Navigate the challenging certification pathways with the indispensable guidance of the SY0-601 dumps. Harmoniously woven to match the unique cadences of the curriculum, the SY0-601 dumps roll out an eclectic selection of practice questions, ensuring a comprehensive grasp. Whether you\’re drawn to the lucid narratives of PDFs or the vibrant expanse offered by the VCE format, the SY0-601 dumps stand ready to assist. An in-depth study guide, a hallmark of the SY0-601 dumps, augments the toolkit, shedding light on foundational themes. Emboldened by our unwavering commitment to these offerings, we assert our 100% Pass Guarantee with pride.
Free Access to SY0-601 Exam Preparation Materials in PDF and VCE, Featuring Genuine Questions
Question 1:
HOTSPOT
The security administrator has installed a new firewall which implements an implicit DENY policy by default. Click on the firewall and configure it to allow ONLY the following communication.
1.
The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.
2.
The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port
3.
The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.
Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can
be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.
Hot Area:
Correct Answer:
Implicit deny is the default security stance that says if you aren\’t specifically granted access or privileges for a resource, you’re denied access by default.
Rule #1 allows the Accounting workstation to ONLY access the web server on the public network over the default HTTPS port, which is TCP port 443.
Rule #2 allows the HR workstation to ONLY communicate with the Financial server over the default SCP port, which is TCP Port 22
Rule #3 and Rule #4 allow the Admin workstation to ONLY access the Financial and Purchasing servers located on the secure network over the default TFTP port, which is Port 69.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp.26, 44
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Question 2:
An organization has a growing workforce that is mostly driven by additions to the sales department. Each newly hired salesperson relies on a mobile device to conduct business. The Chief Information Officer (CIO) is wondering it the organization may need to scale down just as quickly as it scaled up. The ClO is also concerned about the organization\’s security and customer privacy. Which of the following would be BEST to address the ClO\’s concerns?
A. Disallow new hires from using mobile devices for six months
B. Select four devices for the sales department to use in a CYOD model
C. Implement BYOD for the sates department while leveraging the MDM
D. Deploy mobile devices using the COPE methodology
Correct Answer: C
BEST way to deal with scale issue is not buying any
Question 3:
A company is implementing BYOD and wants to ensure all users have access to the same cloud-based services. Which of the following would BEST allow the company to meet this requirement?
A. laaS
B. PasS
C. MaaS
D. SaaS
Correct Answer: D
SaaS. It is not stating what type of devices, just BYOD, so cannot tell which platform is needed, or what requirements are involved. SaaS is the one that fits the most, IMHO.
Question 4:
During an incident response, an analyst applied rules to all inbound traffic on the border firewall and implemented ACLs on each critical server Following an investigation, the company realizes it is still vulnerable because outbound traffic is not restricted and the adversary is able lo maintain a presence in the network. In which of the following stages of the Cyber Kill Chain is the adversary currently operating?
A. Reconnaissance
B. Command and control
C. Actions on objective
D. Exploitation
Correct Answer: B
Command and control (C2)–establishment of outbound communications from a victim system for secure communications between victim and adversary systems. Compromised hosts typically beacon out and await further instruction or exploit when higher order interaction or data exchange is required. This is the hallmark of advanced persistent threat (APT) attacks and data exfiltration.
Question 5:
A company ts required to continue using legacy softveare to support a critical service. Which of the following BEST explains a reek of this prachce?
A. Default system configuraton
B. Unsecure protocols
C. Lack of vendor support
D. Weak encryption
Correct Answer: B
Question 6:
An attacker has successfully exfiltrated several non-salted password hashes from an online system. Given the logs below:
Which of the following BEST describes the type of password attack the attacker is performing?
A. Dictionary
B. Pass-the-hash
C. Brute-force
D. Password spraying
Correct Answer: A
Question 7:
An engineer wants to inspect traffic to a cluster of web servers in a cloud environment. Which of the following solutions should the engineer implement?
A. CASB
B. WAF
C. Load balancer
D. VPN
Correct Answer: A
Question 8:
Users are presented with a banner upon each login to a workstation. The banner mentions that users are not entitled to any reasonable expectation of privacy and access is for authorized personnel only. In order to proceed past that banner. users must click the OK button. Which of the following is this an example of?
A. AUP
B. NDA
C. SLA
D. MOU
Correct Answer: A
An acceptable use policy (AUP) is a document that outlines the rules and restrictions employees must follow in regard to the company\’s network, software, internet connection and devices.
Question 9:
Which of the following provides a catalog of security and privacy controls related to the United States federal information systems?
A. GDPR
B. PCI DSS
C. ISO 27000
D. NIST 800-53
Correct Answer: D
NIST 800-53 (National Institute of Standards and Technology Special Publication 800-53) is a catalog of security and privacy controls for United States federal information systems. It provides guidelines and recommendations for implementing a comprehensive security program to protect the confidentiality, integrity, and availability of sensitive information and systems. NIST 800-53 is widely used by government agencies and organizations to ensure compliance with security and privacy requirements.
Question 10:
Which of the following are the BEST ways to implement remote home access to a company\’s intranet systems if establishing an always-on VPN is not an option? (Select Two)
A. Install VPN concentrations at home offices
B. Create NAT on the firewall for intranet systems
C. Establish SSH access to a jump server
D. Implement a SSO solution
E. Enable MFA for intranet systems
F. Configure SNMPv3 server and clients.
Correct Answer: AE
Question 11:
Which of the following methods is the most effective for reducing vulnerabilities?
A. Joining an information-sharing organization
B. Using a scan-patch-scan process
C. Implementing a bug bounty program
D. Patching low-scoring vulnerabilities first
Correct Answer: B
Vulnerability scanning: Conducting regular vulnerability scans to identify potential security weaknesses in the organization\’s systems, networks, and applications.
Patching: Addressing the identified vulnerabilities by applying the necessary security patches and updates to the affected systems. Patching helps to close the known security holes that could be exploited by attackers.
Re-scanning: After applying the patches, conducting another round of vulnerability scanning to verify that the identified vulnerabilities have been properly addressed and that the systems are no longer at risk.
Question 12:
Which of the following is most likely associated with introducing vulnerabilities on a corporate network by the deployment of unapproved software?
A. Hacktivists
B. Script kiddies
C. Competitors
D. Shadow IT
Correct Answer: D
Shadow IT refers to information technology systems used within organizations without explicit organizational approval.
Question 13:
A company is looking to migrate some servers to the cloud to minimize its technology footprint. The company has 100 databases that are on premises. Which of the following solutions will require the LEAST management and support from the company?
A. SaaS
B. IaaS
C. PaaS
D. SDN
Correct Answer: A
In order from the least amount of management, to the most amount of management for the company:
SaaS > PaaS > IaaS > On-site
SaaS – Basically everything is managed by the provider
PaaS – The provider manages everything other than applications and data
IaaS – The middle-ground of services. The provider takes on half, while you take on the other half. Provider is responsible for virtualization, networking, servers, and storage. The company is responsible for applications, data, runtime, OS, and
middleware.
On-site – There is no service provider. The company is responsible for the whole pie.
https://www.pcmag.com/picks/the-best-database-as-a-service-solutions
Question 14:
Which of the following is used to ensure that evidence is admissible in legal proceedings when it is collected and provided to the authorities?
A. Chain of custody
B. Legal hold
C. Event log
D. Artifacts
Correct Answer: A
A chain of custody is a chronological paper trail documenting when, how, and by whom individual items of physical or electronic evidence–such as cell phone logs–were collected, handled, analyzed, or otherwise controlled during an investigation.
Question 15:
A company recently decided to allow its employees to use their personally owned devices for tasks like checking email and messaging via mobile applications. The company would like to use MDM, but employees are concerned about the loss of personal data.
Which of the following should the IT department implement to BEST protect the company against company data loss while still addressing the employees\’ concerns?
A. Enable the remote-wiping option in the MDM software in case the phone is stolen.
B. Configure the MDM software to enforce the use of PINs to access the phone.
C. Configure MDM for FDE without enabling the lock screen.
D. Perform a factory reset on the phone before installing the company\’s applications.
Correct Answer: B