Valid SY0-601 Dumps shared by ExamDiscuss.com for Helping Passing SY0-601 Exam! ExamDiscuss.com now offer the newest SY0-601 exam dumps, the ExamDiscuss.com SY0-601 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com SY0-601 dumps with Test Engine here:
Access SY0-601 Dumps Premium Version
(1061 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 34/161
A security analyst needs to determine how an attacker was able to use User3 to gain a foothold within a company's network. The company's lockout policy requires that an account be locked out for a minimum of 15 minutes after three unsuccessful attempts. While reviewing the log files, the analyst discovers the following:
Which of the following attacks MOST likely occurred?
Which of the following attacks MOST likely occurred?
Correct Answer: D
Explanation
"Brute force attack in which stolen user account names and passwords are tested against multiple websites." CompTIA SY0-601 Official Study Guide Page 690 This is a poorly worded question and while credential stuffing is a type of brute force attack, the information given does not indicate multiple websites. At best, this looks like a password spraying attack, but it is more likely a brute-force attack. Also note the output reads
"unsername" and not "username" - perhaps irrelevant but the little things can and do matter
"Brute force attack in which stolen user account names and passwords are tested against multiple websites." CompTIA SY0-601 Official Study Guide Page 690 This is a poorly worded question and while credential stuffing is a type of brute force attack, the information given does not indicate multiple websites. At best, this looks like a password spraying attack, but it is more likely a brute-force attack. Also note the output reads
"unsername" and not "username" - perhaps irrelevant but the little things can and do matter
- Question List (161q)
- Question 1: A financial institution would like to stare is customer data...
- Question 2: A security analyst is hardening a network infrastructure. Th...
- Question 3: A cybersecurity department purchased o new PAM solution. The...
- Question 4: A security analyst needs to perform periodic vulnerability s...
- Question 5: A security analyst is performing a forensic investigation co...
- Question 6: A security analyst has been asked to investigate a situation...
- Question 7: A security engineer has enabled two-factor authentication on...
- Question 8: An engineer needs to deploy a security measure to identify a...
- Question 9: An employee has been charged with fraud and is suspected of ...
- Question 10: Phishing and spear-phishing attacks have been occurring more...
- Question 11: A security engineer is installing a WAF to protect the compa...
- Question 12: Accompany deployed a WiFi access point in a public area and ...
- Question 13: A network analyst is investigating compromised corporate inf...
- Question 14: In the middle of a cybersecurity, a security engineer remove...
- Question 15: A company is required to continue using legacy software to s...
- Question 16: A recently discovered zero-day exploit utilizes an unknown v...
- Question 17: A security administrator is trying to determine whether a se...
- Question 18: An information security officer at a credit card transaction...
- Question 19: A user recently attended an exposition and received some dig...
- Question 20: A company just implemented a new telework policy that allows...
- Question 21: A user is concerned that a web application will not be able ...
- Question 22: While investigating a data leakage incident, a security anal...
- Question 23: A systems analyst is responsible for generating a new digita...
- Question 24: A major political party experienced a server breach. The hac...
- Question 25: Which of the following will MOST likely cause machine learni...
- Question 26: A security analyst wants to verify that a client-server (non...
- Question 27: During a routine scan of a wireless segment at a retail comp...
- Question 28: A network administrator has been alerted that web pages are ...
- Question 29: A security analyst is investigating an incident to determine...
- Question 30: Which of the following BEST describes a social-engineering a...
- Question 31: A RAT that was used to compromise an organization's banking ...
- Question 32: A network engineer is troubleshooting wireless network conne...
- Question 33: Which of the following BEST describes the method a security ...
- Question 34: A security analyst needs to determine how an attacker was ab...
- Question 35: A network technician is installing a guest wireless network ...
- Question 36: The IT department at a university is concerned about profess...
- Question 37: A company needs to centralize its logs to create a baseline ...
- Question 38: A security administrator is setting up a SIEM to help monito...
- Question 39: Several employees return to work the day after attending an ...
- Question 40: Which of the following are the MOST likely vectors for the u...
- Question 41: Which of the following should be put in place when negotiati...
- Question 42: Which of the following BEST describes the MFA attribute that...
- Question 43: A recent malware outbreak across a subnet included successfu...
- Question 44: A new vulnerability in the SMB protocol on the Windows syste...
- Question 45: A security analyst is performing a packet capture on a serie...
- Question 46: To reduce costs and overhead, an organization wants to move ...
- Question 47: Which of the following cloud models provides clients with se...
- Question 48: Following a prolonged datacenter outage that affected web-ba...
- Question 49: A security analyst receives the configuration of a current V...
- Question 50: The Chief Security Officer (CSO) at a major hospital wants t...
- Question 51: A system administrator needs to implement an access control ...
- Question 52: A security administrator is analyzing the corporate wireless...
- Question 53: Joe. a security analyst, recently performed a network discov...
- Question 54: A financial organization has adopted a new secure, encrypted...
- Question 55: A company uses specially configured workstations tor any wor...
- Question 56: A remote user recently took a two-week vacation abroad and b...
- 2 commentQuestion 57: A security engineer needs to enhance MFA access to sensitive...
- Question 58: An organization wants to implement a third factor to an exis...
- Question 59: While reviewing pcap data, a network security analyst is abl...
- Question 60: A network engineer notices the VPN concentrator overloaded a...
- Question 61: Which of the following provides the BEST protection for sens...
- Question 62: A network engineer needs to create a plan for upgrading the ...
- Question 63: A security analyst is reviewing the following attack log out...
- Question 64: A Chief Security Office's (CSO's) key priorities are to impr...
- Question 65: A security analyst needs to be proactive in understand the t...
- Question 66: A security analyst was deploying a new website and found a c...
- Question 67: A global company is experiencing unauthorized logging due to...
- Question 68: A web server administrator has redundant servers and needs t...
- Question 69: A security researching is tracking an adversary by noting it...
- Question 70: A cybersecurity administrator has a reduced team and needs t...
- Question 71: Employees are having issues accessing the company's website....
- Question 72: Which of the following often operates in a client-server arc...
- Question 73: A systems administrator is looking for a solution that will ...
- Question 74: An attacker is trying to gain access by installing malware o...
- Question 75: During an incident response, a security analyst observes the...
- Question 76: Which of the following environments minimizes end-user disru...
- Question 77: A recent security assessment revealed that an actor exploite...
- Question 78: A financial analyst is expecting an email containing sensiti...
- Question 79: A network administrator at a large organization Is reviewing...
- Question 80: A security auditor is reviewing vulnerability scan data prov...
- Question 81: A security assessment determines DES and 3DES at still being...
- Question 82: A Chief Information Security Officer (CISO) is concerned abo...
- Question 83: An engineer wants to access sensitive data from a corporate-...
- Question 84: A company recently experienced a data breach and the source ...
- Question 85: A security analyst has been reading about a newly discovered...
- Question 86: An organization is concerned about hackers potentially enter...
- Question 87: A security engineer needs to Implement the following require...
- Question 88: Which of the following function as preventive, detective, an...
- Question 89: An organization routes all of its traffic through a VPN Most...
- Question 90: Which of the following utilize a subset of real data and are...
- Question 91: Which of the following is the BEST reason to maintain a func...
- Question 92: A security audit has revealed that a process control termina...
- Question 93: An enterprise needs to keep cryptographic keys in a safe man...
- Question 94: A user downloaded an extension for a browser, and the uses d...
- Question 95: A nationwide company is experiencing unauthorized logins at ...
- Question 96: In which of the following common use cases would steganograp...
- Question 97: A Chief Security Officer (CSO) is concerned about the amount...
- Question 98: Which of the following types of attacks is specific to the i...
- Question 99: A consultant is configuring a vulnerability scanner for a la...
- Question 100: A security analyst needs to produce a document that details ...
- Question 101: A cybersecurity administrator is using iptables as an enterp...
- Question 102: An attack relies on an end user visiting a website the end u...
- Question 103: After a phishing scam for a user's credentials, the red team...
- Question 104: An organization relies on third-party video conferencing to ...
- Question 105: Ann, a customer, received a notification from her mortgage c...
- Question 106: An attacker is attempting, to harvest user credentials on a ...
- Question 107: An organization has a growing workforce that is mostly drive...
- Question 108: A security administrator has noticed unusual activity occurr...
- Question 109: Which of the following describes the ability of code to targ...
- Question 110: A security assessment found that several embedded systems ar...
- Question 111: An organization has various applications that contain sensit...
- Question 112: An organization would like to remediate the risk associated ...
- Question 113: When planning to build a virtual environment, an administrat...
- Question 114: An organization is building backup sever moms in geographica...
- Question 115: Joe, an employee, is transferring departments and is providi...
- Question 116: A company provides mobile devices to its users to permit acc...
- Question 117: A systems administrator needs to install a new wireless netw...
- Question 118: A security modern may have occurred on the desktop PC of an ...
- Question 119: A company is setting up a web server on the Internet that wi...
- Question 120: The new Chief Executive Officer (CEO) of a large company has...
- Question 121: A security analyst is reviewing logs on a server and observe...
- Question 122: A user recent an SMS on a mobile phone that asked for bank d...
- Question 123: A network manager is concerned that business may be negative...
- Question 124: A client sent several inquiries to a project manager about t...
- Question 125: A university with remote campuses, which all use different s...
- Question 126: Which of the following would be BEST to establish between or...
- Question 127: Which of the following would be BEST to establish between or...
- Question 128: An auditor is performing an assessment of a security applian...
- Question 129: Users have been issued smart cards that provide physical acc...
- Question 130: A SOC is implementing an in sider-threat-detection program. ...
- Question 131: Which of the following environments would MOST likely be use...
- Question 132: A company's bank has reported that multiple corporate credit...
- Question 133: An analyst visits an internet forum looking for information ...
- Question 134: Which of the following organizational policies are MOST like...
- Question 135: An attacker has successfully exfiltrated several non-salted ...
- Question 136: An organization is developing an authentication service for ...
- Question 137: A security analyst receives a SIEM alert that someone logged...
- Question 138: A large industrial system's smart generator monitors the sys...
- Question 139: A company has been experiencing very brief power outages fro...
- Question 140: An analyst Is generating a security report for the managemen...
- Question 141: A security administrator suspects there may be unnecessary s...
- Question 142: An organization suffered an outage and a critical system too...
- Question 143: The human resources department of a large online retailer ha...
- Question 144: An organization's RPO for a critical system is two hours. Th...
- Question 145: A Chief Executive Officer's (CEO) personal information was s...
- Question 146: A recent audit uncovered a key finding regarding the use of ...
- Question 147: Which of the following terms should be included in a contrac...
- Question 148: A company just developed a new web application for a governm...
- Question 149: A cybersecurity administrator needs to add disk redundancy f...
- Question 150: A security analyst needs to generate a server certificate to...
- Question 151: An end user reports a computer has been acting slower than n...
- Question 152: Which of the following are requirements that must be configu...
- Question 153: A network analyst is setting up a wireless access point for ...
- Question 154: A security analyst notices several attacks are being blocked...
- Question 155: A commercial cyber-threat intelligence organization observes...
- Question 156: A developer is building a new portal to deliver single-pane-...
- Question 157: A company is implementing a new SIEM to log and send alerts ...
- Question 158: A hospital's administration is concerned about a potential l...
- Question 159: A company is designing the layout of a new datacenter so it ...
- Question 160: Which of the following would cause a Chief Information Secur...
- Question 161: A security analyst has received several reports of an issue ...
