SY0-601 exam

Which of the following BEST describes a social-engineering attack that relies on an executive at a small business visiting a fake banking website where credit card and account details are harvested?A . WhalingB . SpamC . Invoice scamD . PharmingView AnswerAnswer: A Explanation: A social engineering attack that relies on...

A company reduced the area utilized in its datacenter by creating virtual networking through automation and by creating provisioning routes and rules through scripting. Which of the following does this example describe?A . laCB . MSSPC . ContainersD . SaaSView AnswerAnswer: A Explanation: laaS (Infrastructure as a Service) allows the...

A security analyst wants to verify that a client-server (non-web) application is sending encrypted traffic. Which of the following should the analyst use?A . opensslB . hpingC . netcatD . tcpdumpView AnswerAnswer: A Explanation: To verify that a client-server (non-web) application is sending encrypted traffic, a security analyst can use...

During an incident, a company's CIRT determines it is necessary to observe the continued network-based transactions between a callback domain and the malware running on an enterprise PC. Which of the following techniques would be BEST to enable this activity while reducing the nsk of lateral spread and the risk...

Which of the following environments utilizes dummy data and is MOST likely to be installed locally on a system that allows code to be assessed directly and modified easily with each build?A . ProductionB . TestC . StagingD . DevelopmentView AnswerAnswer: D Explanation: A development environment is the environment that...

A company recently experienced an attack during which its main website was Directed to the attacker's web server, allowing the attacker to harvest credentials from unsuspecting customers. Which of the following should the company implement to prevent this type of attack from occurring In the future?A . IPsecB . SSL/TLSC...

Which of the following function as preventive, detective, and deterrent controls to reduce the risk of physical theft? (Select TWO).A . MantrapsB . Security guardsC . Video surveillanceD . FencesE . BollardsF . AntivirusView AnswerAnswer: A, B Explanation: A - a mantrap can trap those personnal with bad intension(preventive), and...

A security researcher is tracking an adversary by noting its attacks and techniques based on its capabilities, infrastructure, and victims. Which of the following is the researcher MOST likely using?A . The Diamond Model of Intrusion AnalysisB . The Cyber Kill ChainC . The MITRE CVE databaseD . The incident...

The Chief Executive Officer announced a new partnership with a strategic vendor and asked the Chief Information Security Officer to federate user digital identities using SAML-based protocols. Which of the following will this enable?A . SSOB . MFAC . PKID . OLPView AnswerAnswer: A Explanation: Federating user digital identities using...

When planning to build a virtual environment, an administrator need to achieve the following, • Establish polices in Limit who can create new VMs • Allocate resources according to actual utilization‘ • Require justification for requests outside of the standard requirements. • Create standardized categories based on size and resource...