SY0-601 exam

Which of the following authentication methods is considered to be the LEAST secure?A . TOTP B. SMS C. HOTP D. Token keyView AnswerAnswer: B Explanation: SMS-based authentication is considered to be the least secure among the given options. This is because SMS messages can be intercepted or redirected by attackers...

Per company security policy, IT staff members are required to have separate credentials to perform administrative functions using just-in-time permissions. Which of the following solutions is the company Implementing?A . Privileged access management B. SSO C. RADIUS D. Attribute-based access controlView AnswerAnswer: A Explanation: The company is implementing privileged access...

The Chief Executive Officer announced a new partnership with a strategic vendor and asked the Chief Information Security Officer to federate user digital identities using SAML-based protocols. Which of the following will this enable?A . SSO B. MFA C. PKI D. OLPView AnswerAnswer: A Explanation: Federating user digital identities using...

A security analyst must enforce policies to harden an MDM infrastructure. The requirements are as follows: * Ensure mobile devices can be tracked and wiped. * Confirm mobile devices are encrypted. Which of the following should the analyst enable on all the devices to meet these requirements?A . A Geofencing...

A security manager needs to assess the security posture of one of the organization's vendors. The contract with the vendor does not allow for auditing of the vendor's security controls. Which of (he following should the manager request to complete the assessment?A . A service-level agreement B. A business partnership...

HOTSPOT You received the output of a recent vulnerability assessment. Review the assessment and scan output and determine the appropriate remedialion(s} 'or «ach dewce. Remediation options may be selected multiple times, and some devices may require more than one remediation. If at any time you would like to biing bade...

Which of the following involves the inclusion of code in the main codebase as soon as it is written?A . Continuous monitoring B. Continuous deployment C. Continuous Validation D. Continuous integrationView AnswerAnswer: D Explanation: Continuous Integration (CI) is a practice where developers integrate code into a shared repository frequently, preferably...

As part of the lessons-learned phase, the SOC is tasked with building methods to detect if a previous incident is happening again. Which of the following would allow the security analyst to alert the SOC if an event is reoccurring?A . Creating a playbook within the SOAR B. Implementing rules...

The security team received a report of copyright infringement from the IP space of the corporate network. The report provided a precise time stamp for the incident as well as the name of the copyrighted files. The analyst has been tasked with determining the infringing source machine and instructed to...

As part of annual audit requirements, the security team performed a review of exceptions to the company policy that allows specific users the ability to use USB storage devices on their laptops. The review yielded the following results. • The exception process and policy have been correctly followed by the...