SY0-601 exam

During a forensic investigation, a security analyst discovered that the following command was run on a compromised host: Which of the following attacks occurred?A . Buffer overflow B. Pass the hash C. SQL injection D. Replay attackView AnswerAnswer: B Explanation: Pass the hash is an attack technique that allows an...

A company recently experienced a major breach. An investigation concludes that customer credit card data was stolen and exfiltrated through a dedicated business partner connection to a vendor, who is not held to the same security contral standards. Which of the following is the MOST likely source of the breach?A...

A company would like to provide flexibility for employees on device preference. However, the company is concerned about supporting too many different types of hardware. Which of the following deployment models will provide the needed flexibility with the GREATEST amount of control and security over company data and infrastructure?A ....

The Chief Information Security Officer wants to pilot a new adaptive, user-based authentication method. The concept Includes granting logical access based on physical location and proximity. Which of the following Is the BEST solution for the pilot?A . Geofencing B. Self-sovereign identification C. PKl certificates D. SSOView AnswerAnswer: A Explanation:...

A software company is analyzing a process that detects software vulnerabilities at the earliest stage possible. The goal is to scan the source looking for unsecure practices and weaknesses before the application is deployed in a runtime environment. Which of the following would BEST assist the company with this objective?A...

A security incident has been resolved. Which of the following BEST describes the importance of the final phase of the incident response plan?A . It examines and documents how well the team responded discovers what caused the incident, and determines how the incident can be avoided in the future B....

A company has discovered unauthorized devices are using its WiFi network, and it wants to harden the access point to improve security. Which of the following configuration should an analysis enable To improve security? (Select TWO.) A. RADIUS B. PEAP C. WPS D. WEP-EKIP E. SSL F. WPA2-PSKView AnswerAnswer: A,F...

An organization is moving away from the use of client-side and server-side certificates for EAR The company would like for the new EAP solution to have the ability to detect rogue access points. Which of the following would accomplish these requirements?A . PEAP B. EAP-FAST C. EAP-TLS D. EAP-TTLSView AnswerAnswer:...

A major clothing company recently lost a large amount of proprietary information. The security officer must find a solution to ensure this never happens again. Which of the following is the BEST technical implementation to prevent this from happening again?A . Configure DLP solutions B. Disable peer-to-peer sharing C. Enable...

A systems administrator is considering different backup solutions for the IT infrastructure. The company is looking for a solution that offers the fastest recovery time while also saving the most amount of storage used to maintain the backups. Which of the following recovery solutions would be the BEST option to...