SY0-601 exam

A company's public-facing website, https://www.organization.com, has an IP address of 166.18.75.6. However, over the past hour the SOC has received reports of the site's homepage displaying incorrect information. A quick nslookup search shows hitps://;www.organization.com is pointing to 151.191.122.115. Which of the following is occurring?A . DoS attack B. ARP poisoning...

Which of the following conditions impacts data sovereignty?A . Rights management B. Criminal investigations C. Healthcare data D. International operationsView AnswerAnswer: D Explanation: Data sovereignty refers to the legal concept that data is subject to the laws and regulations of the country in which it is located. International operations can...

A company uses a drone for precise perimeter and boundary monitoring. Which of the following should be MOST concerning to the company?A . Privacy B. Cloud storage of telemetry data C. GPS spoofing D. Weather eventsView AnswerAnswer: A Explanation: The use of a drone for perimeter and boundary monitoring can...

An organization would like to remediate the risk associated with its cloud service provider not meeting its advertised 99.999% availability metrics. Which of the following should the organization consult for the exact requirements for the cloud provider?A . SLA B. BPA C. NDA D. MOUView AnswerAnswer: A Explanation: The Service...

Which of the following describes a maintenance metric that measures the average time required to troubleshoot and restore failed equipment?A . RTO B. MTBF C. MTTR D. RPOView AnswerAnswer: C Explanation: Mean Time To Repair (MTTR) is a maintenance metric that measures the average time required to troubleshoot and restore...

A large enterprise has moved all its data to the cloud behind strong authentication and encryption. A sales director recently had a laptop stolen, and later, enterprise data was found to have been compromised from a local database. Which of the following was the MOST likely cause?A . Shadow IT...

The Chief Information Security Officer directed a risk reduction in shadow IT and created a policy requiring all unsanctioned high-risk SaaS applications to be blocked from user access. Which of the following is the BEST security solution to reduce this risk?A . CASB B. VPN concentrator C. MFA D. VPC...

Employees at a company are receiving unsolicited text messages on their corporate cell phones. The unsolicited text messages contain a password reset Link. Which of the attacks is being used to target the company?A . Phishing B. Vishing C. Smishing D. SpamView AnswerAnswer: C Explanation: Smishing is a type of...

Ann, a customer, received a notification from her mortgage company stating her PII may be shared with partners, affiliates, and associates to maintain day-to-day business operations. Which of the following documents did Ann receive?A . An annual privacy notice B. A non-disclosure agreement C. A privileged-user agreement D. A memorandum...

After gaining access to a dual-homed (i.e.. wired and wireless) multifunction device by exploiting a vulnerability in the device's firmware, a penetration tester then gains shell access on another networked asset. This technique is an example of:A . privilege escalation B. footprinting C. persistence D. pivoting.View AnswerAnswer: D Explanation: The...