SY0-601 exam

A website developer is working on a new e-commerce website and has asked an information security expert for the most appropriate way to store credit card numbers to create an easy reordering process . Which of the following methods would BEST accomplish this goal?A . Salting the magnetic strip informationB...

Which of the following ISO standards is certified for privacy?A . ISO 9001B . ISO 27002C . ISO 27701D . ISO 31000View AnswerAnswer: C Explanation: ISO 27701 also abbreviated as PIMS (Privacy Information Management System) outlines a framework for Personally Identifiable Information (PII) Controllers and PII Processors to manage data...

After entering a username and password, and administrator must gesture on a touch screen . Which of the following demonstrates what the administrator is providing?A . Multifactor authenticationB . Something you can doC . BiometricD . Two-factor authenticationView AnswerAnswer: D

Which of the following are the MOST likely vectors for the unauthorized inclusion of vulnerable code in a software company’s final software releases? (Select TWO.)A . Unsecure protocolsB . Use of penetration-testing utilitiesC . Weak passwordsD . Included third-party librariesE . Vendors/supply chainF . Outdated anti-malware softwareView AnswerAnswer: D,E

A cybersecurity analyst reviews the log files from a web server and sees a series of files that indicates a directory-traversal attack has occurred . Which of the following is the analyst MOST likely seeing? A) B) C) D) A . Option AB . Option BC . Option CD ....

An organization has a growing workforce that is mostly driven by additions to the sales department. Each newly hired salesperson relies on a mobile device to conduct business. The Chief Information Officer (CIO) is wondering it the organization may need to scale down just as quickly as it scaled up....

A researcher has been analyzing large data sets for the last ten months. The researcher works with colleagues from other institutions and typically connects via SSH to retrieve additional data. Historically, this setup has worked without issue, but the researcher recently started getting the following message: Which of the following...

A public relations team will be taking a group of guest on a tour through the facility of a large e-commerce company. The day before the tour, the company sends out an email to employees to ensure all whiteboars are cleaned and all desks are cleared. The company is MOST...

A large industrial system's smart generator monitors the system status and sends alerts to third-party maintenance personnel when critical failures occur. While reviewing the network logs the company's security manager notices the generator's IP is sending packets to an internal file server's IP . Which of the following mitigations would...

Which of the following refers to applications and systems that are used within an organization without consent or approval?A . Shadow ITB . OSINTC . Dark webD . Insider threatsView AnswerAnswer: A