SY0-601 exam

A document that appears to be malicious has been discovered in an email that was sent to a company's Chief Financial Officer (CFO). Which of the following would be BEST to allow a security analyst to gather information and confirm it is a malicious document without executing any code it...

An analyst visits an internet forum looking for information about a tool. The analyst finds a threat that appears to contain relevant information. One of the posts says the following: Which of the following BEST describes the attack that was attempted against the forum readers?A . SOU attackB . DLL...

In the middle of a cybersecurity, a security engineer removes the infected devices from the network and lock down all compromised accounts. In which of the following incident response phases is the security engineer currently operating?A . IdentificationB . PreparationC . EradictionD . RecoveryE . ContainmentView AnswerAnswer: E

A company processes highly sensitive data and senior management wants to protect the sensitive data by utilizing classification labels. Which of the following access control schemes would be BEST for the company to implement?A . DiscretionaryB . Rule-basedC . Role-basedD . MandatoryView AnswerAnswer: D

A network administrator has been alerted that web pages are experiencing long load times. After determining it is not a routing or DNS issue, the administrator logs in to the router, runs a command, and receives the following output: Which of the following is the router experiencing?A . DDoS attackB...

A security analyst is reviewing the following attack log output: Which of the following types of attacks does this MOST likely represent?A . Rainbow tableB . Brute-forceC . Password-sprayingD . DictionaryView AnswerAnswer: C Explanation: Password spraying is a type of brute-force attack in which a malicious actor uses a single...

To secure an application after a large data breach, an e-commerce site will be resetting all users’ credentials. Which of the following will BEST ensure the site’s users are not compromised after the reset?A . A password reuse policyB . Account lockout after three failed attemptsC . Encrypted credentials in...

A security analyst is reviewing a new website that will soon be made publicly available. The analyst sees the following in the URL: http://dev-site.comptia.org/home/show.php?sessionID=77276554&loc=us The analyst then sends an internal user a link to the new website for testing purposes, and when the user clicks the link, the analyst is...

A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts. Which of the following security practices would have addressed the issue?A . A non-disclosure agreementB . Least privilegeC...

The Chief Financial Officer (CFO) of an insurance company received an email from Ann, the company’s Chief Executive Officer (CEO), requesting a transfer of $10,000 to an account. The email states Ann is on vacation and has lost her purse, containing cash and credit cards. Which of the following social-engineering...