SY0-601 exam

In the middle of a cybersecurity, a security engineer removes the infected devices from the network and lock down all compromised accounts. In which of the following incident response phases is the security engineer currently operating?A . IdentificationB . PreparationC . EradictionD . RecoveryE . ContainmentView AnswerAnswer: E

A manufacturer creates designs for very high security products that are required to be protected and controlled by the government regulations. These designs are not accessible by corporate networks or the Internet . Which of the following is the BEST solution to protect these designs?A . An air gapB ....

After consulting with the Chief Risk Officer (CRO). a manager decides to acquire cybersecurity insurance for the company. Which of the following risk management strategies is the manager adopting?A . Risk acceptanceB . Risk avoidanceC . Risk transferenceD . Risk mitigationView AnswerAnswer: C

During a routine scan of a wireless segment at a retail company, a security administrator discovers several devices are connected to the network that do not match the company's naming convention and are not in the asset Inventory. WiFi access Is protected with 255-Wt encryption via WPA2. Physical access to...

A financial analyst is expecting an email containing sensitive information from a client. When the email arrives, the analyst receives an error and is unable to open the encrypted message . Which of the following is the MOST likely cause of the issue?A . The S/MME plug-in is not enabled.B...

An information security incident recently occurred at an organization, and the organization was required to report the incident to authorities and notify the affected parties. When the organization's customers became of aware of the incident, some reduced their orders or stopped placing orders entirely . Which of the following is...

A manufacturing company has several one-off legacy information systems that cannot be migrated to a newer OS due to software compatibility issues. The Oss are still supported by the vendor, but the industrial software is no longer supported. The Chief Information Security Officer (CISO) has created a resiliency plan for...

A company has determined that if its computer-based manufacturing is not functioning for 12 consecutive hours, it will lose more money that it costs to maintain the equipment . Which of the following must be less than 12 hours to maintain a positive total cost of ownership?A . MTBFB ....

A company uses specially configured workstations tor any work that requires administrator privileges to its Tier 0 and Tier 1 systems. The company follows a strict process to harden systems immediately upon delivery. Even with these strict security measures in place, an incident occurred from one of the workstations. The...

An organization is having difficulty correlating events from its individual AV. EDR. DLP. SWG. WAF. MOM. HIPS, and CASB systems . Which of the following is the BEST way to improve the situation?A . Remove expensive systems that generate few alerts.B . Modify the systems to alert only on critical...