SY0-601 exam

The CSIRT is reviewing the lessons learned from a recent incident. A worm was able to spread unhindered throughout the network and infect a large number of computers and servers. Which of the following recommendations would be BEST to mitigate the impacts of a similar incident in the future?A ....

Which of the following scenarios BEST describes a risk reduction technique?A . A security control objective cannot be met through a technical change, so the company purchases insurance and is no longer concerned about losses from data breaches.B . A security control objective cannot be met through a technical change,...

A company processes highly sensitive data and senior management wants to protect the sensitive data by utilizing classification labels. Which of the following access control schemes would be BEST for the company to implement?A . DiscretionaryB . Rule-basedC . Role-basedD . MandatoryView AnswerAnswer: D

A network administrator has been asked to design a solution to improve a company's security posture. The administrator is given the following, requirements? • The solution must be inline in the network • The solution must be able to block known malicious traffic • The solution must be able to...

A security engineer is reviewing log files after a third discovered usernames and passwords for the organization’s accounts. The engineer sees there was a change in the IP address for a vendor website one earlier. This change lasted eight hours. Which of the following attacks was MOST likely used?A ....

When selecting a technical solution for identity management, an architect chooses to go from an in-house to a third-party SaaS provider. Which of the following risk management strategies is this an example of?A . AcceptanceB . MitigationC . AvoidanceD . TransferenceView AnswerAnswer: D

A user recently entered a username and password into a recruiting application website that had been forged to look like the legitimate site. Upon investigation, a security analyst the identifies the following: • The legitimate websites IP address is 10.1.1.20 and eRecruit local resolves to the IP • The forged...

A Chief Security Office's (CSO's) key priorities are to improve preparation, response, and recovery practices to minimize system downtime and enhance organizational resilience to ransomware attacks. Which of the following would BEST meet the CSO's objectives?A . Use email-filtering software and centralized account management, patch high-risk systems, and restrict administration...

Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?A . An attacker is sniffing traffic to port 53, and the server is managed using unencrypted usernames and passwords.B . An organization is experiencing excessive traffic on port 53 and suspects an attacker is trying...

Users at organization have been installing programs from the internet on their workstations without first proper authorization. The organization maintains a portal from which users can install standardized programs. However, some users have administrative access on their workstations to enable legacy programs to function property. Which of the following should...