SY0-601 exam

Which of the following in a forensic investigation should be priorities based on the order of volatility? (Select TWO).A . Page filesB . Event logsC . RAMD . CacheE . Stored filesF . HDDView AnswerAnswer: C, D Explanation: In a forensic investigation, volatile data should be collected first, based on...

During an incident, a company's CIRT determines it is necessary to observe the continued network-based transactions between a callback domain and the malware running on an enterprise PC. Which of the following techniques would be BEST to enable this activity while reducing the nsk of lateral spread and the risk...

An enterprise needs to keep cryptographic keys in a safe manner. Which of the following network appliances can achieve this goal?A . HSMB . CASBC . TPMD . DLPView AnswerAnswer: A Explanation: Hardware Security Module (HSM) is a network appliance designed to securely store cryptographic keys and perform cryptographic operations....

An enterprise has hired an outside security firm to facilitate penetration testing on its network and applications. The firm has agreed to pay for each vulnerability that ts discovered. Which of the following BEST represents the type of testing that is being used?A . White-boxB . Red-leamC . Bug bountyD...

A new vulnerability in the SMB protocol on the Windows systems was recently discovered, but no patches are currently available to resolve the issue. The security administrator is concerned tf servers in the company's DMZ will be vulnerable to external attack; however, the administrator cannot disable the service on the...

A security incident has been resolved. Which of the following BEST describes the importance of the final phase of the incident response plan?A . It examines and documents how well the team responded discovers what caused the incident, and determines how the incident can be avoided in the futureB ....

A network analyst is setting up a wireless access point for a home office in a remote, rural location. The requirement is that users need to connect to the access point securely but do not want to have to remember passwords. Which of the following should the network analyst enable...

Which of the following would be BEST for a technician to review to determine the total risk an organization can bear when assessing a "cloud-first" adoption strategy?A . Risk matrixB . Risk toleranceC . Risk registerD . Risk appetiteView AnswerAnswer: B Explanation: To determine the total risk an organization can...

Developers are writing code and merging it into shared repositories several times a day, where it is tested automatically. Which of the following concepts does this BEST represent?A . Functional testingB . Stored proceduresC . ElasticityD . Continuous integrationView AnswerAnswer: D Explanation: Continuous integration is a software development practice where...

During an incident a company CIRT determine it is necessary to observe the continued network-based transaction between a callback domain and the malware running on an enterprise PC. Which of the following techniques would be BEST to enable this activity while reducing the risk of lateral spread and the risk...