SY0-601 exam

A security administrator wants to implement a program that tests a user's ability to recognize attacks over the organization's email system. Which of the following would be BEST suited for this task?A . Social media analysis B. Annual information security training C. Gamification D. Phishing campaignView AnswerAnswer: D Explanation: A...

A customer has reported that an organization's website displayed an image of a smiley (ace rather than the expected web page for a short time two days earlier. A security analyst reviews log tries and sees the following around the lime of the incident: Which of the following is MOST...

Which of the following authentication methods is considered to be the LEAST secure?A . TOTP B. SMS C. HOTP D. Token keyView AnswerAnswer: B Explanation: SMS-based authentication is considered to be the least secure among the given options. This is because SMS messages can be intercepted or redirected by attackers...

A company was compromised, and a security analyst discovered the attacker was able to get access to a service account. The following logs were discovered during the investigation: Which of the following MOST likely would have prevented the attacker from learning the service account name?A . Race condition testing B....

A security analyst has been tasked with creating a new WiFi network for the company. The requirements received by the analyst are as follows: • Must be able to differentiate between users connected to WiFi • The encryption keys need to change routinely without interrupting the users or forcing reauthentication...

During an incident, a company's CIRT determines it is necessary to observe the continued network-based transactions between a callback domain and the malware running on an enterprise PC. Which of the following techniques would be BEST to enable this activity while reducing the nsk of lateral spread and the risk...

Which of the following would MOST likely be identified by a credentialed scan but would be missed by an uncredentialed scan?A . Vulnerabilities with a CVSS score greater than 6.9. B. Critical infrastructure vulnerabilities on non-IP protocols. C. CVEs related to non-Microsoft systems such as printers and switches. D. Missing...

A security analyst wants to verify that a client-server (non-web) application is sending encrypted traffic. Which of the following should the analyst use?A . openssl B. hping C. netcat D. tcpdumpView AnswerAnswer: A Explanation: To verify that a client-server (non-web) application is sending encrypted traffic, a security analyst can use...

Which of the following should a technician consider when selecting an encryption method for data that needs to remain confidential for a specific length of time?A . The key length of the encryption algorithm B. The encryption algorithm's longevity C. A method of introducing entropy into key calculations D. The...

Which of the following is the MOST secure but LEAST expensive data destruction method for data that is stored on hard drives?A . Pulverizing B. Shredding C. Incinerating D. DegaussingView AnswerAnswer: B Explanation: Shredding may be the most secure and cost-effective way to destroy electronic data in any media that...