Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

SY0-601 Questions and Answers

Question # 6

Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation.

INSTRUCTIONS

Not all attacks and remediation actions will be used.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Full Access
Question # 7

Which of the following are the BEST ways to implement remote home access to a company's intranet systems if establishing an always-on VPN is not an option? (Select Two)

A.

Install VPN concentrations at home offices

B.

Create NAT on the firewall for intranet systems

C.

Establish SSH access to a jump server

D.

Implement a SSO solution

E.

Enable MFA for intranet systems

F.

Configure SNMPv3 server and clients.

Full Access
Question # 8

Which of the following will increase cryptographic security?

A.

High data entropy

B.

Algorithms that require less computing power

C.

Longer key longevity

D.

Hashing

Full Access
Question # 9

Business partners are working on a secunty mechanism lo validate transactions securely. The requirement is for one company to be responsible for deploying a trusted solution that will register and issue artifacts used to sign encrypt, and decrypt transaction files. Which of the following is the BEST solution to adopt?

A.

PKI

B.

Blockchain

C.

SAML

D.

OAuth

Full Access
Question # 10

A security analyst is tasked with defining the “something you are“ factor of the company’s MFA settings. Which of the following is BEST to use to complete the configuration?

A.

Gait analysis

B.

Vein

C.

Soft token

D.

HMAC-based, one-time password

Full Access
Question # 11

A security analyst was called to investigate a file received directly from a hardware manufacturer. The analyst is trying to determine whether odified in transit before installation on the user's computer. Which of the following can be used to safely assess the file?

A.

Check the hash of the installation file

B.

Match the file names

C.

Verify the URL download location

D.

Verify the code-signing certificate

Full Access
Question # 12

An amusement park is implementing a btomelnc system that validates customers' fingerpnnts to ensure they are not sharing tickets The park's owner values customers above all and would prefer customers' convenience over security For this reason which of the following features should the security team prioritize FIRST?

A.

Low FAR

B.

Low efficacy

C.

Low FRR

D.

Low CER

Full Access
Question # 13

Which of the following tools is effective in preventing a user from accessing unauthorized removable media?

A.

USB data blocker

B.

Faraday cage

C.

Proximity reader

D.

Cable lock

Full Access
Question # 14

After multiple on premises security solutions were migrated to the cloud, the incident response time increased. The analyst are spending a long time to trace information on different cloud consoles and correlating data in different formats. Which of the following can be used to optimize the incident response time?

A.

CASB

B.

VPC

C.

SWG

D.

CMS

Full Access
Question # 15

Security analysts are conducting an investigation of an attack that occurred inside the organization’s network. An attacker was able to connect network traffic between workstation throughout the network. The analysts review the following logs:

The layer 2 address table has hundred of entries similar to the ones above. Which of the following attacks has MOST likely occurred?

A.

SQL injection

B.

DNS spoofing

C.

MAC flooding

D.

ARP poisoning

Full Access
Question # 16

A company wants the ability to restrict web access and monitor the websites that employees visit. Which of the following would BEST meet these requirements?

A.

internet proxy

B.

VPN

C.

WAF

D.

Firewall

Full Access
Question # 17

Which of the following techniques eliminates the use of rainbow tables for password cracking?

A.

Hashing

B.

Tokenization

C.

Asymmetric encryption

D.

Salting

Full Access
Question # 18

A social media company based in North Amenca is looking to expand into new global markets and needs to maintain compliance with international standards With which of the following is the company's data protection officer MOST likely concerned''

A.

NIST Framework

B.

ISO 27001

C.

GDPR

D.

PCI-DSS

Full Access
Question # 19

An engineer recently deployed a group of 100 web servers in a cloud environment. Per the security policy, all web-server ports except 443 should be disabled. Which of the following can be used to accomplish this task?

A.

Application allow list

B.

SWG

C.

Host-based firewall

D.

VPN

Full Access
Question # 20

A technician enables full disk encryption on a laptop that will be taken on a business tnp. Which of the following does this process BEST protect?

A.

Data in transit

B.

Data in processing

C.

Data at rest

D.

Data tokenization

Full Access
Question # 21

Which of the following provides a calculated value for known vulnerabilities so organizations can prioritize mitigation steps?

A.

CVSS

B.

SIEM

C.

SOAR

D.

CVE

Full Access
Question # 22

A company wants to restrict emailing of PHI documents. The company is implementing a DLP solution In order to reslnct PHI documents which of the following should be performed FIRST?

A.

Retention

B.

Governance

C.

Classification

D.

Change management

Full Access
Question # 23

Multiple business accounts were compromised a few days after a public website had its credentials database leaked on the internet No business emails were Identified in the breach, but the security team thinks that the list of passwords exposed was later used to compromise business accounls Which of Ihe following would mitigate the issue?

A.

Complexity requirements

B.

Password history

C.

Acceptable use policy

D.

Shared accounts

Full Access
Question # 24

An audit Identified Pll being utilized In the development environment of a critical application. The Chief Privacy Officer (CPO) Is adamant that this data must be removed; however, the developers are concerned that without real data they cannot perform functionality tests and search for specific data. Which of the following should a security professional implement to BEST satisfy both the CPO's and the development team's requirements?

A.

Data anonymlzallon

B.

Data encryption

C.

Data masking

D.

Data tokenization

Full Access
Question # 25

An organization is planning lo open other data centers to sustain operations in the event of a natural disaster. Which of the following considerations would BEST support the organization's resiliency?

A.

Geographic dispersal

B.

Generator power

C.

Fire suppression

D.

Facility automation

Full Access
Question # 26

Which of the following should be monitored by threat intelligence researchers who search for leaked credentials?

A.

Common Weakness Enumeration

B.

OSINT

C.

Dark web

D.

Vulnerability databases

Full Access
Question # 27

During a trial, a judge determined evidence gathered from a hard drive was not admissible. Which of the following BEST explains this reasoning?

A.

The forensic investigator forgot to run a checksum on the disk image after creation

B.

The chain of custody form did not note time zone offsets between transportation regions

C.

The computer was turned off. and a RAM image could not be taken at the same time

D.

The hard drive was not properly kept in an antistatic bag when rt was moved

Full Access