SY0-601 exam

The following are the logs of a successful attack. Which of the following controls would be BEST to use to prevent such a breach in the future?A . Password history B. Account expiration C. Password complexity D. Account lockoutView AnswerAnswer: C Explanation: To prevent such a breach in the future,...

A bad actor tries to persuade someone to provide financial information over the phone in order to gain access to funds. Which of the following types of attacks does this scenario describe?A . Vishing B. Phishing C. Spear phishing D. WhalingView AnswerAnswer: A Explanation: Vishing is a social engineering attack...

During an incident, a company's CIRT determines it is necessary to observe the continued network-based transactions between a callback domain and the malware running on an enterprise PC. Which of the following techniques would be BEST to enable this activity while reducing the nsk of lateral spread and the risk...

As part of a company's ongoing SOC maturation process, the company wants to implement a method to share cyberthreat intelligence data with outside security partners. Which of the following will the company MOST likely implement?A . TAXII B. TLP C. TTP D. STIXView AnswerAnswer: A Explanation: Trusted Automated Exchange of...

An organization wants to integrate its incident response processes into a workflow with automated decision points and actions based on predefined playbooks. Which of the following should the organization implement?A . SIEM B. SOAR C. EDR D. CASBView AnswerAnswer: B Explanation: Security Orchestration, Automation, and Response (SOAR) should be implemented...

An analyst Is generating a security report for the management team. Security guidelines recommend disabling all listening unencrypted services. Given this output from Nmap: Which of the following should the analyst recommend to disable?A . 21/tcp B. 22/tcp C. 23/tcp D. 443/tcpView AnswerAnswer: A

Which of the following isa risk that is specifically associated with hesting applications iin the public cloud?A . Unsecured root accounts B. Zero day C. Shared tenancy D. Insider threatView AnswerAnswer: C Explanation: When hosting applications in the public cloud, there is a risk of shared tenancy, meaning that multiple...

Which of the following would MOST likely be identified by a credentialed scan but would be missed by an uncredentialed scan?A . Vulnerabilities with a CVSS score greater than 6.9. B. Critical infrastructure vulnerabilities on non-IP protocols. C. CVEs related to non-Microsoft systems such as printers and switches. D. Missing...

A company wants to modify its current backup strategy to modify its current backup strategy to minimize the number of backups that would need to be restored in case of data loss. Which of the following would be the BEST backup strategyA . Incremental backups followed by differential backups B....

Which of the following BEST describes a social-engineering attack that relies on an executive at a small business visiting a fake banking website where credit card and account details are harvested?A . Whaling B. Spam C. Invoice scam D. PharmingView AnswerAnswer: A Explanation: A social engineering attack that relies on...