer: A

A university with remote campuses, which all use different service providers, loses Internet connectivity across all locations. After a few minutes, Internet and VoIP services are restored, only to go offline again at random intervals, typically within four minutes of services being restored. Outages continue throughout the day, impacting all...

Which of the following describes the ability of code to target a hypervisor from insideA . Fog computingB . VM escapeC . Software-defined networkingD . Image forgeryE . Container breakoutView AnswerAnswer: B Explanation: Virtual machine escape is an exploit in which the attacker runs code on a VM that allows...

After a ransomware attack a forensics company needs to review a cryptocurrency transaction between the victim and the attacker. Which of the following will the company MOST likely review to trace this transaction?A . The public ledgerB . The NetFlow dataC . A checksumD . The event logView AnswerAnswer: A

Several employees return to work the day after attending an industry trade show. That same day, the security manager notices several malware alerts coming from each of the employee’s workstations. The security manager investigates but finds no signs of an attack on the perimeter firewall or the NIDS. Which of...

A global pandemic is forcing a private organization to close some business units and reduce staffing at others. Which of the following would be BEST to help the organization’s executives determine the next course of action?A . An incident response planB . A communications planC . A disaster recovery planD...

A recently discovered zero-day exploit utilizes an unknown vulnerability in the SMB network protocol to rapidly infect computers. Once infected, computers are encrypted and held for ransom. Which of the following would BEST prevent this attack from reoccurring?A . Configure the perimeter firewall to deny inbound external connections to SMB...

Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?A . Least privilegeB . Awareness trainingC . Separation of dutiesD . Mandatory vacationView AnswerAnswer: C Explanation: Separation of duties - is a means of establishing checks and balances...

The SOC is reviewing process and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. The allowed the malware to spread to additional hosts before it was contained. Which of the following...