SY0-601 exam

A security analyst was deploying a new website and found a connection attempting to authenticate on the site's portal. While Investigating. The incident, the analyst identified the following Input in the username field: Which of the following BEST explains this type of attack?A . DLL injection to hijack administrator services...

Which of the following uses six initial steps that provide basic control over system security by including hardware and software inventory, vulnerability management, and continuous monitoring to minimize risk in all network environments?A . ISO 27701 B. The Center for Internet Security C. SSAE SOC 2 D. NIST Risk Management...

Which of the following should a technician consider when selecting an encryption method for data that needs to remain confidential for a specific length of time?A . The key length of the encryption algorithm B. The encryption algorithm's longevity C. A method of introducing entropy into key calculations D. The...

A security analyst notices several attacks are being blocked by the NIPS but does not see anything on the boundary firewall logs. The attack seems to have been thwarted. Which of the following resiliency techniques was applied to the network to prevent this attack?A . NIC Teaming B. Port mirroring...

During a Chief Information Security Officer (CISO) convention to discuss security awareness, the attendees are provided with a network connection to use as a resource. As the convention progresses, one of the attendees starts to notice delays in the connection, and the HIIPS site requests are reverting to HTTP. Which...

A security researcher has alerted an organization that its sensitive user data was found for sale on a website. Which of the following should the organization use to inform the affected parties?A . An incident response plan B. A communications plan C. A business continuity plan D. A disaster recovery...

A network analyst is investigating compromised corporate information. The analyst leads to a theory that network traffic was intercepted before being transmitted to the internet. The following output was captured on an internal host: Based on the IoCS, which of the following was the MOST likely attack used to compromise...

Which of the following conditions impacts data sovereignty?A . Rights management B. Criminal investigations C. Healthcare data D. International operationsView AnswerAnswer: D Explanation: Data sovereignty refers to the legal concept that data is subject to the laws and regulations of the country in which it is located. International operations can...

The Chief Executive Officer announced a new partnership with a strategic vendor and asked the Chief Information Security Officer to federate user digital identities using SAML-based protocols. Which of the following will this enable?A . SSO B. MFA C. PKI D. OLPView AnswerAnswer: A Explanation: Federating user digital identities using...

A cybersecurity administrator needs to allow mobile BYOD devices to access network resources. As the devices are not enrolled to the domain and do not have policies applied to them, which of the following are best practices for authentication and infrastructure security? (Select TWO).A . Create a new network for...