SY0-601 exam

A DBA reports that several production server hard drives were wiped over the weekend. The DBA also reports that several Linux servers were unavailable due to system files being deleted unexpectedly. A security analyst verified that software was configured to delete data deliberately from those servers. No backdoors to any...

Which of the following terms describes a broad range of information that is sensitive to a specific organization?A . Public B. Top secret C. Proprietary D. Open-sourceView AnswerAnswer: C

Which of the following would be the BEST way to analyze diskless malware that has infected a VDI?A . Shut down the VDI and copy off the event logs. B. Take a memory snapshot of the running system. C. Use NetFlow to identify command-and-control IPs. D. Run a full on-demand...

After a recent security breach, a security analyst reports that several administrative usernames and passwords are being sent via cleartext across the network to access network devices over port 23. Which of the following should be implemented so all credentials sent over the network are encrypted when remotely accessing and...

Field workers in an organization are issued mobile phones on a daily basis All the work is performed within one city and the mobile phones are not used for any purpose other than work. The organization does not want these pnones used for personal purposes. The organization would like to...

A company wants to restrict emailing of PHI documents. The company is implementing a DLP solution. In order to reslnct PHI documents which of the following should be performed FIRST?A . Retention B. Governance C. Classification D. Change managementView AnswerAnswer: C

Multiple business accounts were compromised a few days after a public website had its credentials database leaked on the internet No business emails were Identified in the breach, but the security team thinks that the list of passwords exposed was later used to compromise business accounts. Which of Ihe following...

During a recent incident an external attacker was able to exploit an SMB vulnerability over the internet. Which of the following action items should a security analyst perform FIRST to prevent this from occurring again?A . Check for any recent SMB CVEs B. Install AV on the affected server C....

An organization maintains several environments in which patches are developed and tested before deployed to an operation status. Which of the following is the environment in which patches will be deployed just prior to being put into an operational status?A . Development B. Test C. Production D. StagingView AnswerAnswer: D...

A security analyst receives an alert from trie company's SIEM that anomalous activity is coming from a local source IP address of 192.168.34.26. The Chief Information Security Officer asks the analyst to block the originating source Several days later, another employee opens an internal ticket stating that vulnerability scans are...