SY0-601 exam

A security analyst is responding to an alert from the SIEM. The alert states that malware was discovered on a host and was not automatically deleted. Which of the following would be BEST for the analyst to perform?A . Add a deny-all rule to that host in the network ACLB...

Which of the following conditions impacts data sovereignty?A . Rights managementB . Criminal investigationsC . Healthcare dataD . International operationsView AnswerAnswer: D Explanation: Data sovereignty refers to the legal concept that data is subject to the laws and regulations of the country in which it is located. International operations can...

The spread of misinformation surrounding the outbreak of a novel virus on election day led to eligible voters choosing not to take the risk of going the polls. This is an example of:A . prepending.B . an influence campaign.C . a watering-hole attack.D . intimidation.E . information elicitation.View AnswerAnswer: B...

A security engineer is installing a WAF to protect the company's website from malicious web requests over SSL. Which of the following is needed to meet the objective?A . A reverse proxyB . A decryption certificateC . A split-tunnel VPND . Load-balanced serversView AnswerAnswer: B Explanation: A Web Application Firewall...

Which of the following environments can be stood up in a short period of time, utilizes either dummy data or actual data, and is used to demonstrate and model system capabilities and functionality for a fixed, agreed-upon duration of time?A . PoCB . ProductionC . TestD . DevelopmentView AnswerAnswer: A...

A security analyst must enforce policies to harden an MDM infrastructure. The requirements are as follows: * Ensure mobile devices can be tracked and wiped. * Confirm mobile devices are encrypted. Which of the following should the analyst enable on all the devices to meet these requirements?A . A GeofencingB...

A security analyst is running a vulnerability scan to check for missing patches during a suspected security rodent During which of the following phases of the response process is this activity MOST likely occurring?A . ContainmentB . IdentificationC . RecoveryD . PreparationView AnswerAnswer: B Explanation: Vulnerability scanning is a proactive...

A security researcher has alerted an organization that its sensitive user data was found for sale on a website. Which of the following should the organization use to inform the affected parties?A . A An incident response planB . A communications planC . A business continuity planD . A disaster...

A cybersecurity administrator needs to implement a Layer 7 security control on a network and block potential attacks. Which of the following can block an attack at Layer 7? (Select TWO).A . HIDSB . NIPSC . HSMD . WAFE . NACF . NIDSG . Stateless firewallView AnswerAnswer: DF Explanation: A...

Which of the following would MOST likely be identified by a credentialed scan but would be missed by an uncredentialed scan?A . Vulnerabilities with a CVSS score greater than 6.9.B . Critical infrastructure vulnerabilities on non-IP protocols.C . CVEs related to non-Microsoft systems such as printers and switches.D . Missing...