Valid SY0-601 Dumps shared by ExamDiscuss.com for Helping Passing SY0-601 Exam! ExamDiscuss.com now offer the newest SY0-601 exam dumps, the ExamDiscuss.com SY0-601 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com SY0-601 dumps with Test Engine here:
Access SY0-601 Dumps Premium Version
(1061 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 370/502
A security analyst discovers that a company's username and password database were posted on an internet forum. The usernames and passwords are stored in plaintext. Which of the following would mitigate the damage done by this type of data exfiltration in the future?
Correct Answer: B
Salting and hashing are techniques that can improve the security of passwords stored in a database by making them harder to crack or reverse-engineer by hackers who might access the database12.
Salting is the process of adding a unique, random string of characters known only to the site to each password before it is hashed2. Hashing is the process of converting a password into a fixed-length string of characters, which cannot be reversed3. Salting and hashing ensure that the encryption process results in a different hash value, even when two passwords are the same1. This makes it more difficult for an attacker to use pre-computed tables or dictionaries to guess the passwords, or to exploit duplicate hashes in the database4.
Salting is the process of adding a unique, random string of characters known only to the site to each password before it is hashed2. Hashing is the process of converting a password into a fixed-length string of characters, which cannot be reversed3. Salting and hashing ensure that the encryption process results in a different hash value, even when two passwords are the same1. This makes it more difficult for an attacker to use pre-computed tables or dictionaries to guess the passwords, or to exploit duplicate hashes in the database4.
- Question List (502q)
- Question 1: A retail executive recently accepted a job with a major comp...
- Question 2: A retail company that is launching @ new website to showcase...
- Question 3: A cyber security administrator is using iptables as an enter...
- Question 4: An employee received an email with an unusual file attachmen...
- Question 5: A Chief information Officer is concerned about employees usi...
- Question 6: Which of the following is constantly scanned by internet bot...
- Question 7: A security engineer is implementing FDE for all laptops in a...
- Question 8: A systems administrator is creating a script that would save...
- Question 9: Which of the following is a hardware-specific vulnerability?...
- Question 10: one of the attendees starts to notice delays in the connecti...
- Question 11: A vulnerability scan returned the following results: 2 Criti...
- Question 12: A company is looking to move completely to a remote work env...
- Question 13: A bank insists all of its vendors must prevent data loss on ...
- Question 14: A security team is reviewing the findings in a report that w...
- Question 15: An employee fell for a phishing scam, which allowed an attac...
- Question 16: Which of the following must be considered when designing a h...
- Question 17: Which of the following best ensures minimal downtime and dat...
- Question 18: Which of the following assists in training employees on the ...
- Question 19: Which of the following environments utilizes a subset of cus...
- Question 20: A bank was recently provided a new version of an executable ...
- Question 21: Which of the following is MOST likely to outline the roles a...
- Question 22: Which of the following would best enable a systems administr...
- Question 23: During the past year an organization has experienced several...
- Question 24: A company wants to build a new website to sell products onli...
- Question 25: During an incident, a company's CIRT determines it is necess...
- Question 26: A security analyst must enforce policies to harden an MDM in...
- Question 27: Which of the following is most likely associated with introd...
- Question 28: A network analyst is investigating compromised corporate inf...
- Question 29: A company is planning a disaster recovery site and needs to ...
- Question 30: A manufacturing organization wants to control and monitor ac...
- Question 31: A cybersecurity analyst at Company A is working to establish...
- Question 32: During a forensic investigation, a security analyst discover...
- Question 33: Which of the following practices would be best to prevent an...
- Question 34: A company is providing security awareness training regarding...
- Question 35: After a recent vulnerability scan, a security engineer needs...
- Question 36: A network administrator deployed a DNS logging tool that log...
- Question 37: A company is decommissioning its physical servers and replac...
- Question 38: During a recent penetration test, a tester plugged a laptop ...
- Question 39: A worldwide manufacturing company has been experiencing emai...
- Question 40: Which of the following is required for an organization to pr...
- Question 41: An organization relies on third-party videoconferencing to c...
- Question 42: A client asked a security company to provide a document outl...
- Question 43: Which of the following should be addressed first on security...
- Question 44: Which of the following would be used to find the most common...
- Question 45: The CIRT is reviewing an incident that involved a human reso...
- Question 46: A security analyst wants to verify that a client-server (non...
- Question 47: A company decided to reduce the cost of its annual cyber ins...
- Question 48: The concept of connecting a user account across the systems ...
- Question 49: An administrator is investigating an incident and discovers ...
- Question 50: An organization is outlining data stewardship roles and resp...
- Question 51: A security analyst at an organization observed several user ...
- Question 52: Which of the following should a Chief Information Security O...
- Question 53: The SIEM at an organization has detected suspicious traffic ...
- Question 54: A security analyst is reviewing SIEM logs during an ongoing ...
- Question 55: While performing digital forensics. which of the following i...
- Question 56: Which of the following strengthens files stored in the /etc/...
- Question 57: An organization recently completed a security control assess...
- Question 58: After a WiFi scan of a local office was conducted, an unknow...
- Question 59: After a web server was migrated to a cloud environment, user...
- Question 60: A Security engineer needs to implement an MDM solution that ...
- Question 61: Which of the following allows for the attribution of message...
- Question 62: A data cento has experienced an increase in under-voltage ev...
- Question 63: A developer is building a new portal to deliver single-pane-...
- Question 64: Users at a company are reporting they are unable to access t...
- Question 65: After conducting a vulnerability scan a systems administrato...
- Question 66: Which of the following supplies non-repudiation during a for...
- Question 67: Which of the following best describes a use case for a DNS s...
- Question 68: An external vendor recently visited a company's headquarters...
- Question 69: Which of the following would best explain why a security ana...
- Question 70: Which of Ihe following control types is patch management cla...
- Question 71: A building manager is concerned about people going in and ou...
- Question 72: A network administrator has been alerted that web pages are ...
- Question 73: A company recently decided to allow its employees to use the...
- Question 74: A company wants the ability to restrict web access and monit...
- Question 75: A company recently completed the transition from data center...
- Question 76: Which of the following threat actors is the most likely to u...
- Question 77: In a rush to meet an end-of-year business goal, the IT depar...
- Question 78: A security analyst is concerned about traffic initiated to t...
- Question 79: A security analyst notices several attacks are being blocked...
- Question 80: Which of the following social engineering attacks best descr...
- Question 81: Which of the following BEST describes the team that acts as ...
- Question 82: A company is designing the layout of a new data center so it...
- Question 83: The local administrator account for a company's VPN applianc...
- Question 84: A company acquired several other small companies The company...
- Question 85: A new company wants to avoid channel interference when build...
- Question 86: Which of the following is an example of risk avoidance?...
- Question 87: A security administrator is compiling information from all d...
- Question 88: Recent changes to a company's BYOD policy require all person...
- Question 89: A company was compromised, and a security analyst discovered...
- Question 90: A systems administrator wants to implement a backup solution...
- Question 91: An organization is moving away from the use of client-side a...
- Question 92: Which of the following would help ensure a security analyst ...
- Question 93: The manager who is responsible for a data set has asked a se...
- Question 94: Which of the following would be the best ways to ensure only...
- Question 95: Several employees received a fraudulent text message from so...
- Question 96: A small, local company experienced a ransomware attack. The ...
- Question 97: Which of the following describes the ability of code to targ...
- Question 98: A desktop computer was recently stolen from a desk located i...
- Question 99: A company is currently utilizing usernames and passwords, an...
- Question 100: A security administrator is using UDP port 514 to send a sys...
- Question 101: An organization is concerned about intellectual property the...
- Question 102: * Sensitive customer data must be safeguarded. * Documents f...
- Question 103: In which of the following scenarios is tokenization the best...
- Question 104: A company wants to implement MFA. Which of the following ena...
- Question 105: An enterprise has hired an outside security firm to facilita...
- Question 106: A security practitioner is performing due diligence on a ven...
- Question 107: A security architect is required to deploy to conference roo...
- Question 108: A security administrator Is evaluating remote access solutio...
- Question 109: A municipality implements an loT device discovery scanner an...
- Question 110: A company's public-facing website, https://www.organization....
- Question 111: A security team received the following requirements for a ne...
- Question 112: A help desk technician receives a phone call from someone cl...
- Question 113: Which of the following components can be used to consolidate...
- Question 114: A security team discovered a large number of company-issued ...
- Question 115: A help desk technician receives an email from the Chief Info...
- Question 116: A systems engineer thinks a business system has been comprom...
- Question 117: A company needs to enhance Its ability to maintain a scalabl...
- Question 118: An administrator has identified and fingerprinted specific f...
- Question 119: The technology department at a large global company is expan...
- Question 120: An analyst examines the web server logs after a compromise a...
- Question 121: Which of the following best describes when an organization U...
- Question 122: Which of the following would most likely include language pr...
- Question 123: Which of the following will increase cryptographic security?...
- Question 124: Which of the following BEST describes a social-engineering a...
- Question 125: Which of the following describes software on network hardwar...
- Question 126: A security analyst is assessing several company firewalls. W...
- Question 127: An administrator identifies some locations on the third floo...
- Question 128: A company wants to get alerts when others are researching an...
- Question 129: An organization wants to minimize the recovery time from bac...
- Question 130: A financial institution recently joined a bug bounty program...
- Question 131: Which of the following in a forensic investigation should be...
- Question 132: A security administrator is seeking a solution to prevent un...
- Question 133: Which of the following best describes a threat actor who is ...
- Question 134: During a recent cybersecurity audit, the auditors pointed ou...
- Question 135: A company recently upgraded its authentication infrastructur...
- Question 136: A security analyst is reviewing the output of a web server l...
- Question 137: A company was recently breached Pan of the company's new cyb...
- Question 138: The security team received a report of copyright infringemen...
- Question 139: An employee in the accounting department receives an email c...
- Question 140: The compliance team requires an annual recertification of pr...
- Question 141: An organization implemented cloud-managed IP cameras to moni...
- Question 142: A customer called a company's security team to report that a...
- Question 143: Which of the following exercises should an organization use ...
- Question 144: Which of the following involves embedding malware in routers...
- Question 145: A financial institution would like to store its customer dat...
- Question 146: A security administrator is analyzing the corporate wireless...
- Question 147: Which of the following threat vectors is most commonly utili...
- Question 148: A security architect is designing a remote access solution f...
- Question 149: A security administrator performs weekly vulnerability scans...
- Question 150: A security analyst was deploying a new website and found a c...
- Question 151: A user is trying unsuccessfully to send images via SMS. The ...
- Question 152: After a phishing scam fora user's credentials, the red team ...
- Question 153: A user, who is waiting for a flight at an airport, logs in t...
- Question 154: Since a recent upgrade to a WLAN infrastructure, several mob...
- Question 155: A security analyst is investigating a SIEM event concerning ...
- Question 156: A network-connected magnetic resonance imaging (MRI) scanner...
- Question 157: A cybersecurity administrator needs to implement a Layer 7 s...
- Question 158: Which of the following authentication methods is considered ...
- Question 159: An analyst Is generating a security report for the managemen...
- Question 160: An employee's company email is configured with conditional a...
- Question 161: A security analyst is reviewing computer logs because a host...
- Question 162: An administrator reviewed the log files after a recent ranso...
- Question 163: A company's Chief Information Security Officer (CISO) recent...
- Question 164: A user received an SMS on a mobile phone that asked for bank...
- Question 165: A new plug-and-play storage device was installed on a PC in ...
- Question 166: Which of the following supplies non-repudiation during a for...
- Question 167: A security analyst is investigating what appears to be unaut...
- Question 168: A company wants to improve its access standards to prevent t...
- Question 169: The Chief Information Security Officer wants to pilot a new ...
- Question 170: Two companies are in the process of merging. The companies n...
- Question 171: A security analyst needs to recommend a solution that will a...
- Question 172: Which of the following should a security operations center u...
- Question 173: Which of the following requirements apply to a CYOD policy? ...
- Question 174: An organization has been experiencing outages during holiday...
- Question 175: The new Chief Information Security Officer at a company has ...
- Question 176: Remote workers in an organization use company-provided lapto...
- Question 177: An IT security team is concerned about the confidentiality o...
- Question 178: A systems analyst determines the source of a high number of ...
- Question 179: Which of the following is the most common data loss path for...
- Question 180: Which of the following is the most effective way to protect ...
- Question 181: A systems administrator set up an automated process that che...
- Question 182: A company is implementing a new SIEM to log and send alerts ...
- Question 183: The security team installed video cameras in a prominent loc...
- Question 184: A police department is using the cloud to share information ...
- Question 185: Which of the following threat actors is the most likely to u...
- Question 186: After multiple on-premises security solutions were migrated ...
- Question 187: A manufacturing company has several one-off legacy informati...
- Question 188: An organization developed a virtual thin client running in k...
- Question 189: Which of the following allow access to remote computing reso...
- Question 190: Which of the following best describes why a process would re...
- Question 191: A user is attempting to navigate to a website from inside th...
- Question 192: A security administrator manages five on-site APs. Each AP u...
- Question 193: Which of the following would satisfy three-factor authentica...
- Question 194: A security administrator recently reset local passwords and ...
- Question 195: Which of the following should a systems administrator use to...
- Question 196: A new vulnerability enables a type of malware that allows th...
- Question 197: A security manager is implementing UFA and patch management....
- Question 198: When implementing automation with loT devices, which of the ...
- Question 199: Which of the following is the correct order of evidence from...
- Question 200: A backup operator wants to perform a backup to enhance the R...
- Question 201: A company uses a SaaS vendor to host its customer database. ...
- Question 202: Which of the following authentication methods sends out a un...
- Question 203: A security researcher is tracking an adversary by noting its...
- Question 204: Server administrators want to configure a cloud solution so ...
- Question 205: A cyber operations team informs a security analyst about a n...
- Question 206: An enterprise needs to keep cryptographic keys in a safe man...
- Question 207: An analyst examines the web server logs after a compromise a...
- Question 208: An organization suffered numerous multiday power outages at ...
- Question 209: A software company has a shared codebase for multiple projec...
- Question 210: After a security incident, a systems administrator asks the ...
- Question 211: A recent vulnerability scan revealed multiple servers have n...
- Question 212: A security administrator is configuring fileshares. The admi...
- Question 213: A security analyst was asked to evaluate a potential attack ...
- Question 214: A systems administrator is looking for a low-cost applicatio...
- Question 215: Which of the following should a systems administrator set up...
- Question 216: A security analyst is looking for a way to categorize and sh...
- Question 217: A penetration test revealed that several Linux servers were ...
- Question 218: A corporate security team needs to secure the wireless perim...
- Question 219: A security team is engaging a third-party vendor to do a pen...
- Question 220: An analyst is providing feedback on an incident that involve...
- Question 221: Which of the following best describes the risk present after...
- Question 222: Which of the following is the most likely outcome if a large...
- Question 223: A security administrator is reissuing a former employee's la...
- Question 224: An auditor discovered multiple insecure pons on some server'...
- Question 225: Audit logs indicate an administrative account that belongs t...
- Question 226: A company is concerned about individuals dnvmg a car into th...
- Question 227: Which of the following methods to secure credit card data is...
- Question 228: A company recently experienced an attack during which 5 main...
- Question 229: An organization's Chief Information Security Officer is crea...
- Question 230: A hosting provider needs to prove that its security controls...
- Question 231: A security analyst scans a company's public network and disc...
- Question 232: Which of the following environments would MOST likely be use...
- Question 233: A large retail store's network was breached recently. and th...
- Question 234: Which of the following threat actors is the most likely to b...
- Question 235: A company is looking to migrate some servers to the cloud to...
- Question 236: Which Of the following is a primary security concern for a s...
- Question 237: During a Chief Information Security Officer (CISO) conventio...
- Question 238: An annual information security assessment has revealed that ...
- Question 239: A security analyst is responding to a malware incident at a ...
- Question 240: A company's help desk has received calls about the wireless ...
- Question 241: Which of the following can be used by an authentication appl...
- Question 242: A security administrator examines the ARP table of an access...
- Question 243: A security engineer is concerned about using an agent on dev...
- Question 244: An enterprise has hired an outside security firm to conduct ...
- Question 245: An attack has occurred against a company. INSTRUCTIONS You h...
- Question 246: Which of the following isa risk that is specifically associa...
- Question 247: Following a prolonged data center outage that affected web-b...
- Question 248: Which of the following utilizes public and private keys to s...
- Question 249: A client sent several inquiries to a project manager about t...
- Question 250: Which of the following best practices gives administrators a...
- Question 251: A software developer would like to ensure the source code ca...
- Question 252: A security administrator needs to provide secure access to i...
- Question 253: A cybersecurity administrator needs to allow mobile BYOD dev...
- Question 254: A company implemented an MDM policy to mitigate risks after ...
- Question 255: A security administrator is working to secure company data o...
- Question 256: An administrator was notified that a user logged in remotely...
- Question 257: A technician needs to apply a high-priority patch to a produ...
- Question 258: A food delivery service gives its drivers mobile devices tha...
- Question 259: Which of the following terms should be included in a contrac...
- Question 260: A security analyst and the management team are reviewing the...
- Question 261: A technician wants to improve the situational and environmen...
- Question 262: A security administrator needs to block a TCP connection usi...
- Question 263: A web server log contains two million lines. A security anal...
- Question 264: Which of the following measures the average time that equipm...
- Question 265: An organization decided not to put controls in place because...
- Question 266: During an investigation, an incident response team attempts ...
- Question 267: A security analyst is reviewing packet capture data from a c...
- Question 268: Which of the following BEST describes the method a security ...
- Question 269: recovery sites is the best option?...
- Question 270: Adding a value to the end of a password to create a differen...
- Question 271: A company hired a consultant to perform an offensive securit...
- Question 272: Which of the following processes would most likely help an o...
- Question 273: A security analyst is investigating multiple hosts that are ...
- Question 274: A major manufacturing company updated its internal infrastru...
- Question 275: A company recently suffered a breach in which an attacker wa...
- Question 276: Which of the following examples would be best mitigated by i...
- Question 277: The management team notices that new accounts that are set u...
- Question 278: Which of the following security concepts is the best reason ...
- Question 279: Which of the following is a primary security concern for a c...
- Question 280: An analyst is reviewing an incident in which a user clicked ...
- Question 281: As accounting clerk sent money to an attacker's bank account...
- Question 282: Which of the following, if compromised, can indirectly impac...
- Question 283: A global company is experiencing unauthorized logging due to...
- Question 284: A Chief Information Officer is concerned about employees usi...
- Question 285: A governance, risk, and compliance team created a report tha...
- Question 286: A security analyst finds a rogue device during a monthly aud...
- Question 287: A company executive experienced a security issue at an airpo...
- Question 288: Employees in the research and development business unit rece...
- Question 289: A company requires that all user authentication against a co...
- Question 290: A security analyst needs to implement security features acro...
- Question 291: An attacker is trying to gain access by installing malware o...
- Question 292: A company wants to ensure that all devices are secured prope...
- Question 293: Which of the following is the most likely to be included as ...
- Question 294: Which of the following would be most effective to contain a ...
- Question 295: A company wants to begin taking online orders for products b...
- Question 296: A security department wants to conduct an exercise that will...
- Question 297: A dynamic application vulnerability scan identified that cod...
- Question 298: Which of the following has the ability to physically verify ...
- Question 299: A company is expanding its threat surface program and allowi...
- Question 300: Which of the following is a method used by some organization...
- Question 301: A global pandemic is forcing a private organization to close...
- Question 302: Which of the following describes an executive team that is m...
- Question 303: A web application for a bank displays the following output w...
- Question 304: Which of the following is an administrative control that wou...
- Question 305: Which of the following attributes would be the most appropri...
- Question 306: Which of the following would produce the closet experience o...
- Question 307: An enterprise has been experiencing attacks focused on explo...
- Question 308: While reviewing the /etc/shadow file, a security administrat...
- Question 309: An analyst is working on an email security incident in which...
- Question 310: An employee's laptop was stolen last month. This morning, th...
- Question 311: A third-party vendor is moving a particular application to t...
- Question 312: A systems administrator is working on a solution with the fo...
- Question 313: A security analyst is working with a vendor to get a new Saa...
- Question 314: A security administrator received an alert for a user accoun...
- Question 315: As part of the lessons-learned phase, the SOC is tasked with...
- Question 316: A security researcher has alerted an organization that its s...
- Question 317: The Chief Information Security Officer (CISO) wants a produc...
- Question 318: Which of the following environments typically hosts the curr...
- Question 319: A company is planning to set up a SIEM system and assign an ...
- Question 320: A security analyst is reviewing the following command-line o...
- Question 321: A company deployed a Wi-Fi access point in a public area and...
- Question 322: A security administrator is managing administrative access t...
- Question 323: Which of the following best describes the action captured in...
- Question 324: Which of the following disaster recovery tests is the LEAST ...
- Question 325: A company has discovered unauthorized devices are using its ...
- Question 326: The help desk has received calls from users in multiple loca...
- Question 327: A company recently decided to allow employees to work remote...
- Question 328: An organization disabled unneeded services and placed a fire...
- Question 329: A security administrator recently used an internal CA to iss...
- Question 330: A company must ensure sensitive data at rest is rendered unr...
- Question 331: A company a "right to forgotten" request To legally comply, ...
- Question 332: Which of the following teams combines both offensive and def...
- Question 333: A network penetration tester has successfully gained access ...
- Question 334: The most recent vulnerability scan flagged the domain contro...
- Question 335: An engineer recently deployed a group of 100 web servers in ...
- Question 336: As part of the building process for a web application, the c...
- Question 337: A local business When of the following best describes a lega...
- Question 338: Which Of the following will provide the best physical securi...
- Question 339: A security analyst is reviewing the vulnerability scan repor...
- Question 340: A security analyst is responding to an alert from the SIEM. ...
- Question 341: An organization's corporate offices were destroyed due to a ...
- Question 342: A security professional wants to enhance the protection of a...
- Question 343: Which of the following technologies can better utilize compu...
- Question 344: A company's legal department drafted sensitive documents in ...
- Question 345: A security administrator is setting up a SIEM to help monito...
- Question 346: An organization is having difficulty correlating events from...
- Question 347: A cybersecurity analyst reviews the log files from a web ser...
- Question 348: Which of the following describes a social engineering techni...
- Question 349: An employee clicked a link in an email from a payment websit...
- Question 350: A security analyst needs to harden access to a network. One ...
- Question 351: A network administrator added a new router to the network. W...
- Question 352: A systems administrator wants to prevent users from being ab...
- Question 353: Which Of the following security controls can be used to prev...
- Question 354: Employees at a company are receiving unsolicited text messag...
- Question 355: The Chief Information Security Officer (CISO) of a bank rece...
- Question 356: Which of the following describes the understanding between a...
- Question 357: During an investigation, events from two affected servers in...
- Question 358: Law enforcement officials sent a company a notification that...
- Question 359: A security operations center determines that the malicious a...
- Question 360: Which of the following must be in place before implementing ...
- Question 361: A company wants to ensure that ail devices are secured prope...
- Question 362: Hackers recently attacked a company's network and obtained s...
- Question 363: A company needs to provide administrative access to internal...
- Question 364: A cybersecurity analyst needs to adopt controls to properly ...
- Question 365: A security analyst reviews a company's authentication logs a...
- Question 366: A recent penetration test identified that an attacker could ...
- Question 367: A security analyst is currently addressing an active cyber i...
- Question 368: An organization with high security needs is concerned about ...
- Question 369: A developer recently launched a new log-in page for a custom...
- Question 370: A security analyst discovers that a company's username and p...
- Question 371: A company is implementing a vendor's security tool in the cl...
- Question 372: The application development team is in the final stages of d...
- Question 373: A company has numerous employees who store PHI data locally ...
- Question 374: An incident analyst finds several image files on a hard disk...
- Question 375: A company wants to deploy decoy systems alongside production...
- Question 376: Security analysts notice a server login from a user who has ...
- Question 377: A security analyst is working with the IT group to define ap...
- Question 378: Which of the following involves an attempt to take advantage...
- Question 379: Which of the following conditions impacts data sovereignty?...
- Question 380: The Chief Information Security Officer (CISO) asks a securit...
- Question 381: Which of the following permits consistent automated deployme...
- Question 382: A security consultant needs secure, remote access to a clien...
- Question 383: A network analyst is setting up a wireless access point for ...
- Question 384: Which of the following is the correct order of volatility fr...
- Question 385: A penetration tester was able to compromise a host using pre...
- Question 386: A large industrial system's smart generator monitors the sys...
- Question 387: A company would like to implement a daily backup solution. T...
- Question 388: The primary goal of the threat-hunting team at a large compa...
- Question 389: A security administrator would like to protect data on emplo...
- Question 390: A company was recently breached. Part of the company's new c...
- Question 391: Users are reporting performance issues from a specific appli...
- Question 392: A security manager is implementing MFA and patch management....
- Question 393: A new vulnerability in the SMB protocol on the Windows syste...
- Question 394: An organization wants to limit potential impact to its log-i...
- Question 395: During a forensic investigation, an analyst uses software to...
- Question 396: A software company is analyzing a process that detects softw...
- Question 397: A security analyst reports a company policy violation in a c...
- Question 398: A company's help desk has received calls about the wireless ...
- Question 399: A new security engineer has started hardening systems. One o...
- Question 400: A routine audit of medical billing claims revealed that seve...
- Question 401: A security analyst needs to implement an MDM solution for BY...
- Question 402: A company owns a public-facing e-commerce website. The compa...
- Question 403: A security analyst is hardening a network infrastructure The...
- Question 404: Which of the following methods can be used to detect attacke...
- Question 405: A Chief Information Security Officer (CISO) is evaluating (h...
- Question 406: A systems integrator is installing a new access control syst...
- Question 407: Historically, a company has had issues with users plugging i...
- Question 408: A security analyst notices an unusual amount of traffic hitt...
- Question 409: An organization recently released a zero-trust policy that w...
- Question 410: A security analyst is reviewing an IDS alert and sees the fo...
- Question 411: An analyst is trying to identify insecure services that are ...
- Question 412: An organization routes all of its traffic through a VPN Most...
- Question 413: Which of the following BEST describes data streams that are ...
- Question 414: A user attempts to load a web-based application, but the exp...
- Question 415: A security team created a document that details the order in...
- Question 416: Which of the following is the final step of the incident res...
- Question 417: A company policy states that all new SaaS applications must ...
- Question 418: Which of the following is best used to detect fraud by assig...
- Question 419: Which of the following incident response steps occurs before...
- Question 420: A data owner has been tasked with assigning proper data clas...
- Question 421: An organization's internet-facing website was compromised wh...
- Question 422: Leveraging the information supplied below, complete the CSR ...
- Question 423: An analyst observed an unexpected high number of DE authenti...
- Question 424: During a security assessment, a security finds a file with o...
- Question 425: The management team has requested that the security team imp...
- Question 426: A small business uses kiosks on the sales floor to display p...
- Question 427: The SOC detected an increase in failed authentication attemp...
- Question 428: Which of the following is an algorithm performed to verify t...
- Question 429: Which of the following best describes a tool used by an orga...
- Question 430: Which of the following describes the exploitation of an inte...
- Question 431: An audit identified Pll being utilized in the development en...
- Question 432: Which of the following provides guidelines for the managemen...
- Question 433: As part of the building process for a web application, the c...
- Question 434: A security analyst is running a vulnerability scan to check ...
- Question 435: Which of the following environment utilizes dummy data and i...
- Question 436: A security analyst is taking part in an evaluation process t...
- Question 437: An organization recently updated its security policy to incl...
- Question 438: An organization has hired a security analyst to perform a pe...
- Question 439: Which of the following explains why an attacker cannot easil...
- Question 440: A network administrator needs to determine the sequence of a...
- Question 441: A security administrator would like to ensure all cloud serv...
- Question 442: An organization wants to quickly assess how effectively the ...
- Question 443: A security analyst it investigating an incident to determine...
- Question 444: Which of the following threat actors is most likely to use a...
- Question 445: A systems administrator would like to set up a system that w...
- Question 446: An employee recently resigned from a company. The employee w...
- Question 447: A security analyst discovers several jpg photos from a cellu...
- Question 448: A systems administrator works for a local hospital and needs...
- Question 449: Which of the following controls would provide the BEST prote...
- Question 450: An organization needs to implement more stringent controls o...
- Question 451: A desktop support technician recently installed a new docume...
- Question 452: Which of the following methods can be used to detect attacke...
- Question 453: A security assessment found that several embedded systems ar...
- Question 454: A security analyst is reviewing the following logs: [10:00:0...
- Question 455: A certificate vendor notified a company that recently invali...
- Question 456: Users report access to an application from an internal works...
- Question 457: A security incident has been resolved Which of the following...
- Question 458: Which of the following scenarios describes a possible busine...
- Question 459: An organization recently released a software assurance polic...
- Question 460: A systems administrator receives the following alert from a ...
- Question 461: A web server has been compromised due to a ransomware attack...
- Question 462: Which of the following describes business units that purchas...
- Question 463: An audit report indicates multiple suspicious attempts to ac...
- Question 464: A web architect would like to move a company's website prese...
- Question 465: A vulnerability has been discovered and a known patch to add...
- Question 466: Which of the following procedures would be performed after t...
- Question 467: One of a company's vendors sent an analyst a security bullet...
- Question 468: Which of the following can a security director use to priori...
- Question 469: Which of the following is the BEST action to foster a consis...
- Question 470: An analyst in the human resources organization is responsibl...
- Question 471: A security engineer needs to create a network segment that c...
- Question 472: An enterprise is trying to limit outbound DNS traffic origin...
- Question 473: An organization is building a new headquarters and has place...
- Question 474: A business is looking for a cloud service provider that offe...
- Question 475: A company recently experienced a significant data loss when ...
- Question 476: A security engineer needs to configure an NGFW to minimize t...
- Question 477: A security analyst is investigating a phishing email that co...
- Question 478: A company hired a security manager from outside the organiza...
- Question 479: A newly identified network access vulnerability has been fou...
- Question 480: During a security incident the security operations team iden...
- Question 481: Which of the following is classified as high availability in...
- Question 482: Which of the following is most likely associated with introd...
- Question 483: Which of the following best represents an application that d...
- Question 484: Which of the following would be the best way to block unknow...
- Question 485: A security administrator Installed a new web server. The adm...
- Question 486: Which of the following is used to add extra complexity befor...
- Question 487: Which of the following is the MOST secure but LEAST expensiv...
- Question 488: A security analyst reviews domain activity logs and notices ...
- Question 489: A security administrator suspects there may be unnecessary s...
- Question 490: A company needs to keep the fewest records possible, meet co...
- Question 491: An organization implemented cloud-managed IP cameras to moni...
- Question 492: A security analyst is investigating a report from a penetrat...
- Question 493: An employee finds a USB flash drive labeled "Salary Info" in...
- Question 494: Security engineers are working on digital certificate manage...
- Question 495: A company is enhancing the security of the wireless network ...
- Question 496: A security analyst has been tasked with creating a new WiFi ...
- Question 497: Which of the following is most likely to include a SCADA sys...
- Question 498: Which of the following describes a maintenance metric that m...
- Question 499: Which of the following would most likely mitigate the impact...
- Question 500: A security engineer updated an application on company workst...
- Question 501: During an investigation, the incident response team discover...
- Question 502: Which of the following is a common source of unintentional c...
