SY0-601 exam

Which of the following employee roles is responsible for protecting an organization's collected personal information?A . CTO B. DPO C. CEO D. DBAView AnswerAnswer: B Explanation: Many companies also have a data protection officer or DPO. This is a higher-level manager who is responsible for the organization's overall data privacy...

Multiple business accounts were compromised a few days after a public website had its credentials database leaked on the internet No business emails were Identified in the breach, but the security team thinks that the list of passwords exposed was later used to compromise business accounls. Which of Ihe following...

Data exftitration analysis indicates that an attacker managed to download system configuration notes from a web server. The web-server logs have been deleted, but analysts have determined that the system configuration notes were stored in the database administrator's folder on the web server. Which of the following attacks explains what...

The Chief Compliance Officer from a bank has approved a background check policy for all new hires. Which of the following is the policy MOST likely protecting against?A . Preventing any current employees' siblings from working at the bank to prevent nepotism B. Hiring an employee who has been convicted...

An organization has hired a ted team to simulate attacks on its security posture. Which of the following will the blue team do after detecting an loC?A . Reimage the impacted workstations B. Activate runbooks for incident response C. Conduct forensics on the compromised system D. Conduct passive reconnaissance to...

A company is implementing a DLP solution on the file server. The file server has Pll. financial information, and health information stored on it Depending on what type of data that is hosted on the file server, the company wants different DLP rules assigned to the data. Which of the...

A large industrial system's smart generator monitors the system status and sends alerts to third-party maintenance personnel when critical failures occur. While reviewing the network logs the company's security manager notices the generator's IP is sending packets to an internal file server's IP. Which of the following mitigations would be...

An organization that is located in a flood zone is MOST likely to document the concerns associated with the restoration of IT operation in a:A . business continuity planB . communications plan.C . disaster recovery plan.D . continuity of operations planView AnswerAnswer: C

A security analyst is using a recently released security advisory to review historical logs, looking for the specific activity that was outlined in the advisory. Which of the following is the analyst doing?A . A packet captureB . A user behavior analysisC . Threat huntingD . Credentialed vulnerability scanningView AnswerAnswer:...

Which of the following ISO standards is certified for privacy?A . ISO 9001B . ISO 27002C . ISO 27701D . ISO 31000View AnswerAnswer: C Explanation: ISO 27701 also abbreviated as PIMS (Privacy Information Management System) outlines a framework for Personally Identifiable Information (PII) Controllers and PII Processors to manage data...