Free SY0-601 Exam Braindumps

- (Exam Topic 1)
DDoS attacks are causing an overload on the cluster of cloud servers. A security architect is researching alternatives to make the cloud environment respond to load fluctuation in a cost-effective way. Which of the following options BEST fulfils the architect’s requirements?

1. A. An orchestration solution that can adjust scalability of cloud assets
2. B. Use of multipath by adding more connections to cloud storage
3. C. Cloud assets replicated on geographically distributed regions
4. D. An on-site backup that is deployed and only used when the load increases

Correct Answer: A
Scaling cloud infrastructures can experience lag during the periods of high activity, where other assets have to either be added, or become active. This is the compromise for a cost-effective solution that scales. The company could go for a system that is absolutely overkill on assets at all times, in preparation for those brief peak moments. But this is expensive, and unlikely to be taken by most companies. Only case you would want to use one of these is if you have a sensitive or critical service that MUST remain online. Stock exchange servers, military servers, bank servers, etc. come to mind for this criteria.

- (Exam Topic 3)
A security analyst is configuring a large number of new company-issued laptops. The analyst received the following requirements:
• The devices will be used internationally by staff who travel extensively.
• Occasional personal use is acceptable due to the travel requirements.
• Users must be able to install and configure sanctioned programs and productivity suites.
• The devices must be encrypted
• The devices must be capable of operating in low-bandwidth environments.
Which of the following would provide the GREATEST benefit to the security posture of the devices?

1. A. Configuring an always-on VPN
2. B. Implementing application whitelisting
3. C. Requiring web traffic to pass through the on-premises content filter
4. D. Setting the antivirus DAT update schedule to weekly

Correct Answer: A

- (Exam Topic 3)
A security analyst is reviewing the following attack log output:

Which of the following types of attacks does this MOST likely represent?

1. A. Rainbow table
2. B. Brute-force
3. C. Password-spraying
4. D. Dictionary

Correct Answer: C
Password spraying is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts.
https://us-cert.cisa.gov/ncas/current-activity/2019/08/08/acsc-releases-advisory-password-spraying-attacks#:~:te

- (Exam Topic 5)
A company would like to provide flexibility for employees on device preference. However, the company is concerned about supporting too many different types of hardware. Which of the following deployment models will provide the needed flexibility with the GREATEST amount of control and security over company data and infrastructure?

1. A. BYOD
2. B. VDI
3. C. COPE
4. D. CYOD

Correct Answer: A

- (Exam Topic 6)
A company is concerned about individuals driving a car into the building to gain access. Which of the following security controls would work BEST to prevent this from happening?

1. A. Bollard
2. B. Camera
3. C. Alarms
4. D. Signage
5. E. Access control vestibule

Correct Answer: A
Bollards are posts designed to prevent vehicles from entering an area. They are usually made of steel or concrete and are placed close together to make it difficult for vehicles to pass through. In addition to preventing vehicles from entering an area, bollards can also be used to protect buildings and pedestrians from ramming attacks. They are an effective and cost-efficient way to protect buildings and pedestrians from unauthorized access.