SY0-601 exam

A security administrator is analyzing the corporate wireless network. The network only has two access points running on channels 1 and 11. While using airodump-ng. the administrator notices other access points are running with the same corporate ESSID on all available channels and with the same BSSID of one of...

Which of the following organizations sets frameworks and controls for optimal security configuration on systems?A . ISO B. GDPR C. PCI DSS D. NISTView AnswerAnswer: D

A security analyst is evaluating solutions to deploy an additional layer of protection for a web application. The goal is to allow only encrypted communications without relying on network devices. Which of the following can be implemented?A . HTTP security header B. DNSSEC implementation C. SRTP D. S/MIMEView AnswerAnswer: C

DRAG DROP An attack has occurred against a company. INSTRUCTIONS You have been tasked to do the following: Identify the type of attack that is occurring on the network by clicking on the attacker’s tablet and reviewing the output. (Answer Area 1). Identify which compensating controls should be implemented on...

A company is looking to migrate some servers to the cloud to minimize its technology footprint. The company has 100 databases that are on premises. Which of the following solutions will require the LEAST management and support from the company?A . SaaS B. IaaS C. PaaS D. SDNView AnswerAnswer: A...

A security policy states that common words should not be used as passwords. A security auditor was able to perform a dictionary attack against corporate credentials. Which of the following controls was being violated?A . Password complexity B. Password history C. Password reuse D. Password lengthView AnswerAnswer: B

After multiple on premises security solutions were migrated to the cloud, the incident response time increased. The analyst are spending a long time to trace information on different cloud consoles and correlating data in different formats. Which of the following can be used to optimize the incident response time?A ....

During an incident response, an analyst applied rules to all inbound traffic on the border firewall and implemented ACLs on each critical server Following an investigation, the company realizes it is still vulnerable because outbound traffic is not restricted and the adversary is able lo maintain a presence in the...

Field workers in an organization are issued mobile phones on a daily basis All the work is performed within one city and the mobile phones are not used for any purpose other than work. The organization does not want these pnones used for personal purposes. The organization would like to...

An employee received a word processing file that was delivered as an email attachment. The subject line and email content enticed the employee to open the attachment. Which of the following attack vectors BEST matches this malware?A . Embedded Python code B. Macro-enabled file C. Bash scripting D. Credential-harvesting websiteView...