The Update Guide To SY0-601 Study Guides

NEW QUESTION 1
A security manager for a retailer needs to reduce the scope of a project to comply with PCI DSS. The PCI data is located in different offices than where credit cards are accepted. All the offices are connected via MPLS back to the primary datacenter. Which of the following should the security manager implement to achieve the objective?

• A. Segmentation
• B. Containment
• C. Geofencing
• D. Isolation

Answer: A

NEW QUESTION 2
An organization hired a consultant to assist with an active attack, and the consultant was able to identify the compromised accounts and computers. Which of the following is the consultant MOST likely to recommend to prepare for eradication?

• A. Quarantining the compromised accounts and computers, only providing them with network access
• B. Segmenting the compromised accounts and computers into a honeynet so as to not alert the attackers.
• C. Isolating the compromised accounts and computers, cutting off all network and internet access.
• D. Logging off and deleting the compromised accounts and computers to eliminate attacker access.

Answer: B

NEW QUESTION 3
A security administrator suspects there may be unnecessary services running on a server. Which of the following tools will the administrator MOST likely use to confirm the suspicions?

• A. Nmap
• B. Wireshark
• C. Autopsy
• D. DNSEnum

Answer: A

NEW QUESTION 4
The Chief Financial Officer (CFO) of an insurance company received an email from Ann, the company’s Chief Executive Officer (CEO), requesting a transfer of $10,000 to an account. The email states Ann is on vacation and has lost her purse, containing cash and credit cards. Which of the following social-engineering techniques is the attacker using?

• A. Phishing
• B. Whaling
• C. Typo squatting
• D. Pharming

Answer: B

NEW QUESTION 5
An organization has hired a security analyst to perform a penetration test. The analyst captures 1Gb worth of inbound network traffic to the server and transfer the pcap back to the machine for analysis. Which of the following tools should the analyst use to further review the pcap?

• A. Nmap
• B. cURL
• C. Netcat
• D. Wireshark

Answer: D

NEW QUESTION 6
A technician needs to prevent data loss in a laboratory. The laboratory is not connected to any external networks. Which of the following methods would BEST prevent the exfiltration of data? (Select TWO).

• A. VPN
• B. Drive encryption
• C. Network firewall
• D. File level encryption
• E. USB blocker
• F. MFA

Answer: BE

NEW QUESTION 7
Which of the following relets to applications and systems that are used within an organization without consent or approval?

• A. Shadow IT
• B. OSINT
• C. Dark web
• D. Insider threats

Answer: A

NEW QUESTION 8
A company recently set up an e-commerce portal to sell its product online. The company wants to start accepting credit cards for payment, which requires compliance with a security standard. Which of the following standards must the company comply with before accepting credit cards on its e-commerce platform?

• A. PCI DSS
• B. ISO 22301
• C. ISO 27001
• D. NIST CSF

Answer: A

NEW QUESTION 9
Which of the following are the MOST likely vectors for the unauthorized inclusion of vulnerable code in a software company’s final software releases? (Select TWO.)

• A. Unsecure protocols
• B. Use of penetration-testing utilities
• C. Weak passwords
• D. Included third-party libraries
• E. Vendors/supply chain
• F. Outdated anti-malware software

Answer: AD

NEW QUESTION 10
A company processes highly sensitive data and senior management wants to protect the sensitive data by utilizing classification labels. Which of the following access control schemes would be BEST for the company to implement?

• A. Discretionary
• B. Rule-based
• C. Role-based
• D. Mandatory

Answer: D

NEW QUESTION 11
A Chief Information Security Officer (CISO) needs to create a policy set that meets international standards for data privacy and sharing. Which of the following should the CISO read and understand before writing the policies?

• A. PCI DSS
• B. GDPR
• C. NIST
• D. ISO 31000

Answer: B

NEW QUESTION 12
A security engineer is reviewing log files after a third discovered usernames and passwords for the organization’s accounts. The engineer sees there was a change in the IP address for a vendor website one earlier. This change lasted eight hours. Which of the following attacks was MOST likely used?

• A. Man-in- the middle
• B. Spear-phishing
• C. Evil twin
• D. DNS poising

Answer: D

NEW QUESTION 13
A security analyst receives the configuration of a current VPN profile and notices the authentication is only applied to the IP datagram portion of the packet. Which of the following should the analyst implement to authenticate the entire packet?

• A. AH
• B. ESP
• C. SRTP
• D. LDAP

Answer: B

NEW QUESTION 14
Which of the following BEST explains the difference between a data owner and a data custodian?

• A. The data owner is responsible for adhering to the rules for using the data, while the data custodian is responsible for determining the corporate governance regarding the data
• B. The data owner is responsible for determining how the data may be used, while the data custodian is responsible for implementing the protection to the data
• C. The data owner is responsible for controlling the data, while the data custodian is responsible for maintaining the chain of custody when handling the data
• D. The data owner grants the technical permissions for data access, while the data custodian maintains the database access controls to the data

Answer: B

NEW QUESTION 15
A website developer is working on a new e-commerce website and has asked an information security expert for the most appropriate way to store credit card numbers to create an easy reordering process. Which of the following methods would BEST accomplish this goal?

• A. Salting the magnetic strip information
• B. Encrypting the credit card information in transit.
• C. Hashing the credit card numbers upon entry.
• D. Tokenizing the credit cards in the database

Answer: C

NEW QUESTION 16
A security analyst is reviewing information regarding recent vulnerabilities. Which of the following will the analyst MOST likely consult to validate which platforms have been affected?

• A. OSINT
• B. SIEM
• C. CVSS
• D. CVE

Answer: D

NEW QUESTION 17
A security analyst sees the following log output while reviewing web logs:

Which of the following mitigation strategies would be BEST to prevent this attack from being successful?

• A. Secure cookies
• B. Input validation
• C. Code signing
• D. Stored procedures

Answer: B

NEW QUESTION 18
Phishing and spear-phishing attacks have been occurring more frequently against a company’s staff. Which of the following would MOST likely help mitigate this issue?

• A. DNSSEC and DMARC
• B. DNS query logging
• C. Exact mail exchanger records in the DNS
• D. The addition of DNS conditional forwarders

Answer: C

NEW QUESTION 19
A user recently entered a username and password into a recruiting application website that had been forged to look like the legitimate site Upon investigation, a security analyst the identifies the following:
• The legitimate websites IP address is 10.1.1.20 and eRecruit local resolves to the IP
• The forged website's IP address appears to be 10.2.12.99. based on NetFtow records
• AH three at the organization's DNS servers show the website correctly resolves to the legitimate IP
• DNS query logs show one of the three DNS servers returned a result of 10.2.12.99 (cached) at the approximate time of the suspected compromise.
Which of the following MOST likely occurred?

• A. A reverse proxy was used to redirect network traffic
• B. An SSL strip MITM attack was performed
• C. An attacker temporarily pawned a name server
• D. An ARP poisoning attack was successfully executed

Answer: B

NEW QUESTION 20
Which of the following would MOST likely support the integrity of a voting machine?

• A. Asymmetric encryption
• B. Blockchain
• C. Transport Layer Security
• D. Perfect forward secrecy

Answer: D

NEW QUESTION 21
An organization suffered an outage and a critical system took 90 minutes to come back online. Though there was no data loss during the outage, the expectation was that the critical system would be available again within 60 minutes Which of the following is the 60-minute expectation an example of:

• A. MTBF
• B. RPO
• C. MTTR
• D. RTO

Answer: D

NEW QUESTION 22
A network administrator has been alerted that web pages are experiencing long load times. After determining it is not a routing or DNS issue, the administrator logs in to the router, runs a command, and receives the following output:

Which of the following is the router experiencing?

• A. DDoS attack
• B. Memory leak
• C. Buffer overflow
• D. Resource exhaustion

Answer: D

NEW QUESTION 23
......