SY0-601 exam

An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification?A . It allows for the sharing of digital forensics data across organizations B. It provides insurance in case of a data breach C. It provides complimentary training and...

A company is required to continue using legacy software to support a critical service. Which of the following BEST explains a risk of this practice?A . Default system configuration B. Unsecure protocols C. Lack of vendor support D. Weak encryptionView AnswerAnswer: C Explanation: Using legacy software to support a critical...

A company recently experienced an attack during which its main website was Directed to the attacker's web server, allowing the attacker to harvest credentials from unsuspecting customers,. Which of the following should the company implement to prevent this type of attack from occurring In the future?A . IPsec B. SSL/TLS...

A network analyst is setting up a wireless access point for a home office in a remote, rural location. The requirement is that users need to connect to the access point securely but do not want to have to remember passwords. Which of the following should the network analyst enable...

A desktop support technician recently installed a new document-scanning software program on a computer. However, when the end user tried to launch the program, it did not respond. Which of the following is MOST likely the cause?A . A new firewall rule is needed to access the application. B. The...

If a current private key is compromised, which of the following would ensure it cannot be used to decrypt ail historical data?A . Perfect forward secrecy B. Elliptic-curve cryptography C. Key stretching D. Homomorphic encryptionView AnswerAnswer: A Explanation: Perfect forward secrecy would ensure that it cannot be used to decrypt...

A security engineer is installing a WAF to protect the company's website from malicious web requests over SSL. Which of the following is needed to meet the objective?A . A reverse proxy B. A decryption certificate C. A split-tunnel VPN D. Load-balanced serversView AnswerAnswer: B Explanation: A Web Application Firewall...

An organization would like to remediate the risk associated with its cloud service provider not meeting its advertised 99.999% availability metrics. Which of the following should the organization consult for the exact requirements for the cloud provider?A . SLA B. BPA C. NDA D. MOUView AnswerAnswer: A Explanation: The Service...

A company installed several crosscut shredders as part of increased information security practices targeting data leakage risks. Which of the following will this practice reduce?A . Dumpster diving B. Shoulder surfing C. Information elicitation D. Credential harvestingView AnswerAnswer: A Explanation: Crosscut shredders are used to destroy paper documents and reduce...

The spread of misinformation surrounding the outbreak of a novel virus on election day led to eligible voters choosing not to take the risk of going the polls. This is an example of:A . prepending. B. an influence campaign. C. a watering-hole attack. D. intimidation. E. information elicitation.View AnswerAnswer: B...