SY0-601 exam

The help desk has received calls from users in multiple locations who are unable to access core network services The network team has identified and turned off the network switches using remote commands. Which of the following actions should the network team take NEXT? A. Disconnect all external network connections...

Which of the following BEST describes the team that acts as a referee during a penetration-testing exercise?A . White team B. Purple team C. Green team D. Blue team E. Red teamView AnswerAnswer: A Explanation: During a penetration testing exercise, the white team is responsible for acting as a referee...

The spread of misinformation surrounding the outbreak of a novel virus on election day led to eligible voters choosing not to take the risk of going the polls. This is an example of:A . prepending. B. an influence campaign. C. a watering-hole attack. D. intimidation. E. information elicitation.View AnswerAnswer: B...

During a forensic investigation, a security analyst discovered that the following command was run on a compromised host: Which of the following attacks occurred?A . Buffer overflow B. Pass the hash C. SQL injection D. Replay attackView AnswerAnswer: B Explanation: Pass the hash is an attack technique that allows an...

Which of the following is required in order for an IDS and a WAF to be effective on HTTPS traffic?A . Hashing B. DNS sinkhole C. TLS inspection D. Data maskingView AnswerAnswer: C Explanation: an IDS (Intrusion Detection System) and a WAF (Web Application Firewall) are both used to monitor...

An organization wants seamless authentication to its applications. Which of the following should the organization employ to meet this requirement?A . SOAP B. SAML C. SSO D. KerberosView AnswerAnswer: C Explanation: Single Sign-On (SSO) is a mechanism that allows users to access multiple applications with a single set of login...

A company wants to modify its current backup strategy to modify its current backup strategy to minimize the number of backups that would need to be restored in case of data loss. Which of the following would be the BEST backup strategyA . Incremental backups followed by differential backups B....

The security team received a report of copyright infringement from the IP space of the corporate network. The report provided a precise time stamp for the incident as well as the name of the copyrighted files. The analyst has been tasked with determining the infringing source machine and instructed to...

A security administrator is setting up a SIEM to help monitor for notable events across the enterprise. Which of the following control types does this BEST represent?A . Preventive B. Compensating C. Corrective D. DetectiveView AnswerAnswer: D Explanation: A SIEM is a security solution that helps detect security incidents by...

A security engineer is installing a WAF to protect the company's website from malicious web requests over SSL. Which of the following is needed to meet the objective?A . A reverse proxy B. A decryption certificate C. A spill-tunnel VPN D. Load-balanced serversView AnswerAnswer: B Explanation: A Web Application Firewall...