SY0-601 Exam Dumps | A report delivered to the Chief Information Security Officer (CISO) shows that some user credentials

<< Prev Question Next Question >>

Question 104/268

A report delivered to the Chief Information Security Officer (CISO) shows that some user credentials could be exfiltrated. The report also indicates that users tend to choose the same credentials on different systems and applications. Which of the following policies should the CISO use to prevent someone from using the exfiltrated credentials?

A. MFA

B. Lockout

C. Time-based logins

D. Password history

Question List (268q): Question 1: An engineer is using scripting to deploy a network in a clou...; Question 2: A company recently experienced an attack during which its ma...; Question 3: A Chief Information Officer is concerned about employees usi...; Question 4: A security analyst receives an alert that indicates a user's...; Question 5: Which of the following best describes a tool used by an orga...; Question 6: A security analyst receives an alert from the company's S1EM...; Question 7: The following are the logs of a successful attack. (Exhibit)...; Question 8: Which of the following is most likely to contain ranked and ...; Question 9: An employee's company account was used in a data breach Inte...; Question 10: A security analyst is running a vulnerability scan to check ...; Question 11: A security analyst needs to implement an MDM solution for BY...; Question 12: A software developer used open-source libraries to streamlin...; Question 13: A Chief Information Security Officer (CISO) is evaluating th...; Question 14: Which of the following strengthens files stored in the /etc/...; Question 15: An organization is concerned about hackers potentially enter...; Question 16: A company recently implemented a patch management policy; ho...; Question 17: A data owner has been tasked with assigning proper data clas...; Question 18: The Chief Executive Officer announced a new partnership with...; Question 19: Which ol the following is required in order (or an IDS and a...; Question 20: Which of the following models offers third-party-hosted, on-...; Question 21: A network administrator has been alerted that web pages are ...; Question 22: The alert indicates an attacker entered thousands of charact...; Question 23: A backup operator wants to perform a backup to enhance the R...; Question 24: A security team is conducting a security review of a hosted ...; Question 25: Which Of the following control types is patch management cla...; Question 26: A user is trying unsuccessfully to send images via SMS. The ...; Question 27: An attacker was eavesdropping on a user who was shopping onl...; Question 28: A company recently experienced a major breach. An investigat...; Question 29: A security operations center wants to implement a solution t...; Question 30: A security practitioner is performing due diligence on a ven...; Question 31: You received the output of a recent vulnerability assessment...; Question 32: A systems analyst determines the source of a high number of ...; Question 33: During a recent penetration test, a tester plugged a laptop ...; Question 34: A network penetration tester has successfully gained access ...; Question 35: A security analyst is investigating a phishing email that co...; Question 36: A backdoor was detected on the containerized application env...; Question 37: A large industrial system's smart generator monitors the sys...; Question 38: Which of the following is required in order for an IDS and a...; Question 39: A company is launching a website in a different country in o...; Question 40: Which of the following scenarios describes a possible busine...; Question 41: An account was disabled atter several failed and successful ...; Question 42: A security assessment found that several embedded systems ar...; Question 43: The compliance team requires an annual recertification of pr...; Question 44: As part of the lessons-learned phase, the SOC is tasked with...; Question 45: A security administrator Is managing administrative access t...; Question 46: An employee received multiple messages on a mobile device. T...; Question 47: An attack has occurred against a company. INSTRUCTIONS You h...; Question 48: Which of the following is the MOST secure but LEAST expensiv...; Question 49: A client sent several inquiries to a project manager about t...; Question 50: A company a "right to forgotten" request To legally comply, ...; Question 51: An attacker is targeting a company. The attacker notices tha...; Question 52: Which of the following social engineering attacks best descr...; Question 53: Which of the following test helps to demonstrate integrity d...; Question 54: A company is designing the layout of a new data center so it...; Question 55: A security team suspects that the cause of recent power cons...; Question 56: Which of the following environments typically hosts the curr...; Question 57: A security analyst wants to verify that a client-server (non...; Question 58: Which of the following would provide guidelines on how to la...; Question 59: The Chief Information Security Officer directed a risk reduc...; Question 60: Which of the following are common VoIP-associated vulnerabil...; Question 61: The SIEM at an organization has detected suspicious traffic ...; Question 62: A systems administrator is required to enforce MFA for corpo...; Question 63: A company is enhancing the security of the wireless network ...; Question 64: Stakeholders at an organisation must be kept aware of any in...; Question 65: A desktop computer was recently stolen from a desk located i...; Question 66: An information security officer at a credit card transaction...; Question 67: A police department is using the cloud to share information ...; Question 68: A security analyst is reviewing the vulnerability scan repor...; 1 commentQuestion 69: Which Of the following will provide the best physical securi...; Question 70: A web server has been compromised due to a ransomware attack...; Question 71: Which of the following is a reason why a forensic specialist...; Question 72: Which of the following exercises should an organization use ...; Question 73: An employee used a corporate mobile device during a vacation...; Question 74: A company is adding a clause to its AUP that states employee...; Question 75: Developers are writing code and merging it into shared repos...; Question 76: An organization is repairing damage after an incident. Which...; Question 77: An organization wants to quickly assess how effectively the ...; Question 78: A company recently experienced a data breach and the source ...; Question 79: During an assessment, a systems administrator found several ...; Question 80: A systems administrator set up an automated process that che...; Question 81: Several universities are participating in a collaborative re...; Question 82: A company wants to ensure that all employees in a given depa...; Question 83: A major manufacturing company updated its internal infrastru...; Question 84: A software company is analyzing a process that detects softw...; Question 85: An organization has hired a security analyst to perform a pe...; Question 86: A security administrator installed a new web server. The adm...; Question 87: A security engineer needs to create a network segment that c...; Question 88: A financial institution recently joined a bug bounty program...; Question 89: A Chief Information Officer is concerned about employees usi...; Question 90: A security analyst is investigating what appears to be unaut...; Question 91: Which of the following is a primary security concern for a c...; Question 92: A network analyst is investigating compromised corporate inf...; Question 93: A retail executive recently accepted a job with a major comp...; Question 94: A company is adopting a BYOD policy and is looking for a com...; Question 95: A security analyst must enforce policies to harden an MDM in...; Question 96: A security analyst notices an unusual amount of traffic hitt...; Question 97: A security team is engaging a third-party vendor to do a pen...; Question 98: During an incident, a company's CIRT determines it is necess...; Question 99: A major clothing company recently lost a large amount of pro...; Question 100: An organization is repairing the damage after an incident. W...; Question 101: An employee's company email is configured with conditional a...; Question 102: While reviewing pcap data, a network security analyst is abl...; Question 103: A security analyst needs to recommend a solution that will a...; Question 104: A report delivered to the Chief Information Security Officer...; Question 105: A company wants to build a new website to sell products onli...; Question 106: A security analyst is investigating multiple hosts that are ...; Question 107: After a WiFi scan of a local office was conducted, an unknow...; Question 108: Which of the following BEST describes the team that acts as ...; Question 109: A third party asked a user to share a public key for secure ...; Question 110: A network manager is concerned that business may be negative...; Question 111: A customer has reported that an organization's website displ...; Question 112: A security architect at a large, multinational organization ...; Question 113: A research company discovered that an unauthorized piece of ...; Question 114: Which of the following teams combines both offensive and def...; Question 115: Which of the following describes software on network hardwar...; Question 116: Which of the following supplies non-repudiation during a for...; Question 117: A company is developing a business continuity strategy and n...; Question 118: A security analyst reports a company policy violation in a c...; Question 119: A security engineer updated an application on company workst...; Question 120: An engineer recently deployed a group of 100 web servers in ...; Question 121: A new plug-and-play storage device was installed on a PC in ...; Question 122: After a hardware incident, an unplanned emergency maintenanc...; Question 123: An email security vendor recently added a retroactive alert ...; Question 124: A security engineer obtained the following output from a thr...; Question 125: A systems administrator needs to install a new wireless netw...; Question 126: A user's laptop constantly disconnects from the Wi-Fi networ...; Question 127: The application development teams have been asked to answer ...; Question 128: Which of the following environments utilizes dummy data and ...; Question 129: An administrator is configuring a firewall rule set for a su...; Question 130: Which of the following identifies the point in time when an ...; Question 131: Which of the following has been implemented when a host-base...; Question 132: A security administrator has discovered that workstations on...; Question 133: An organization routes all of its traffic through a VPN Most...; Question 134: A company reduced the area utilized in its datacenter by cre...; Question 135: A security administrator is integrating several segments ont...; Question 136: A security analyst received the following requirements for t...; Question 137: A security architect is required to deploy to conference roo...; Question 138: A new security engineer has started hardening systems. One o...; Question 139: A web server log contains two million lines. A security anal...; Question 140: Which of the following function as preventive, detective, an...; Question 141: A data cento has experienced an increase in under-voltage ev...; Question 142: A global company is experiencing unauthorized logging due to...; Question 143: A security administrator needs to block a TCP connection usi...; Question 144: Which of Ihe following control types is patch management cla...; Question 145: An annual information security has revealed that several OS-...; Question 146: Which of the following conditions impacts data sovereignty?...; Question 147: Which of the following BEST describes the method a security ...; Question 148: A company recently suffered a breach in which an attacker wa...; Question 149: Which of the following is a physical security control that e...; Question 150: Which of the following would produce the closet experience o...; Question 151: An organization recently acquired an ISO 27001 certification...; Question 152: As part of annual audit requirements, the security team perf...; Question 153: Which of the following best describes the situation where a ...; Question 154: A security administrator is seeking a solution to prevent un...; Question 155: A user received an SMS on a mobile phone that asked for bank...; Question 156: An organization needs to implement more stringent controls o...; Question 157: An internet company has created a new collaboration applicat...; Question 158: A candidate attempts to go to but accidentally visits http:/...; Question 159: Which of the following tools can assist with detecting an em...; Question 160: A company is concerned about individuals dnvmg a car into th...; Question 161: An enterprise has hired an outside security firm to facilita...; Question 162: An organization wants to secure a LAN/WLAN so users can auth...; Question 163: A company has discovered unauthorized devices are using its ...; Question 164: Which of the following test describes the risk that is prese...; Question 165: During a security assessment, a security finds a file with o...; Question 166: A company has numerous employees who store PHI data locally ...; Question 167: A security analyst discovers that a large number of employee...; Question 168: An employee received an email with an unusual file attachmen...; Question 169: Remote workers in an organization use company-provided lapto...; Question 170: A company currently uses passwords for logging in to company...; Question 171: A company that provides an online streaming service made its...; Question 172: A junior security analyst is reviewing web server logs and i...; Question 173: Which of the following would be BEST for a technician to rev...; Question 174: A security analyst was asked to evaluate a potential attack ...; Question 175: A security analyst is investigating a malware incident at a ...; Question 176: A security analyst reviews a company's authentication logs a...; Question 177: An organization is moving away from the use of client-side a...; Question 178: Cloud security engineers are planning to allow and deny acce...; Question 179: A financial institution would like to store its customer dat...; Question 180: An organization is having difficulty correlating events from...; Question 181: A contractor overhears a customer recite their credit card n...; Question 182: Which of the following describes business units that purchas...; Question 183: A company is moving to new location. The systems administrat...; Question 184: An IT manager is estimating the mobile device budget for the...; Question 185: A help desk technician receives an email from the Chief Info...; Question 186: A company recently experienced a significant data loss when ...; Question 187: Which of the following controls would be the MOST cost-effec...; Question 188: Which of the following uses six initial steps that provide b...; Question 189: An analyst is working on an email security incident in which...; Question 190: A Chief Security Officer (CSO) is concerned that cloud-based...; Question 191: A company completed a vulnerability scan. The scan found mal...; 1 commentQuestion 192: A security engineer learns that a non-critical application w...; 1 commentQuestion 193: A network analyst is setting up a wireless access point for ...; Question 194: An organization is outlining data stewardship roles and resp...; Question 195: A security administrator Installed a new web server. The adm...; Question 196: A company is focused on reducing risks from removable media ...; Question 197: A software development manager wants to ensure the authentic...; Question 198: An organization recently released a zero-trust policy that w...; Question 199: Which Of the following best ensures minimal downtime for org...; Question 200: An organization decided not to put controls in place because...; Question 201: A new vulnerability enables a type of malware that allows th...; Question 202: Which of the following roles is responsible for defining the...; Question 203: After gaining access to a dual-homed (i.e.. wired and wirele...; Question 204: A company policy requires third-party suppliers to self-repo...; Question 205: An organization wants seamless authentication to its applica...; Question 206: An attacker is trying to gain access by installing malware o...; Question 207: An organization recently completed a security control assess...; Question 208: A penetration tester was able to compromise a host using pre...; Question 209: Which of the following authentication methods sends out a un...; Question 210: A security engineer is installing a WAF to protect the compa...; Question 211: Which of the following roles would MOST likely have direct a...; 1 commentQuestion 212: An organization's Chief Information Security Officer is crea...; Question 213: In which of the following scenarios is tokenization the best...; Question 214: A security engineer must deploy two wireless routers in an o...; Question 215: A company needs to enhance Its ability to maintain a scalabl...; Question 216: A company is required to continue using legacy software to s...; Question 217: A company is looking to move completely to a remote work env...; Question 218: Which of the following environments would MOST likely be use...; Question 219: A cybersecurity administrator needs to implement a Layer 7 s...; Question 220: A network-connected magnetic resonance imaging (MRI) scanner...; Question 221: Hackers recently attacked a company's network and obtained s...; Question 222: A security analyst is looking for a solution to help communi...; Question 223: Which of the following is a solution that can be used to sto...; Question 224: A company is auditing the manner in which its European custo...; Question 225: A security analyst it investigating an incident to determine...; Question 226: Which of the following authentication methods is considered ...; 1 commentQuestion 227: An analyst Is generating a security report for the managemen...; Question 228: The concept of connecting a user account across the systems ...; Question 229: A user is trying to upload a tax document, which the corpora...; Question 230: Which of the following disaster recovery tests is the LEAST ...; Question 231: A newly purchased corporate WAP needs to be configured in th...; Question 232: A company is moving its retail website to a public cloud pro...; Question 233: Which of the following components can be used to consolidate...; Question 234: Employees at a company are receiving unsolicited text messag...; Question 235: A security administrator needs to provide secure access to i...; Question 236: An audit report indicates multiple suspicious attempts to ac...; Question 237: An organization suffered numerous multiday power outages at ...; Question 238: A grocery store is expressing security and reliability conce...; Question 239: A dynamic application vulnerability scan identified code inj...; Question 240: Which of the following would MOST likely be identified by a ...; Question 241: Which of the following involves the inclusion of code in the...; Question 242: A network architect wants a server to have the ability to re...; Question 243: An organization's corporate offices were destroyed due to a ...; Question 244: Which of the following provides a catalog of security and pr...; Question 245: A company has installed badge readers for building access bu...; Question 246: A cybersecurity analyst reviews the log files from a web ser...; Question 247: Which of the following agreements defines response time, esc...; Question 248: A Chief Information Officer receives an email stating a data...; Question 249: A global pandemic is forcing a private organization to close...; Question 250: You are security administrator investigating a potential inf...; Question 251: After a phishing scam fora user's credentials, the red team ...; Question 252: A new security engineer has started hardening systems. One o...; Question 253: A security analyst is responding to an alert from the SIEM. ...; Question 254: During a forensic investigation, a security analyst discover...; Question 255: Leveraging the information supplied below, complete the CSR ...; Question 256: A security administrator is compiling information from all d...; Question 257: Which of the following secure application development concep...; Question 258: Which of the following should be addressed first on security...; Question 259: A company would like to protect credit card information that...; Question 260: A company is concerned about individuals driving a car into ...; Question 261: A company's Chief Information Security Officer (CISO) recent...; Question 262: A building manager is concerned about people going in and ou...; Question 263: A security analyst needs to implement security features acro...; Question 264: A dynamic application vulnerability scan identified that cod...; Question 265: A security analyst is currently addressing an active cyber i...; Question 266: A cyber security administrator is using iptables as an enter...; Question 267: A security administrator is working on a solution to protect...; Question 268: A security manager is attempting to meet multiple security o...

Question 104/268

LEAVE A REPLY

Download PDF File