Verified SY0-601 Exam Dumps PDF [2022] Access using VCEDumps [Q291-Q311]

admin May 6, 2022 0 Comments

4/5 - (3 votes)

Verified SY0-601 Exam Dumps PDF [2022] Access using VCEDumps

Try Best SY0-601 Exam Questions from Training Expert VCEDumps

NEW QUESTION 291
A company’s Chief Information Security Officer (CISO) recently warned the security manager that the company’s Chief Executive Officer (CEO) is planning to publish a controversial option article in a national newspaper, which may result in new cyberattacks Which of the following would be BEST for the security manager to use in a threat mode?

Hacktivists

White-hat hackers

Script kiddies

Insider threats

NEW QUESTION 292
A Chief Information Security Officer (CISO) needs to create a policy set that meets international standards for data privacy and sharing. Which of the following should the CISO read and understand before writing the policies?

PCI DSS

GDPR

NIST

ISO 31000

NEW QUESTION 293
Which of the following would produce the closet experience of responding to an actual incident response scenario?

Lessons learned

Simulation

Walk-through

Tabletop

NEW QUESTION 294
A root cause analysis reveals that a web application outage was caused by one of the company’s developers uploading a newer version of the third-party libraries that were shared among several applications. Which of the following implementations would be BEST to prevent the issue from reoccurring?

CASB

SWG

Containerization

Automated failover

NEW QUESTION 295
A transitive trust:

is automatically established between a parent and a child.

is used to update DNS records.

allows access to untrusted domains.

can be used in place of a hardware token for logins.

NEW QUESTION 296
A commercial cyber-threat intelligence organization observes IoCs across a variety of unrelated customers. Prior to releasing specific threat intelligence to other paid subscribers, the organization is MOST likely obligated by contracts to:

perform attribution to specific APTs and nation-state actors.

anonymize any PII that is observed within the IoC data.

add metadata to track the utilization of threat intelligence reports.

assist companies with impact assessments based on the observed data.

NEW QUESTION 297
Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation.
INSTRUCTIONS
Not all attacks and remediation actions will be used.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

NEW QUESTION 298
A network administrator would like to configure a site-to-site VPN utilizing iPSec.
The administrator wants the tunnel to be established with data integrity encryption, authentication and anti- replay functions.
Which of the following should the administrator use when configuring the VPN?

EDR

ESP

DNSSEC

NEW QUESTION 299
Which of the following BEST describes the method a security analyst would use to confirm a file that is downloaded from a trusted security website is not altered in transit or corrupted using a verified checksum?

Hashing

Salting

Integrity

Digital signature

NEW QUESTION 300
A security engineer is setting up passwordless authentication for the first time.
INSTRUCTIONS
Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

NEW QUESTION 301
Which of the following cloud models provides clients with servers, storage, and networks but nothing else?

SaaS

PaaS

IaaS

DaaS

NEW QUESTION 302
A security engineer is setting up passwordless authentication for the first time.
INSTRUCTIONS
Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

NEW QUESTION 303
A security analyst is reviewing logs on a server and observes the following output:

Which of the following is the security analyst observing?

A rainbow table attack

A password-spraying attack

A dictionary attack

A keylogger attack

NEW QUESTION 304
Which of the following represents a multifactor authentication system?

An iris scanner coupled with a palm print reader and fingerprint scanner with liveness detection

A secret passcode that prompts the user to enter a secret key if entered correctly

A digital certificate on a physical token that is unlocked with a secret passcode

A one-time password token combined with a proximity badge

NEW QUESTION 305
An organization has decided to host its web application and database in the cloud Which of the following BEST describes the security concerns for this decision?

Access to the organization’s servers could be exposed to other cloud-provider clients

The cloud vendor is a new attack vector within the supply chain

Outsourcing the code development adds risk to the cloud provider

Vendor support will cease when the hosting platforms reach EOL.

NEW QUESTION 306
An organization’s RPO for a critical system is two hours. The system is used Monday through Friday, from
9:00 am to 5:00 pm.Currently, the organization performs a full backup every Saturday that takes four hours to complete. Which of the following additional backup implementations would be the BEST way for the analyst to meet the business requirements?

Incremental backupsMonday through Friday at 6:00 p.m and differential backups hourly

Full backups Monday through Friday at 6:00 p.m and incremental backups hourly.

incremental backups Monday through Friday at 6:00 p.m and full backups hourly.

Full backups Monday through Friday at 6:00 p.m and differential backups hourly.

NEW QUESTION 307
A new vulnerability in the SMB protocol on the Windows systems was recently discovered, but no patches are currently available to resolve the issue. The security administrator is concerned that servers in the company’s DMZ will be vulnerable to external attack; however, the administrator cannot disable the service on the servers, as SMB is used by a number of internal systems and applications on the LAN.
Which of the following TCP ports should be blocked for all external inbound connections to the DMZ as a workaround to protect the servers? (Select TWO).

135

139

143

161

443

445

NEW QUESTION 308
A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use. Which of the following should the engineer do to determine the issue? (Choose two.)

Perform a site survey

Deploy an FTK Imager

Create a heat map

Scan for rogue access points

Upgrade the security protocols

Install a captive portal

NEW QUESTION 309
A security analyst discovers that a company username and password database was posted on an internet forum.
The username and passwords are stored in plan text. Which of the following would mitigate the damage done by this type of data exfiltration in the future?

Create DLP controls that prevent documents from leaving the network

Implement salting and hashing

Configure the web content filter to block access to the forum.

Increase password complexity requirements

NEW QUESTION 310
Which of the following is the MOST likely motivation for a script kiddie threat actor?

Financial gain

Notoriety

Political expression

Corporate espionage

NEW QUESTION 311
A systems administrator needs to install a new wireless network for authenticated guest access. The wireless network should support 802. IX using the most secure encryption and protocol available.
Perform the following steps:
1. Configure the RADIUS server.
2. Configure the WiFi controller.
3. Preconfigure the client for an incoming guest. The guest AD credentials are:
User: guest01
Password: guestpass