SY0-601

Which of the following should be put in place when negotiating with a new vendor about the timeliness of the response to a significant outage or incident?A . MOUB . MTTRC . SLAD . NDAView AnswerAnswer: C

A security analyst has been asked to investigate a situation after the SOC started to receive alerts from the SIEM. The analyst first looks at the domain controller and finds the following events: To better understand what is going on, the analyst runs a command and receives the following output:...

A network engineer needs to build a solution that will allow guests at the company’s headquarters to access the Internet via WiFi. This solution should not allow access to the internal corporate network, but it should require guests to sign off on the acceptable use policy before accessing the Internet....

A security analyst is investigating an incident to determine what an attacker was able to do on a compromised laptop. The analyst reviews the following SIEM log: Which of the following describes the method that was used to compromise the laptop?A . An attacker was able to move laterally from...

The CSIRT is reviewing the lessons learned from a recent incident. A worm was able to spread unhindered throughout the network and infect a large number of computers and servers. Which of the following recommendations would be BEST to mitigate the impacts of a similar incident in the future?A ....

Which of the following scenarios BEST describes a risk reduction technique?A . A security control objective cannot be met through a technical change, so the company purchases insurance and is no longer concerned about losses from data breaches.B . A security control objective cannot be met through a technical change,...

A company processes highly sensitive data and senior management wants to protect the sensitive data by utilizing classification labels. Which of the following access control schemes would be BEST for the company to implement?A . DiscretionaryB . Rule-basedC . Role-basedD . MandatoryView AnswerAnswer: D

A network administrator has been asked to design a solution to improve a company's security posture. The administrator is given the following, requirements? • The solution must be inline in the network • The solution must be able to block known malicious traffic • The solution must be able to...

A security engineer is reviewing log files after a third discovered usernames and passwords for the organization’s accounts. The engineer sees there was a change in the IP address for a vendor website one earlier. This change lasted eight hours. Which of the following attacks was MOST likely used?A ....

When selecting a technical solution for identity management, an architect chooses to go from an in-house to a third-party SaaS provider. Which of the following risk management strategies is this an example of?A . AcceptanceB . MitigationC . AvoidanceD . TransferenceView AnswerAnswer: D