The Most Up-to-date Guide To SY0-601 Free Samples

NEW QUESTION 1
A small company that does not have security staff wants to improve its security posture. Which of the following would BEST assist the company?

• A. MSSP
• B. SOAR
• C. IaaS
• D. PaaS

Answer: B

NEW QUESTION 2
A security administrator checks the table of a network switch, which shows the following output:

Which of the following is happening to this switch?

• A. MAC Flooding
• B. DNS poisoning
• C. MAC cloning
• D. ARP poisoning

Answer: A

NEW QUESTION 3
A company has drafted an insider-threat policy that prohibits the use of external storage devices. Which of the following would BEST protect the company from data exfiltration via removable media?

• A. Monitoring large data transfer transactions in the firewall logs
• B. Developing mandatory training to educate employees about the removable media policy
• C. Implementing a group policy to block user access to system files
• D. Blocking removable-media devices and write capabilities using a host-based security tool

Answer: D

NEW QUESTION 4
A security analyst reviews the datacenter access logs for a fingerprint scanner and notices an abundance of errors that correlate with users' reports of issues accessing the facility. Which of the following MOST likely the cause of the cause of the access issues?

• A. False rejection
• B. Cross-over error rate
• C. Efficacy rale
• D. Attestation

Answer: B

NEW QUESTION 5
A university with remote campuses, which all use different service providers, loses Internet connectivity across all locations. After a few minutes, Internet and VoIP services are restored, only to go offline again at random intervals, typically within four minutes of services being restored. Outages continue throughout the day, impacting all inbound and outbound connections and services. Services that are limited to the local LAN or WiFi network are not impacted, but all WAN and VoIP services are affected.
Later that day, the edge-router manufacturer releases a CVE outlining the ability of an attacker to exploit the SIP protocol handling on devices, leading to resource exhaustion and system reloads. Which of the following BEST describe this type of attack? (Choose two.)

• A. DoS
• B. SSL stripping
• C. Memory leak
• D. Race condition
• E. Shimming
• F. Refactoring

Answer: AD

NEW QUESTION 6
An organization's RPO for a critical system is two hours. The system is used Monday through Friday, from 9:00 am to 5:00 pm. Currently, the organization performs a full backup every Saturday that takes four hours to complete. Which of the following additional backup implementations would be the BEST way for the analyst to meet the business requirements?

• A. Incremental backups Monday through Friday at 6:00 p.m and differential backups hourly
• B. Full backups Monday through Friday at 6:00 p.m and incremental backups hourly.
• C. incremental backups Monday through Friday at 6:00 p.m and full backups hourly.
• D. Full backups Monday through Friday at 6:00 p.m and differential backups hourly.

Answer: A

NEW QUESTION 7
During an incident response, a security analyst observes the following log entry on the web server.

Which of the following BEST describes the type of attack the analyst is experience?

• A. SQL injection
• B. Cross-site scripting
• C. Pass-the-hash
• D. Directory traversal

Answer: B

NEW QUESTION 8
A company has determined that if its computer-based manufacturing is not functioning for 12 consecutive hours, it will lose more money that it costs to maintain the equipment. Which of the following must be less than 12 hours to maintain a positive total cost of ownership?

• A. MTBF
• B. RPO
• C. RTO
• D. MTTR

Answer: C

NEW QUESTION 9
A company provides mobile devices to its users to permit access to email and enterprise applications. The company recently started allowing users to select from several different vendors and device models. When configuring the MDM, which of the following is a key security implication of this heterogeneous device approach?

• A. The most common set of MDM configurations will become the effective set of enterprise mobile security controls.
• B. All devices will need to support SCEP-based enrollment; therefore, the heterogeneity of the chosen architecture may unnecessarily expose private keys to adversaries.
• C. Certain devices are inherently less secure than others, so compensatory controls will be needed to address the delta between device vendors.
• D. MDMs typically will not support heterogeneous deployment environments, so multiple MDMs will need to be installed and configured.

Answer: C

NEW QUESTION 10
A security analyst needs to determine how an attacker was able to use User3 to gain a foothold within a company's network. The company's lockout policy requires that an account be locked out for a minimum of 15 minutes after three unsuccessful attempts. While reviewing the log files, the analyst discovers the following:

Which of the following attacks MOST likely occurred?

• A. Dictionary
• B. Credential-stuffing
• C. Password-spraying
• D. Brute-force

Answer: D

NEW QUESTION 11
An enterprise has hired an outside security firm to conduct penetration testing on its network and applications. The firm has only been given the documentation available to the customers of the applications. Which of the following BEST represents the type of testing that will occur?

• A. Bug bounty
• B. Black-box
• C. Gray-box
• D. White-box

Answer: A

NEW QUESTION 12
A network administrator has been asked to design a solution to improve a company's security posture The administrator is given the following, requirements?
• The solution must be inline in the network
• The solution must be able to block known malicious traffic
• The solution must be able to stop network-based attacks
Which of the following should the network administrator implement to BEST meet these requirements?

• A. HIDS
• B. NIDS
• C. HIPS
• D. NIPS

Answer: D

NEW QUESTION 13
Which of the following would be the BEST resource lor a software developer who is looking to improve secure coding practices for web applications?

• A. OWASP
• B. Vulnerability scan results
• C. NIST CSF
• D. Third-party libraries

Answer: A

NEW QUESTION 14
Which of the following BEST explains the reason why a server administrator would place a document named password.txt on the desktop of an administrator account on a server?

• A. The document is a honeyfile and is meant to attract the attention of a cyberintruder.
• B. The document is a backup file if the system needs to be recovered.
• C. The document is a standard file that the OS needs to verify the login credentials.
• D. The document is a keylogger that stores all keystrokes should the account be compromised.

Answer: A

NEW QUESTION 15
Which of the following would be BEST to establish between organizations that have agreed cooperate and are engaged in early discussion to define the responsibilities of each party, but do not want to establish a contractually binding agreement?

• A. An SLA
• B. AnNDA
• C. ABPA
• D. AnMOU

Answer: D

NEW QUESTION 16
A user recently attended an exposition and received some digital promotional materials The user later noticed blue boxes popping up and disappearing on the computer, and reported receiving several spam emails, which the user did not open Which of the following is MOST likely the cause of the reported issue?

• A. There was a drive-by download of malware
• B. The user installed a cryptominer
• C. The OS was corrupted
• D. There was malicious code on the USB drive

Answer: D

NEW QUESTION 17
An auditor is performing an assessment of a security appliance with an embedded OS that was vulnerable during the last two assessments. Which of the following BEST explains the appliance’s vulnerable state?

• A. The system was configured with weak default security settings.
• B. The device uses weak encryption ciphers.
• C. The vendor has not supplied a patch for the appliance.
• D. The appliance requires administrative credentials for the assessment.

Answer: C

NEW QUESTION 18
A security analyst needs to produce a document that details how a security incident occurred, the steps that were taken for recovery, and how future incidents can be avoided. During which of the following stages of the response process will this activity take place?

• A. Recovery
• B. Identification
• C. Lessons learned
• D. Preparation

Answer: C

NEW QUESTION 19
To reduce costs and overhead, an organization wants to move from an on-premises email solution to a cloud-based email solution. At this time, no other services will be moving. Which of the following cloud models would BEST meet the needs of the organization?

• A. MaaS
• B. laaS
• C. SaaS
• D. PaaS

Answer: D

NEW QUESTION 20
A company is adopting a BYOD policy and is looking for a comprehensive solution to protect company information on user devices. Which of the following solutions would BEST support the policy?

• A. Mobile device management
• B. Full-device encryption
• C. Remote wipe
• D. Biometrics

Answer: A

NEW QUESTION 21
A RAT that was used to compromise an organization’s banking credentials was found on a user’s computer. The RAT evaded antivirus detection. It was installed by a user who has local administrator rights to the system as part of a remote management tool set. Which of the following recommendations would BEST prevent this from reoccurring?

• A. Create a new acceptable use policy.
• B. Segment the network into trusted and untrusted zones.
• C. Enforce application whitelisting.
• D. Implement DLP at the network boundary.

Answer: C

NEW QUESTION 22
A manufacturer creates designs for very high security products that are required to be protected and controlled by the government regulations. These designs are not accessible by corporate networks or the Internet. Which of the following is the BEST solution to protect these designs?

• A. An air gap
• B. A Faraday cage
• C. A shielded cable
• D. A demilitarized zone

Answer: A

NEW QUESTION 23
......