[2021-July-Version]New Braindump2go SY0-601 PDF and SY0-601 VCE Dumps(Q395-Q424)

QUESTION 395

A customer called a company's security team to report that all invoices the customer has received over the last five days from the company appear to have fraudulent banking details. An investigation into the matter reveals the following:

- The manager of the accounts payable department is using the same password across multiple external websites and the corporate account.

- One of the websites the manager used recently experienced a data breach.

- The manager's corporate email account was successfully accessed in the last five days by an IP address located in a foreign country

Which of the following attacks has MOST likely been used to compromise the manager's corporate account?


A.Remote access Trojan

B.Brute-force

C.Dictionary

D.Credential stuffing

E.Password spraying


Answer: D


QUESTION 396

An organization has implemented a two-step verification process to protect user access to data that 6 stored in the could Each employee now uses an email address of mobile number a code to access the data. Which of the following authentication methods did the organization implement?


A.Token key

B.Static code

C.Push notification

D.HOTP


Answer: A


QUESTION 397

A company Is concerned about is security after a red-team exercise. The report shows the team was able to reach the critical servers due to the SMB being exposed to the Internet and running NTLMV1, Which of the following BEST explains the findings?


A.Default settings on the servers

B.Unsecured administrator accounts

C.Open ports and services

D.Weak Data encryption


Answer: C


QUESTION 398

Which of the following would be BEST for a technician to review to determine the total risk an organization can bear when assessing a "cloud-first" adoption strategy?


A.Risk matrix

B.Risk tolerance

C.Risk register

D.Risk appetite


Answer: B


QUESTION 399

A network manager is concerned that business may be negatively impacted if the firewall in its datacenter goes offline. The manager would like to Implement a high availability pair to:


A.decrease the mean ne between failures

B.remove the single point of failure

C.cut down the mean tine to repair

D.reduce the recovery time objective


Answer: B


QUESTION 400

A recent security assessment revealed that an actor exploited a vulnerable workstation within an organization and has persisted on the network for several months. The organization realizes the need to reassess Its security.

Strategy for mitigating risks within the perimeter Which of the following solutions would BEST support the organization's strategy?


A.FIM

B.DLP

C.EDR

D.UTM


Answer: C


QUESTION 401

A security analyst b concerned about traffic initiated to the dark web from the corporate LAN. Which of the following networks should he analyst monitor?


A.SFTP

B.AS

C.Tor

D.IoC


Answer: C


QUESTION 402

A global company is experiencing unauthorized logging due to credential theft and account lockouts caused by brute-force attacks. The company is considering implementing a third-party identity provider to help mitigate these attacks. Which of the following would be the BEST control for the company to require from prospective vendors'?


A.IP restrictions

B.Multifactor authentication

C.A banned password list

D.A complex password policy


Answer: B


QUESTION 403

A systems administrator needs to install the same X.509 certificate on multiple servers. Which of the following should the administrator use?


A.Key escrow

B.A self-signed certificate

C.Certificate chaining

D.An extended validation certificate


Answer: B


QUESTION 404

n organization plans to transition the intrusion detection and prevention techniques on a critical subnet to an anomaly-based system. Which of the following does the organization need to determine for this to be successful?


A.The baseline

B.The endpoint configurations

C.The adversary behavior profiles

D.The IPS signatures


Answer: C


QUESTION 405

A small business office is setting up a wireless infrastructure with primary requirements centered around protecting customer information and preventing unauthorized access to the business network. Which of the following would BEST support the office's business needs? (Select TWO)


A.Installing WAPs with strategic placement

B.Configuring access using WPA3

C.Installing a WIDS

D.Enabling MAC filtering

E.Changing the WiFi password every 30 days

F.Reducing WiFi transmit power throughout the office


Answer: BD


QUESTION 406

A company just implemented a new telework policy that allows employees to use personal devices for official email and file sharing while working from home. Some of the requirements are:

- Employees must provide an alternate work location (i.e., a home address)

- Employees must install software on the device that will prevent the loss of proprietary data but will not restrict any other software from being installed.

Which of the following BEST describes the MDM options the company is using?


A.Geofencing, content management, remote wipe, containerization, and storage segmentation

B.Content management, remote wipe, geolocation, context-aware authentication, and containerization

C.Application management, remote wipe, geofencing, context-aware authentication, and containerization

D.Remote wipe, geolocation, screen locks, storage segmentation, and full-device encryption


Answer: D


QUESTION 407

A security administrator is analyzing the corporate wireless network The network only has two access points running on channels 1 and 11. While using airodump-ng. the administrator notices other access points are running with the same corporate ESSID on all available channels and with the same BSSID of one of the legitimate access ports Which erf the following attacks in happening on the corporate network?


A.Man in the middle

B.Evil twin

C.Jamming

D.Rogue access point

E.Disassociation


Answer: B


QUESTION 408

During a security assessment, a security finds a file with overly permissive permissions. Which of the following tools will allow the analyst to reduce the permission for the existing users and groups and remove the set-user-ID from the file?


A.1a

B.chflags

C.chmod

D.leof

E.setuid


Answer: D


QUESTION 409

A company has discovered unauthorized devices are using its WiFi network, and it wants to harden the access point to improve security. Which of the following configuration should an analyst enable to improve security? (Select Two)


A.RADIUS

B.PEAP

C.WPS

D.WEP-TKIP

E.SSL

F.WPA2-PSK


Answer: DF


QUESTION 410

A security engineer obtained the following output from a threat intelligence source that recently performed an attack on the company's server:


Which of the following BEST describes this kind of attack?


A.Directory traversal

B.SQL injection

C.API

D.Request forgery


Answer: D


QUESTION 411

The spread of misinformation surrounding the outbreak of a novel virus on election day ted to eligible voters choosing not to take the risk of going to the polls This is an example of:


A.prepending.

B.an influence campaign

C.a watering-hole attack

D.intimidation

E.information elicitation


Answer: D


QUESTION 412

A security engineer is installing a WAF to protect the company's website from malicious web requests over SSL. Which of the following is needed to meet the objective?


A.A reverse proxy

B.A decryption certificate

C.A split-tunnel VPN

D.Load-balanced servers


Answer: B


QUESTION 413

An enterprise needs to keep cryptographic keys in a safe manner. Which of the following network appliances can achieve this goal?


A.HSM

B.CASB

C.TPM

D.DLP


Answer: A


QUESTION 414

Ann, a forensic analyst, needs to prove that the data she originally acquired has remained unchanged while in her custody. Which of the following should Ann use?


A.Chain of custody

B.Checksums

C.Non-repudiation

D.Legal hold


Answer: A


QUESTION 415

The following are the logs of a successful attack.

Which of the following controls would be BEST to use to prevent such a breach in the future?


A.Password history

B.Account expiration

C.Password complexity

D.Account lockout


Answer: D


QUESTION 416

An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification?


A.It allows for the sharing of digital forensics data across organizations

B.It provides insurance in case of a data breach

C.It provides complimentary training and certification resources to IT security staff.

D.It certifies the organization can work with foreign entities that require a security clearance

E.It assures customers that the organization meets security standards


Answer: E


QUESTION 417

Which of the following is the MOST secure but LEAST expensive data destruction method for data that is stored on hard drives?


A.Pulverizing

B.Shredding

C.Incinerating

D.Degaussing


Answer: D


QUESTION 418

A security analyst is investigating multiple hosts that are communicating to external IP addresses during the hours of 2:00 a.m - 4:00 am. The malware has evaded detection by traditional antivirus software. Which of the following types of malware is MOST likely infecting the hosts?


A.A RAT

B.Ransomware

C.Polymophic

D.A worm


Answer: C


QUESTION 419

A company is required to continue using legacy software to support a critical service. Which of the following BEST explains a risk of this practice?


A.Default system configuration

B.Unsecure protocols

C.Lack of vendor support

D.Weak encryption


Answer: B


QUESTION 420

A security researcher has alerted an organization that its sensitive user data was found for sale on a website. Which of the following should the organization use to inform the affected parties?


A.An incident response plan

B.A communications plan

C.A business continuity plan

D.A disaster recovery plan


Answer: A


QUESTION 421

A company wants to modify its current backup strategy to minimize the number of backups that would need to be restored in case of data loss. Which of the following would be the BEST backup strategy to implement?


A.Incremental backups followed by differential backups

B.Full backups followed by incremental backups

C.Delta backups followed by differential backups

D.Incremental backups followed by delta backups

E.Full backups followed by differential backups


Answer: B


QUESTION 422

Which of the following is a risk that is specifically associated with hosting applications in the public cloud?


A.Unsecured root accounts

B.Zero day

C.Shared tenancy

D.Insider threat


Answer: C


QUESTION 423

Joe, an employee, is transferring departments and is providing copies of his files to a network share folder for his previous team to access. Joe is granting read-write-execute permissions to his manager but giving read-only access to the rest of the team. Which of the following access controls is Joe using?


A.FACL

B.DAC

C.ABAC

D.MAC


Answer: D


QUESTION 424

When implementing automation with loT devices, which of the following should be considered FIRST to keep the network secure?


A.2-Wave compatibility

B.Network range

C.Zigbee configuration

D.Communication protocols


Answer: D


2021 Latest Braindump2go SY0-601 PDF and SY0-601 VCE Dumps Free Share:

https://drive.google.com/drive/folders/1VvH3gDuiIKHw7Kx_vZmMM4mpCRWbTVq4?usp=sharing

Cards you may also be interested in
(April-2021)Braindump2go 300-435 PDF and 300-435 VCE Dumps(Q98-Q114)
kongwei
3
0
0
Welding Consumables Market Projected to Grow at a Significant CAGR during the Forecast 2017-2023
rahulamr01
2
0
0
Breast Reduction Surgery - Health Benefits And How To Know If You Need One
DrSiddharth
10
4
1
How App Developers In India Switch From Service Based To Product Based Company
veersen
2
2
0
Top eCommerce Web Development Trends you Need to Know
swatilalwani
1
0
1
SC-300 IT-Prüfungen, SC-300 Prüfungsvorbereitung
exam24
6
0
1
Why Should You outsource Your Project with App Developers India
veersen
3
1
1
[June-2021]Braindump2go New MS-101 PDF and VCE Dumps Free Share(Q272-Q291)
Dessieslife
3
0
0
[2021-July-Version]New Braindump2go MS-203 PDF and MS-203 VCE Dumps(Q205-Q225)
Alexexampass
4
1
0
COVID-19 Impact on Healthcare Robots in the Healthcare Industry
victory7493
6
0
0
How do I recover my Hotmail account?
maria711
3
0
1
Ways to study for cost accounting and pass your course
iblogs
2
0
0
Digital Marketing Services in Lahore
brandbuilders
1
0
0
Top 10 Reasons You Need to Move Your Business to the Cloud
princessritu
2
0
0
What will be the fleet management trends for this year?
neerajkywebi7
1
0
0
Q8 Laser - Thi Công Biển Quảng Cáo & Khắc Laser Chuyên Nghiệp
congtyq8laser
2
0
0
[2021-July-Version]New Braindump2go AI-102 PDF and AI-102 VCE Dumps(Q70-Q92)
Alexexampass
1
0
0
Topcrest Gifts Items
dearhim123
1
0
0
How COVID-19 Impacted on Educational Robots in Semiconductors & Electronics Industry ?
victory7493
1
0
0
Best DevOps Consulting Services & Solutions by OrangeMantra
orangemantra1
2
0
0
4.7 Star App Store Review!
Cpl.dev***uke
The Communities are great you rarely see anyone get in to an argument :)
king***ing
Love Love LOVE
Download

Select Collections