SY0-601

A manufacturing company has several one-off legacy information systems that cannot be migrated to a newer OS due to software compatibility issues. The Oss are still supported by the vendor, but the industrial software is no longer supported. The Chief Information Security Officer (CISO) has created a resiliency plan for...

A company has determined that if its computer-based manufacturing is not functioning for 12 consecutive hours, it will lose more money that it costs to maintain the equipment . Which of the following must be less than 12 hours to maintain a positive total cost of ownership?A . MTBFB ....

A company uses specially configured workstations tor any work that requires administrator privileges to its Tier 0 and Tier 1 systems. The company follows a strict process to harden systems immediately upon delivery. Even with these strict security measures in place, an incident occurred from one of the workstations. The...

An organization is having difficulty correlating events from its individual AV. EDR. DLP. SWG. WAF. MOM. HIPS, and CASB systems . Which of the following is the BEST way to improve the situation?A . Remove expensive systems that generate few alerts.B . Modify the systems to alert only on critical...

Some laptops recently went missing from a locked storage area that is protected by keyless RFID-enabled locks. There is no obvious damage to the physical space. The security manager identifies who unlocked the door, however, human resources confirms the employee was on vacation at the time of the incident ....

An analyst needs to identify the applications a user was running and the files that were open before the user’s computer was shut off by holding down the power button . Which of the following would MOST likely contain that information?A . NGFWB . PagefileC . NetFlowD . RAMView AnswerAnswer:...

A malicious actor recently penetration a company’s network and moved laterally to the datacenter. Upon investigation, a forensics firm wants to know was in the memory on the compromised server . Which of the following files should be given to the forensics firm?A . SecurityB . ApplicationC . DumpD ....

A security operations analyst is using the company's SIEM solution to correlate alerts . Which of the following stages of the incident response process is this an example of?A . EradicationB . RecoveryC . IdentificationD . PreparationView AnswerAnswer: C

A security analyst is configuring a large number of new company-issued laptops. The analyst received the following requirements: • The devices will be used internationally by staff who travel extensively. • Occasional personal use is acceptable due to the travel requirements. • Users must be able to install and configure...

A symmetric encryption algorithm Is BEST suited for:A . key-exchange scalability.B . protecting large amounts of data.C . providing hashing capabilities,D . implementing non-repudiation.View AnswerAnswer: D