Free SY0-601 Exam Braindumps

- (Exam Topic 5)
A securily analysl has receved several reporls of an issue on an inlemal web application. Users state they are having to provide their credentials brice to log in. The analyst checks with he application team and noles Unis is not an expected bohavier. After looking at several lags, the analysi deciies to in some commands on the gateway and obtains the following output:

Which of the following BEST describes the attack the company is experiencing?

1. A. MAC fleoding
2. B. URL redirection
3. C. ARP paisoning
4. D. DNS hijacking

Correct Answer: C

- (Exam Topic 6)
You received the output of a recent vulnerability assessment.
Review the assessment and scan output and determine the appropriate remedialion(s} 'or «ach dewce. Remediation options may be selected multiple times, and some devices may require more than one
remediation.
If at any time you would like to biing bade the initial state ot the simulation, please dick me Reset All button.

Solution:
Graphical user interface, application, website, Teams Description automatically generated
Graphical user interface, text, application Description automatically generated

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 3)
A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do FIRST after recovery?

1. A. Scan the NAS for residual or dormant malware and take new daily backups that are tested on a frequent basis.
2. B. Restrict administrative privileges and patch all systems and applications.
3. C. Rebuild all workstations and install new antivirus software.
4. D. Implement application whitelisting and perform user application hardenin

Correct Answer: A
The reason the company had to pay the ransom is because they did not have valid backups, otherwise they would have just restored their data. If your company just had to pay ransom and your boss says, "Don't let this happen again", what is the first thing you are going to do. The only action after a ransomware attack is "restore from backup".

- (Exam Topic 4)
A Chief Executive Officer (CEO) is dissatisfied with the level of service from the company's new service provider. The service provider is preventing the CEO from sending email from a work account to a personal account. Which of the following types of service providers is being used?

1. A. Telecommunications service provider e
2. B. Cloud service provider
3. C. Master managed service provider
4. D. Managed security service provider

Correct Answer: B

- (Exam Topic 3)
Local guidelines require that all information systems meet a minimum-security baseline to be compliant. Which of the following can security administrators use to assess their system configurations against the
baseline?

1. A. SOAR playbook
2. B. Security control matrix
3. C. Risk management framework
4. D. Benchmarks

Correct Answer: D