Valid SY0-601 Dumps shared by ExamDiscuss.com for Helping Passing SY0-601 Exam! ExamDiscuss.com now offer the newest SY0-601 exam dumps, the ExamDiscuss.com SY0-601 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com SY0-601 dumps with Test Engine here:
Access SY0-601 Dumps Premium Version
(1061 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 8/164
A security analyst received the following requirements for the deployment of a security camera solution:
* The cameras must be viewable by the on-site security guards.
+ The cameras must be able to communicate with the video storage server.
* The cameras must have the time synchronized automatically.
* The cameras must not be reachable directly via the internet.
* The servers for the cameras and video storage must be available for remote maintenance via the company VPN.
Which of the following should the security analyst recommend to securely meet the remote connectivity requirements?
* The cameras must be viewable by the on-site security guards.
+ The cameras must be able to communicate with the video storage server.
* The cameras must have the time synchronized automatically.
* The cameras must not be reachable directly via the internet.
* The servers for the cameras and video storage must be available for remote maintenance via the company VPN.
Which of the following should the security analyst recommend to securely meet the remote connectivity requirements?
Correct Answer: B
Explanation
A jump server is a system that is used to manage and access systems in a separate security zone. It acts as a bridge between two different security zones and provides a controlled and secure way of accessing systems between them12. A jump server can also be used for auditing traffic and user activity for real-time surveillance 3. By deploying a jump server that is accessible via the internal network, the security analyst can securely meet the remote connectivity requirements for the servers and cameras without exposing them directly to the internet or allowing outgoing traffic from their subnet. The other options are not suitable because:
A: Creating firewall rules that prevent outgoing traffic from the subnet the servers and cameras reside on would not allow remote maintenance via the company VPN.
C: Disabling all unused ports on the switch that the cameras are plugged into and enabling MAC filtering would not prevent direct internet access to the cameras or servers.
D: Implementing a WAF to allow traffic from the local NTP server to the camera server would not address the remote connectivity requirements or protect the servers from internet access.
References:
1: https://www.thesecuritybuddy.com/network-security/what-is-a-jump-server/
https://www.ssh.com/academy/iam/jump-server : https://en.wikipedia.org/wiki/Jump_server
A jump server is a system that is used to manage and access systems in a separate security zone. It acts as a bridge between two different security zones and provides a controlled and secure way of accessing systems between them12. A jump server can also be used for auditing traffic and user activity for real-time surveillance 3. By deploying a jump server that is accessible via the internal network, the security analyst can securely meet the remote connectivity requirements for the servers and cameras without exposing them directly to the internet or allowing outgoing traffic from their subnet. The other options are not suitable because:
A: Creating firewall rules that prevent outgoing traffic from the subnet the servers and cameras reside on would not allow remote maintenance via the company VPN.
C: Disabling all unused ports on the switch that the cameras are plugged into and enabling MAC filtering would not prevent direct internet access to the cameras or servers.
D: Implementing a WAF to allow traffic from the local NTP server to the camera server would not address the remote connectivity requirements or protect the servers from internet access.
References:
1: https://www.thesecuritybuddy.com/network-security/what-is-a-jump-server/
https://www.ssh.com/academy/iam/jump-server : https://en.wikipedia.org/wiki/Jump_server
- Question List (164q)
- Question 1: A Chief Information Security Officer (CISO) is evaluating th...
- Question 2: A security analyst has been tasked with creating a new WiFi ...
- Question 3: A security assessment found that several embedded systems ar...
- Question 4: A security analyst has received several reports of an issue ...
- Question 5: Cloud security engineers are planning to allow and deny acce...
- Question 6: Which of the following is the MOST secure but LEAST expensiv...
- Question 7: An attacker replaces a digitally signed document with anothe...
- Question 8: A security analyst received the following requirements for t...
- Question 9: An organization wants to enable built-in FDE on all laptops ...
- Question 10: A Chief information Officer is concerned about employees usi...
- Question 11: A security administrator is compiling information from all d...
- Question 12: An air traffic controller receives a change in flight plan f...
- Question 13: A web server log contains two million lines. A security anal...
- Question 14: A security researcher has alerted an organization that its s...
- Question 15: A security engineer learns that a non-critical application w...
- Question 16: A company is enhancing the security of the wireless network ...
- Question 17: A company is required to continue using legacy software to s...
- Question 18: Leveraging the information supplied below, complete the CSR ...
- Question 19: An email security vendor recently added a retroactive alert ...
- Question 20: An analyst is working on an email security incident in which...
- Question 21: Which of the following provides a catalog of security and pr...
- Question 22: A retail store has a business requirement to deploy a kiosk ...
- Question 23: A developer is building a new portal to deliver single-pane-...
- Question 24: Which of the following secure application development concep...
- Question 25: A company would like to set up a secure way to transfer data...
- Question 26: A company a "right to forgotten" request To legally comply, ...
- Question 27: Which of the following processes would most likely help an o...
- Question 28: A security administrator Is managing administrative access t...
- Question 29: A desktop support technician recently installed a new docume...
- Question 30: A company installed several crosscut shredders as part of in...
- Question 31: An organization decided not to put controls in place because...
- Question 32: A retail company that is launching @ new website to showcase...
- Question 33: Multiple beaconing activities to a malicious domain have bee...
- Question 34: An organization recently released a software assurance polic...
- Question 35: A security administrator is working on a solution to protect...
- Question 36: An employee received multiple messages on a mobile device. T...
- Question 37: A security administrator would like to ensure all cloud serv...
- Question 38: A security operations center wants to implement a solution t...
- Question 39: A user is trying unsuccessfully to send images via SMS. The ...
- Question 40: A company has numerous employees who store PHI data locally ...
- Question 41: While reviewing pcap data, a network security analyst is abl...
- Question 42: An enterprise has hired an outside security firm to facilita...
- Question 43: Certain users are reporting their accounts are being used to...
- Question 44: The Chief Information Security Officer directed a risk reduc...
- Question 45: A security analyst reviews web server logs and finds the fol...
- Question 46: A security team will be outsourcing several key functions to...
- Question 47: A penetration tester was able to compromise a host using pre...
- Question 48: A company was recently breached Pan of the company's new cyb...
- Question 49: A security administrator examines the ARP table of an access...
- Question 50: A software developer used open-source libraries to streamlin...
- Question 51: A company that provides an online streaming service made its...
- Question 52: A security administrator is seeking a solution to prevent un...
- Question 53: A security administrator has discovered that workstations on...
- Question 54: Which ol the following is required in order (or an IDS and a...
- Question 55: The security team received a report of copyright infringemen...
- Question 56: An engineer recently deployed a group of 100 web servers in ...
- Question 57: A security team suspects that the cause of recent power cons...
- Question 58: An organization discovered a disgruntled employee exfiltrate...
- Question 59: A backdoor was detected on the containerized application env...
- Question 60: A security administrator needs to block a TCP connection usi...
- Question 61: A company is moving to new location. The systems administrat...
- Question 62: A security engineer is reviewing the logs from a SAML applic...
- Question 63: A security administrator performs weekly vulnerability scans...
- Question 64: Which of the following BEST describes a technique that compe...
- Question 65: If a current private key is compromised, which of the follow...
- Question 66: A systems engineer thinks a business system has been comprom...
- Question 67: A company recently added a DR site and is redesigning the ne...
- Question 68: A security engineer needs to build @ solution to satisfy reg...
- Question 69: A financial institution recently joined a bug bounty program...
- Question 70: Which of the following authentication methods is considered ...
- Question 71: A company recently decided to allow its employees to use the...
- Question 72: As part of the lessons-learned phase, the SOC is tasked with...
- Question 73: Ann, a customer, received a notification from her mortgage c...
- Question 74: A security analyst wants to verify that a client-server (non...
- Question 75: A company recently implemented a patch management policy; ho...
- Question 76: A security analyst notices several attacks are being blocked...
- Question 77: A security engineer is installing a WAF to protect the compa...
- Question 78: A network architect wants a server to have the ability to re...
- Question 79: A security engineer is hardening existing solutions to reduc...
- Question 80: A company owns a public-facing e-commerce website. The compa...
- Question 81: While researching a data exfiltration event, the security te...
- Question 82: A network engineer and a security engineer are discussing wa...
- Question 83: A security analyst is using OSINT to gather information to v...
- Question 84: Audit logs indicate an administrative account that belongs t...
- Question 85: one of the attendees starts to notice delays in the connecti...
- Question 86: Which of the following incident response phases should the p...
- Question 87: A client sent several inquiries to a project manager about t...
- Question 88: A security analyst needs to implement an MDM solution for BY...
- Question 89: Which of the following would provide guidelines on how to la...
- Question 90: Which of the following environments can be stood up in a sho...
- Question 91: A company is focused on reducing risks from removable media ...
- Question 92: When planning to build a virtual environment, an administrat...
- Question 93: A security team is engaging a third-party vendor to do a pen...
- Question 94: Which of the following biometric authentication methods is t...
- Question 95: Which of the following Is the BEST reason to maintain a func...
- Question 96: An organization recently acquired an ISO 27001 certification...
- Question 97: Sales team members have been receiving threatening voicemail...
- Question 98: Which of the following function as preventive, detective, an...
- Question 99: A company is concerned about individuals dnvmg a car into th...
- Question 100: A web architect would like to move a company's website prese...
- Question 101: A systems administrator needs to install a new wireless netw...
- Question 102: A security administrator recently used an internal CA to iss...
- Question 103: During a security assessment, a security finds a file with o...
- Question 104: A store receives reports that shoppers' credit card informat...
- Question 105: A company's public-facing website, https://www.organization....
- Question 106: A network penetration tester has successfully gained access ...
- Question 107: Which of the following best describes when an organization U...
- Question 108: A network engineer receives a call regarding multiple LAN-co...
- Question 109: A security manager is attempting to meet multiple security o...
- Question 110: The help desk has received calls from users in multiple loca...
- Question 111: As part of a company's ongoing SOC maturation process, the c...
- Question 112: Which of the following describes business units that purchas...
- Question 113: Which of the following would be BEST for a technician to rev...
- Question 114: Security analysts have noticed the network becomes flooded w...
- Question 115: A company is developing a new initiative to reduce insider t...
- Question 116: Which of the following procedures would be performed after t...
- Question 117: A security manager needs to assess the security posture of o...
- Question 118: Which of the following disaster recovery tests is the LEAST ...
- Question 119: A company uses a drone for precise perimeter and boundary mo...
- Question 120: Which of the following should a Chief Information Security O...
- Question 121: Which of the following would satisfy three-factor authentica...
- Question 122: Which of the following can be used by an authentication appl...
- Question 123: A major clothing company recently lost a large amount of pro...
- Question 124: A company completed a vulnerability scan. The scan found mal...
- Question 125: During an incident a company CIRT determine it is necessary ...
- Question 126: A global pandemic is forcing a private organization to close...
- Question 127: Which of the following should a technician consider when sel...
- Question 128: Which of the following roles would MOST likely have direct a...
- Question 129: A security team is providing input on the design of a second...
- Question 130: An incident has occurred in the production environment. Anal...
- Question 131: After segmenting the network, the network manager wants to c...
- Question 132: A security administrator needs to provide secure access to i...
- Question 133: A security administrator suspects there may be unnecessary s...
- Question 134: A company has discovered unauthorized devices are using its ...
- Question 135: Which of the following best describes a tool used by an orga...
- Question 136: A security administrator is managing administrative access t...
- Question 137: A security analyst is investigating network issues between a...
- Question 138: A company acquired several other small companies The company...
- Question 139: Which of the following is a solution that can be used to sto...
- Question 140: An organization recently released a zero-trust policy that w...
- Question 141: Which of the following would produce the closet experience o...
- Question 142: Which of the following controls would provide the BEST prote...
- Question 143: An organization's Chief Information Security Officer is crea...
- Question 144: Which of the following can be used to detect a hacker who is...
- Question 145: A company is implementing a new SIEM to log and send alerts ...
- Question 146: A building manager is concerned about people going in and ou...
- Question 147: Which of the following security design features can an devel...
- Question 148: Which of the following describes software on network hardwar...
- Question 149: The spread of misinformation surrounding the outbreak of a n...
- Question 150: A user's laptop constantly disconnects from the Wi-Fi networ...
- Question 151: A candidate attempts to go to but accidentally visits http:/...
- Question 152: A company wants to enable BYOD for checking email and review...
- Question 153: The Chief Technology Officer of a local college would like v...
- Question 154: A security engineer is installing a WAF to protect the compa...
- Question 155: An organization is concerned about hackers potentially enter...
- Question 156: A company would like to provide flexibility for employees on...
- Question 157: A new vulnerability in the SMB protocol on the Windows syste...
- Question 158: A security engineer is concerned the strategy for detection ...
- Question 159: Several users have been violating corporate security policy ...
- Question 160: A security analyst is assisting a team of developers with be...
- Question 161: A company needs to enhance Its ability to maintain a scalabl...
- Question 162: A data owner has been tasked with assigning proper data clas...
- Question 163: A dynamic application vulnerability scan identified code inj...
- Question 164: A security team discovered a large number of company-issued ...
