SY0-601 exam

A user attempts to load a web-based application, but the expected login screen does not appear A help desk analyst troubleshoots the issue by running the following command and reviewing the output on the user's PC The help desk analyst then runs the same command on the local PC Which...

Which of the following BEST describes data streams that are compiled through artificial intelligence that provides insight on current cyberintrusions, phishing, and other malicious cyberactivity?A . Intelligence fusion B. Review reports C. Log reviews D. Threat feedsView AnswerAnswer: A Explanation: Intelligence fusion is a process that involves aggregating and analyzing...

An organization discovered a disgruntled employee exfiltrated a large amount of PII data by uploading files. Which of the following controls should the organization consider to mitigate this risk?A . EDR B. Firewall C. HIPS D. DLPView AnswerAnswer: D Explanation: DLP stands for data loss prevention, which is a set...

one of the attendees starts to notice delays in the connection. and the HTTPS site requests are reverting to HTTP. Which of the following BEST describes what is happening?A . Birthday collision on the certificate key B. DNS hacking to reroute traffic C. Brute force to the access point D....

As part of annual audit requirements, the security team performed a review of exceptions to the company policy that allows specific users the ability to use USB storage devices on their laptops. The review yielded the following results. • The exception process and policy have been correctly followed by the...

Per company security policy, IT staff members are required to have separate credentials to perform administrative functions using just-in-time permissions. Which of the following solutions is the company Implementing?A . Privileged access management B. SSO C. RADIUS D. Attribute-based access controlView AnswerAnswer: A Explanation: The company is implementing privileged access...

Which of the following disaster recovery tests is the LEAST time consuming for the disaster recovery team?A . Tabletop B. Parallel C. Full interruption D. SimulationView AnswerAnswer: A Explanation: A tabletop exercise is a type of disaster recovery test that simulates a disaster scenario in a discussion-based format, without actually...

A Chief Information Officer is concerned about employees using company-issued laptops to steal data when accessing network shares. Which of the following should the company implement?A . DLP B. CASB C. HIDS D. EDR E. UEFIView AnswerAnswer: A Explanation: The company should implement Data Loss Prevention (DLP) to prevent employees...

An organization wants to integrate its incident response processes into a workflow with automated decision points and actions based on predefined playbooks. Which of the following should the organization implement?A . SIEM B. SOAR C. EDR D. CASBView AnswerAnswer: B Explanation: Security Orchestration, Automation, and Response (SOAR) should be implemented...

Which of the following environments utilizes dummy data and is MOST likely to be installed locally on a system that allows code to be assessed directly and modified easily with each build?A . Production B. Test C. Staging D. DevelopmentView AnswerAnswer: D Explanation: A development environment is the environment that...