SY0-601 V1

A Chief Information Security Officer (CISO) needs to create a policy set that meets international standards for data privacy and sharing. Which of the following should the CISO read and understand before writing the policies?A . PCI DSSB . GDPRC . NISTD . ISO 31000View AnswerAnswer: B Explanation: GDPR is...

A RAT that was used to compromise an organization’s banking credentials was found on a user’s computer. The RAT evaded antivirus detection. It was installed by a user who has local administrator rights to the system as part of a remote management tool set. Which of the following recommendations would...

An organization is concerned that is hosted web servers are not running the most updated version of the software. Which of the following would work BEST to help identify potential vulnerabilities?A . Hping3 Cs comptia, org Cp 80B . Nc -1 Cv comptia, org Cp 80C . nmp comptia, org...

A user recently entered a username and password into a recruiting application website that had been forged to look like the legitimate site Upon investigation, a security analyst the identifies the following: • The legitimate websites IP address is 10.1.1.20 and eRecruit local resolves to the IP • The forged...

A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do...

A security analyst is performing a forensic investigation compromised account credentials. Using the Event Viewer, the analyst able to detect the following message, ‘’Special privileges assigned to new login.’’ Several of these messages did not have a valid logon associated with the user before these privileges were assigned. Which of...

A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices. Which of the following technologies would be BEST to balance the BYOD culture while also protecting the company’s data?A . ContainerizationB . GeofencingC . Full-disk encryptionD . Remote wipeView...

An organization suffered an outage and a critical system took 90 minutes to come back online. Though there was no data loss during the outage, the expectation was that the critical system would be available again within 60 minutes. Which of the following is the 60-minute expectation an example of:A...

Joe, an employee, receives an email stating he won the lottery. The email includes a link that requests a name, mobile phone number, address, and date of birth be provided to confirm Joe’s identity before sending him the prize. Which of the following BEST describes this type of email?A ....

A vulnerability assessment report will include the CVSS score of the discovered vulnerabilities because the score allows the organization to better.A . validate the vulnerability exists in the organization's network through penetration testingB . research the appropriate mitigation techniques in a vulnerability databaseC . find the software patches that are...