SY0-601 exam

An analyst is working on an email security incident in which the target opened an attachment containing a worm. The analyst wants to implement mitigation techniques to prevent further spread. Which of the following is the BEST course of action for the analyst to take?A . Apply a DLP solution....

A company uses a drone for precise perimeter and boundary monitoring. Which of the following should be MOST concerning to the company?A . Privacy B. Cloud storage of telemetry data C. GPS spoofing D. Weather eventsView AnswerAnswer: A Explanation: The use of a drone for perimeter and boundary monitoring can...

A developer is building a new portal to deliver single-pane-of-glass management capabilities to customers with multiple firewalls. To Improve the user experience, the developer wants to implement an authentication and authorization standard that uses security tokens that contain assertions to pass user Information between nodes. Which of the following roles...

A security researcher is tracking an adversary by noting its attacks and techniques based on its capabilities, infrastructure, and victims. Which of the following is the researcher MOST likely using?A . The Diamond Model of Intrusion Analysis B. The Cyber Kill Chain C. The MITRE CVE database D. The incident...

Which of the following BEST describes a social-engineering attack that relies on an executive at a small business visiting a fake banking website where credit card and account details are harvested?A . Whaling B. Spam C. Invoice scam D. PharmingView AnswerAnswer: A Explanation: A social engineering attack that relies on...

A company's public-facing website, https://www.organization.com, has an IP address of 166.18.75.6. However, over the past hour the SOC has received reports of the site's homepage displaying incorrect information. A quick nslookup search shows hitps://;www.organization.com is pointing to 151.191.122.115. Which of the following is occurring?A . DoS attack B. ARP poisoning...

After a phishing scam fora user's credentials, the red team was able to craft payload to deploy on a server. The attack allowed the installation of malicious software that initiates a new remote session Which of the following types of attacks has occurred?A . Privilege escalation B. Session replay C....

A Chief Information Officer receives an email stating a database will be encrypted within 24 hours unless a payment of $20,000 is credited to the account mentioned In the email. This BEST describes a scenario related to:A . whaling. B. smishing. C. spear phishing D. vishingView AnswerAnswer: C Explanation: The...

A security analyst notices several attacks are being blocked by the NIPS but does not see anything on the boundary firewall logs. The attack seems to have been thwarted. Which of the following resiliency techniques was applied to the network to prevent this attack?A . NIC Teaming B. Port mirroring...

A security analyst has received several reports of an issue on an internal web application. Users state they are having to provide their credentials twice to log in. The analyst checks with the application team and notes this is not an expected behavior. After looking at several logs, the analyst...