Valid SY0-601 Dumps shared by ExamDiscuss.com for Helping Passing SY0-601 Exam! ExamDiscuss.com now offer the newest SY0-601 exam dumps, the ExamDiscuss.com SY0-601 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com SY0-601 dumps with Test Engine here:
Access SY0-601 Dumps Premium Version
(1061 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 591/610
A cybersecurity administrator needs to implement a Layer 7 security control on a network and block potential attacks. Which of the following can block an attack at Layer 7? (Choose two.)
Correct Answer: B,D
A WAF or web application firewall helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model).
A network intrusion protection system (NIPS) is an umbrella term for a combination of hardware and software systems that protect computer networks from unauthorized access and malicious activity. NIPS consists of NIDS and IPS. WAF is a firewall. NIPS can operate up to layer 7 by passing or allowing traffic.
A network intrusion protection system (NIPS) is an umbrella term for a combination of hardware and software systems that protect computer networks from unauthorized access and malicious activity. NIPS consists of NIDS and IPS. WAF is a firewall. NIPS can operate up to layer 7 by passing or allowing traffic.
- Question List (610q)
- Question 1: An external vendor recently visited a company's headquarters...
- Question 2: Which of the following is assured when a user signs an email...
- Question 3: A company uses a SaaS vendor to host its customer database. ...
- Question 4: Which of the following typically uses a combination of human...
- Question 5: An employee received a word processing file that was deliver...
- Question 6: Which of the following prevents an employee from seeing a co...
- Question 7: Which of the following are requirements that must be configu...
- Question 8: Drag and Drop Question A security engineer is setting up pas...
- Question 9: The manager who is responsible for a data set has asked a se...
- Question 10: A company uses wireless tor all laptops and keeps a very det...
- Question 11: Which of the following would provide guidelines on how to la...
- Question 12: In which of the following situations would it be BEST to use...
- Question 13: Two companies are in the process of merging. The companies n...
- Question 14: A security analyst is reviewing the following logs: (Exhibit...
- Question 15: Which of the following best describes an environment where a...
- Question 16: A security analyst needs to find real-time data on the lates...
- Question 17: Which of the following security controls can be used to prev...
- Question 18: The spread of misinformation surrounding the outbreak of a n...
- Question 19: Audit logs indicate an administrative account that belongs t...
- Question 20: An application owner reports suspicious activity on an inter...
- Question 21: A user's account is constantly being locked out. Upon furthe...
- Question 22: An attacker browses a company's online job board attempting ...
- Question 23: A large bank with two geographically dispersed data centers ...
- Question 24: A security engineer at an offline government facility is con...
- Question 25: Which of the following refers to applications and systems th...
- Question 26: An organization has hired a red team to simulate attacks on ...
- Question 27: An organization wants to minimize the recovery time from bac...
- Question 28: The board of doctors at a company contracted with an insuran...
- Question 29: A security analyst is using a recently released security adv...
- Question 30: Which of the following uses six initial steps that provide b...
- Question 31: Which of the following is a known security risk associated w...
- Question 32: The security team installed video cameras in a prominent loc...
- Question 33: Remote workers in an organization use company-provided lapto...
- Question 34: A systems administrator is redesigning how devices will perf...
- Question 35: A systems engineer is building a new system for production. ...
- Question 36: A company needs to centralize its logs to create a baseline ...
- Question 37: A security analyst is reviewing logs on a server and observe...
- Question 38: Which of the following scenarios would make a DNS sinkhole e...
- Question 39: A network engineer and a security engineer are discussing wa...
- Question 40: Several attempts have been made to pick the door lock of a s...
- Question 41: A commercial cyber-threat intelligence organization observes...
- Question 42: After entering a username and password, an administrator mus...
- Question 43: An attacker has determined the best way to impact operations...
- Question 44: A systems administrator reports degraded performance on a vi...
- Question 45: A security administrator receives alerts from the perimeter ...
- Question 46: A local server recently crashed and the team is attempting t...
- Question 47: A company just implemented a new telework policy that allows...
- Question 48: Which of the following is the BEST example of a cost-effecti...
- Question 49: Which of the following is an effective tool to stop or preve...
- Question 50: While investigating a recent security breach, an analyst fin...
- Question 51: A user downloaded an extension for a browser, and the uses d...
- Question 52: A Chief Information Officer receives an email stating a data...
- Question 53: A marketing coordinator is trying to access a social media a...
- Question 54: A security analyst is performing a forensic investigation co...
- Question 55: Which of the following should customers who are involved wit...
- Question 56: A financial analyst is expecting an email containing sensiti...
- Question 57: A system that requires an operation availability of 99.99% a...
- Question 58: A security analyst needs to harden access to a network. One ...
- Question 59: Which of the following provides a calculated value for known...
- Question 60: An organization relies on third-party videoconferencing to c...
- Question 61: A security analyst is reviewing application logs to determin...
- Question 62: A security architect is implementing a new email architectur...
- Question 63: Which of the following would be the BEST way to analyze disk...
- Question 64: A cybersecurity department purchased o new PAM solution. The...
- Question 65: Joe, an employee, receives an email stating he won the lotte...
- Question 66: A growing company would like to enhance the ability of its s...
- Question 67: As part of annual audit requirements, the security team perf...
- Question 68: A security incident has been resolved. Which of the followin...
- Question 69: An organization's policy requires users to create passwords ...
- Question 70: A forensics investigator is examining a number of unauthoriz...
- Question 71: The SOC is reviewing process and procedures after a recent i...
- Question 72: An organization is building backup server rooms in geographi...
- Question 73: A recent audit uncovered a key finding regarding the use of ...
- Question 74: Which of the following measures the average time that equipm...
- Question 75: A small company that does not have security staff wants to i...
- Question 76: After a recent ransomware attack on a company's system, an a...
- Question 77: A company has been experiencing very brief power outages fro...
- Question 78: Which of the following would BEST identify and remediate a d...
- Question 79: The Chief Information Security Officer of an organization ne...
- Question 80: Which of the following allows for functional test data to be...
- Question 81: A systems engineer thinks a business system has been comprom...
- Question 82: Which of the following is a reason to publish files' hashes?...
- Question 83: A company recently moved sensitive videos between on-premise...
- Question 84: While troubleshooting service disruption on a mission-critic...
- Question 85: A security analyst is assisting a team of developers with be...
- Question 86: During a trial, a judge determined evidence gathered from a ...
- Question 87: Hotspot Question You are a security administrator investigat...
- Question 88: A network engineer needs to create a plan for upgrading the ...
- Question 89: A security analyst generated a file named host1.pcap and sha...
- Question 90: A penetration-testing firm is working with a local community...
- Question 91: Which of the following incident response phases should the p...
- Question 92: Which of the following can be used to identify potential att...
- Question 93: A company posts a sign indicating its server room is under v...
- Question 94: Certain users are reporting their accounts are being used to...
- Question 95: While assessing the security of a web application, a securit...
- Question 96: A security administrator examines the ARP table of an access...
- Question 97: Which of the following is used to ensure that evidence is ad...
- Question 98: A company recently experienced a major breach. An investigat...
- Question 99: Which of the following is a detective and deterrent control ...
- Question 100: A company is auditing the manner in which its European custo...
- Question 101: An organization is concerned about intellectual property the...
- Question 102: A spoofed identity was detected for a digital certificate. W...
- Question 103: A junior security analyst is reviewing web server logs and i...
- Question 104: An information security incident recently occurred at an org...
- Question 105: Which of the following control types fixes a previously iden...
- Question 106: Which of the following is an example of transference of risk...
- Question 107: A company wants to restrict emailing of PHI documents. The c...
- Question 108: Administrators have allowed employee to access their company...
- Question 109: An employee who is using a mobile device for work, is requir...
- Question 110: While troubleshooting a firewall configuration, a technician...
- Question 111: A business is looking for a cloud service provider that offe...
- Question 112: A help desk technician receives a phone call from someone cl...
- Question 113: A nuclear plant was the victim of a recent attack, and all t...
- Question 114: An organization has been experiencing outages during holiday...
- Question 115: Which of the following best describes why the SMS OTP authen...
- Question 116: After returning from a conference, a user's laptop has been ...
- Question 117: Which of the following describes a maintenance metric that m...
- Question 118: A company is experiencing an increasing number of systems th...
- Question 119: Adding a value to the end of a password to create a differen...
- Question 120: An enterprise has hired an outside security firm to conduct ...
- Question 121: A company network is currently under attack. Although securi...
- Question 122: An organization routes all of its traffic through a VPN Most...
- Question 123: A Chief Security Officer (CSO) is concerned about the volume...
- Question 124: A security analyst is configuring a large number of new comp...
- Question 125: An attacker is attempting to harvest user credentials on a c...
- Question 126: A security analyst has received an alert about PII being sen...
- Question 127: A Chief Information Security Officer (CISO) is evaluating th...
- Question 128: The chief information security officer (CISO) has requested ...
- Question 129: A company wants to pragmatically grant access to users who h...
- Question 130: An analyst is trying to identify insecure services that are ...
- Question 131: Which of the following should a data owner require all perso...
- Question 132: Several employees have noticed other bystanders can clearly ...
- Question 133: A company wants the ability to restrict web access and monit...
- Question 134: A company wants to get alerts when others are researching an...
- Question 135: Security analysts notice a server login from a user who has ...
- Question 136: The Chief information Security Officer has directed the secu...
- Question 137: An organization is tuning SIEM rules based off of threat int...
- Question 138: Against the recommendation of the IT security analyst, a com...
- Question 139: A security analyst is reviewing the following output from a ...
- Question 140: A desktop support technician recently installed a new docume...
- Question 141: A security administrator suspects there may be unnecessary s...
- Question 142: Which of the following attacks MOST likely occurred on the u...
- Question 143: A security analyst has been tasked with creating a new WiFi ...
- Question 144: A technician enables full disk encryption on a laptop that w...
- Question 145: A systems engineer wants to leverage a cloud-based architect...
- Question 146: A security analyst was asked to evaluate a potential attack ...
- Question 147: Which two features are available only in next-generation fir...
- Question 148: A user must introduce a password and a USB key to authentica...
- Question 149: A well-known organization has been experiencing attacks from...
- Question 150: During a recent security incident at a multinational corpora...
- Question 151: A security administrator is evaluating remote access solutio...
- Question 152: A security analyst is investigating suspicious traffic on th...
- Question 153: A software development manager wants to ensure the authentic...
- Question 154: During the onboarding process, an employee needs to create a...
- Question 155: A global company is experiencing unauthorized logging due to...
- Question 156: Which of the following types of disaster recovery plan exerc...
- Question 157: An organization has implemented a two-step verification proc...
- Question 158: A user's login credentials were recently compromised During ...
- Question 159: A systems administrator is looking for a solution that will ...
- Question 160: A cybersecurity analyst reviews the log files from a web ser...
- Question 161: Which of the following can work as an authentication method ...
- Question 162: A security analyst is reviewing computer logs because a host...
- Question 163: A security analyst is reviewing the vulnerability scan repor...
- Question 164: Which of the following, if compromised, can indirectly impac...
- Question 165: An information security policy stales that separation of dut...
- Question 166: A company recently decided to allow its employees to use the...
- Question 167: A Chief Information Security Officer (CISO) needs to create ...
- Question 168: A network administrator has been asked to design a solution ...
- Question 169: A company wants to deploy decoy systems alongside production...
- Question 170: Which of the following is a valid multifactor authentication...
- Question 171: The local administrator account for a company's VPN applianc...
- Question 172: An engineer recently deployed a group of 100 web servers in ...
- Question 173: A company wants to implement MFA. Which of the following ena...
- Question 174: A security analyst needs to perform periodic vulnerably scan...
- Question 175: An information security manager for an organization is compl...
- Question 176: A dynamic application vulnerability scan identified that cod...
- Question 177: A security team created a document that details the order in...
- Question 178: During a Chief Information Security Officer (CISO) conventio...
- Question 179: A network engineer created two subnets that will be used for...
- Question 180: Which of the following would a European company interested i...
- Question 181: A security engineer needs to create a network segment that c...
- Question 182: Which of the following techniques eliminates the use of rain...
- Question 183: The SIEM at an organization has detected suspicious traffic ...
- Question 184: A company recently suffered a breach in which an attacker wa...
- Question 185: A security manager needs to assess the security posture of o...
- Question 186: An organization has expanded its operations by opening a rem...
- Question 187: Which of the following incident response steps occurs before...
- Question 188: Following a prolonged datacenter outage that affected web-ba...
- Question 189: A threat actor was able to use a username and password to lo...
- Question 190: To further secure a company's email system, an administrator...
- Question 191: A small business office is setting up a wireless infrastruct...
- Question 192: Which of the following types of data are most likely to be s...
- Question 193: A security modern may have occurred on the desktop PC of an ...
- Question 194: An analyst is generating a security report for the managemen...
- Question 195: A university is opening a facility in a location where there...
- Question 196: A security analyst is investigating a malware incident at a ...
- Question 197: A security analyst has been tasked with ensuring all program...
- Question 198: A technician needs to apply a high-priority patch to a produ...
- Question 199: An organization has a growing workforce that is mostly drive...
- Question 200: The following are the logs of a successful attack. (Exhibit)...
- Question 201: In a rush to meet an end-of-year business goal, the IT depar...
- Question 202: An organization has developed an application that needs a pa...
- Question 203: An analyst is reviewing an incident in which a user clicked ...
- Question 204: A security manager runs Nessus scans of the network after ev...
- Question 205: A security analyst is responding to an alert from the SIEM. ...
- Question 206: An incident response technician collected a mobile device du...
- Question 207: A company is adopting a BYOD policy and is looking for a com...
- Question 208: A security engineer is installing a WAF to protect the compa...
- Question 209: Which of the following agreements defines response time, esc...
- Question 210: A security analyst discovers that a company username and pas...
- Question 211: An application developer accidentally uploaded a company's c...
- Question 212: A user reports trouble using a corporate laptop. The laptop ...
- Question 213: A Chief Security Officer (CSO) is concerned that cloud-based...
- Question 214: Which of the following are the BEST ways to implement remote...
- Question 215: A security analyst finds a rogue device during a monthly aud...
- Question 216: A company would like to provide flexibility for employees on...
- Question 217: n organization plans to transition the intrusion detection a...
- Question 218: Which of the following best describes a penetration test tha...
- Question 219: After a recent security breach, a security analyst reports t...
- Question 220: To mitigate the impact of a single VM being compromised by a...
- Question 221: The concept of connecting a user account across the systems ...
- Question 222: Which of the following would cause a Chief Information Secur...
- Question 223: A company needs to keep the fewest records possible, meet co...
- Question 224: An enterprise has hired an outside security firm to facilita...
- Question 225: A global pandemic is forcing a private organization to close...
- Question 226: A newly identified network access vulnerability has been fou...
- Question 227: A company recently implemented a patch management policy; ho...
- Question 228: A junior security analyst is conducting an analysis after pa...
- Question 229: A security analyst wants to fingerprint a web server. Which ...
- Question 230: A network administrator needs to determine the sequence of a...
- Question 231: A network administrator deployed a DNS logging tool that log...
- Question 232: A business uses Wi-Fi with content filtering enabled. An emp...
- Question 233: A security analyst is tasked with classifying data to be sto...
- Question 234: A security analyst is investigating some users who are being...
- Question 235: A cryptomining company recently deployed a new antivirus app...
- Question 236: Which of the following controls is used to make an organizat...
- Question 237: A systems administrator is troubleshooting a server's connec...
- Question 238: The chief compliance officer from a bank has approved a back...
- Question 239: As part of the building process for a web application, the c...
- Question 240: A Chief Security Office's (CSO's) key priorities are to impr...
- Question 241: A forensic analyst needs to prove that data has not been tam...
- Question 242: A security analyst needs to implement an MDM solution for BY...
- Question 243: Which of the following is a reason why an organization would...
- Question 244: A Chief Information Security Officer (CISO) wants to impleme...
- Question 245: A company wants to modify its current backup strategy to min...
- Question 246: Which of the following types of attacks is specific to the i...
- Question 247: A security analyst is working on a project to implement a so...
- Question 248: The Chief Executive Officer announced a new partnership with...
- Question 249: A company has drafted an insider-threat policy that prohibit...
- Question 250: During an incident, an EDR system detects an increase in the...
- Question 251: A systems analyst determines the source of a high number of ...
- Question 252: An organization implemented a process that compares the sett...
- Question 253: The Chief Security Officer (CSO) at a major hospital wants t...
- Question 254: A startup company is using multiple SaaS and IaaS platforms ...
- Question 255: Which of the following best represents an application that d...
- Question 256: A security researcher has alerted an organization that its s...
- Question 257: Users reported several suspicious activities within the last...
- Question 258: A security engineer is working to address the growing risks ...
- Question 259: Several employees return to work the day after attending an ...
- 1 commentQuestion 260: A network manager wants to protect the company's VPN by mult...
- Question 261: An organization's RPO for a critical system is two hours. Th...
- Question 262: A security analyst needs to produce a document that details ...
- Question 263: A Chief Security Officer (CSO) was notified that a customer ...
- Question 264: A recent security breach exploited software vulnerabilities ...
- Question 265: A recent phishing campaign resulted in several compromised u...
- Question 266: An information security officer at a credit card transaction...
- Question 267: A security engineer is reviewing the logs from a SAML applic...
- Question 268: A security analyst is concerned about traffic initiated to t...
- Question 269: A transitive trust:
- Question 270: A security administrator is integrating several segments ont...
- Question 271: Which of the follow ng disaster recovery sites is the most c...
- Question 272: Which of the following scenarios BEST describes a risk reduc...
- Question 273: Which of the following describes the exploitation of an inte...
- Question 274: An analyst is working on an email security incident in which...
- 1 commentQuestion 275: Which of the following BEST describes a social-engineering a...
- Question 276: An organization is having difficulty correlating events from...
- Question 277: Hackers recently attacked a company's network and obtained s...
- Question 278: During an internal penetration test, a security analyst iden...
- Question 279: An organization has decided to host its web application and ...
- Question 280: A security analyst is reviewing web-application logs and fin...
- Question 281: Which of the following are common VoIP-associated vulnerabil...
- Question 282: An organization's Chief Security Officer (CSO) wants to vali...
- Question 283: A company is receiving emails with links to phishing sites t...
- Question 284: A security engineer needs to enhance MFA access to sensitive...
- Question 285: Which of the following BEST describes a technique that compe...
- Question 286: During a forensic investigation, an analyst uses software to...
- Question 287: An IT security team is concerned about the confidentiality o...
- Question 288: The exploitation of a buffer-overrun vulnerability in an app...
- Question 289: Following a recent security breach, an analyst discovered th...
- Question 290: Which of the following BEST describes data streams that are ...
- Question 291: Which of the following is a common source of unintentional c...
- Question 292: A security analyst notices several attacks are being blocked...
- Question 293: A nationwide company is experiencing unauthorized logins at ...
- Question 294: A network administrator is concerned about users being expos...
- Question 295: Which of the following provides guidelines for the managemen...
- Question 296: A network administrator has been alerted that web pages are ...
- Question 297: Which of the following BEST describes the MFA attribute that...
- Question 298: Which of the following would be indicative of a hidden audio...
- Question 299: A user reports constant lag and performance issues with the ...
- Question 300: A security analyst needs to determine how an attacker was ab...
- Question 301: A SOC is implementing an in sider-threat-detection program. ...
- Question 302: Which of the following BEST describes the team that acts as ...
- Question 303: An organization blocks user access to command-line interpret...
- Question 304: Drag and Drop Question Leveraging the information supplied b...
- Question 305: The compliance team requires an annual recertification of pr...
- Question 306: Company engineers regularly participate in a public Internet...
- Question 307: A company Is planning to install a guest wireless network so...
- Question 308: A security analyst needs to implement security features acro...
- Question 309: Under GDPR, which of the following is MOST responsible for t...
- Question 310: While considering the organization's cloud-adoption strategy...
- Question 311: An organization wants to enable built-in FDE on all laptops....
- Question 312: During a security incident, the security operations team ide...
- Question 313: An IT manager is estimating the mobile device budget for the...
- Question 314: When implementing automation with loT devices, which of the ...
- Question 315: An attacker replaces a digitally signed document with anothe...
- Question 316: An employee recently resigned from a company. The employee w...
- Question 317: A security analyst is reviewing SIEM logs during an ongoing ...
- Question 318: A security administrator has discovered that workstations on...
- Question 319: A security analyst wants to fingerprint a web server. Which ...
- Question 320: A large financial services firm recently released informatio...
- Question 321: The marketing department at a retail company wants to publis...
- Question 322: A security administrator checks the table of a network switc...
- Question 323: A company's public-facing website, https://www.organization....
- Question 324: A customer service representative reported an unusual text m...
- Question 325: An enterprise needs to keep cryptographic keys in a safe man...
- Question 326: Multiple beaconing activities to a malicious domain have bee...
- Question 327: Hotspot Question The security administration has installed a...
- Question 328: A security analyst is investigating what appears to be unaut...
- Question 329: A company recently experienced an inside attack using a corp...
- Question 330: Which of the following is the MOST relevant security check t...
- Question 331: During a security incident investigation, an analyst consult...
- Question 332: An engineer is setting up a VDI environment for a factory lo...
- Question 333: An audit report indicates multiple suspicious attempts to ac...
- Question 334: Which of the following would be the BEST resource for a soft...
- Question 335: An organization wants to quickly assess how effectively the ...
- Question 336: A security administrator needs to publish multiple applicati...
- Question 337: An organization suffered numerous multiday power outages at ...
- Question 338: Phishing and spear-phishing attacks have been occurring more...
- Question 339: An attacker is attempting to exploit users by creating a fak...
- Question 340: A security operations center wants to implement a solution t...
- Question 341: A security engineer was assigned to implement a solution to ...
- Question 342: Which of the following processes will eliminate data using a...
- Question 343: A junior security analyst is reviewing web server logs and i...
- Question 344: A network administrator at a large organization Is reviewing...
- Question 345: A security analyst discovers several .jpg photos from a cell...
- Question 346: A company wants to improve end users' experiences when they ...
- Question 347: A security analyst needs to propose a remediation plan for e...
- Question 348: Drag and Drop Question A security engineer is setting up pas...
- Question 349: Which of the following is a difference between a DRP and a B...
- Question 350: Which of the following best describes a legal hold?...
- Question 351: A data administrator is configuring authentication for a Saa...
- Question 352: Which of the following provides a catalog of security and pr...
- Question 353: During an incident response process involving a laptop, a ho...
- Question 354: An administrator identifies some locations on the third floo...
- Question 355: A company is launching a website in a different country in o...
- Question 356: An organization suffered an outage and a critical system too...
- Question 357: Various stakeholders are meeting to discuss their hypothetic...
- Question 358: A small business uses kiosks on the sales floor to display p...
- Question 359: Which of the following terms should be included in a contrac...
- Question 360: A security architect at a large, multinational organization ...
- Question 361: A grocery store is expressing security and reliability conce...
- Question 362: The most recent vulnerability scan flagged the domain contro...
- Question 363: Joe. a security analyst, recently performed a network discov...
- Question 364: Which of the following function as preventive, detective, an...
- Question 365: A technician needs to prevent data loss in a laboratory. The...
- Question 366: During an engagement, penetration testers left USB keys that...
- Question 367: Which of the following is the final step of the incident res...
- Question 368: A security professional wants to enhance the protection of a...
- Question 369: A security analyst is designing the appropriate controls to ...
- Question 370: A cyber threat intelligence analyst is gathering data about ...
- Question 371: The president of a company that specializes in military cont...
- Question 372: A security analyst is reviewing a secure website that is gen...
- Question 373: A company wants to ensure that all employees in a given depa...
- Question 374: Which of the following examples would be best mitigated by i...
- Question 375: Which of the following controls would be the MOST cost-effec...
- Question 376: A security analyst is using OSINT to gather information to v...
- Question 377: Which of the following can be used to calculate the total lo...
- Question 378: Several universities are participating in a collaborative re...
- Question 379: An organization maintains several environments in which patc...
- Question 380: Customers reported their antivirus software flagged one of t...
- Question 381: A network administrator is setting up wireless access points...
- Question 382: A security analyst is working with a vendor to get a new Saa...
- Question 383: A manufacturing organization wants to control and monitor ac...
- Question 384: A user reset the password for a laptop but has been unable t...
- Question 385: An organization is concerned about hackers potentially enter...
- Question 386: An organization would like to give remote workers the abilit...
- Question 387: A security administrator is analyzing the corporate wireless...
- Question 388: A government organization is developing an advanced Al defen...
- Question 389: A security analyst is investigating an incident to determine...
- Question 390: A network technician is installing a guest wireless network ...
- Question 391: A company is looking to migrate some servers to the cloud to...
- Question 392: A security analyst notices an unusual amount of traffic hitt...
- Question 393: A company recently experienced a significant data loss when ...
- Question 394: A software company adopted the following processes before re...
- Question 395: Which of the following is most likely associated with introd...
- Question 396: An organization wants to implement a biometric system with t...
- Question 397: An attacker has successfully exfiltrated several non-salted ...
- Question 398: A security forensics analyst is examining a virtual server. ...
- Question 399: A company is implementing a new SIEM to log and send alerts ...
- Question 400: A financial analyst is expecting an email containing sensiti...
- Question 401: A company that provides an online streaming service made its...
- Question 402: A security analyst is receiving several alerts per user and ...
- Question 403: A security analyst discovers that a large number of employee...
- Question 404: A new company wants to avoid channel interference when build...
- Question 405: A small, local company experienced a ransomware attack. The ...
- Question 406: The Chief Information Security Officer wants to pilot a new ...
- Question 407: Which of the following describes the exploitation of an inte...
- Question 408: A security engineer has enabled two-factor authentication on...
- Question 409: Since a recent upgrade to a WLAN infrastructure, several mob...
- Question 410: While reviewing the wireless router, the systems administrat...
- Question 411: An organization with a low tolerance for user inconvenience ...
- Question 412: An internet company has created a new collaboration applicat...
- Question 413: A new vulnerability enables a type of malware that allows th...
- Question 414: Which of the following terms describes a broad range of info...
- Question 415: An attacker is trying to gain access by installing malware o...
- Question 416: A business operations manager is concerned that a PC that is...
- Question 417: As part of a company's ongoing SOC maturation process, the c...
- Question 418: A company is designing the layout of a new data center so it...
- Question 419: A large bank with two geographically dispersed data centers ...
- Question 420: Which of the following is a cryptographic concept that opera...
- Question 421: An employee has been charged with fraud and is suspected of ...
- Question 422: An attacker was easily able to log in to a company's securit...
- Question 423: A Chief Information Security Officer has defined resiliency ...
- Question 424: A security analyst is performing a packet capture on a serie...
- Question 425: Several users have opened tickets with the help desk. The he...
- Question 426: A company has had several malware incidents that have been t...
- Question 427: Two hospitals merged into a single organization. The privacy...
- Question 428: Stakeholders at an organization must be kept aware of any in...
- Question 429: A company was recently breached Part of the company's new cy...
- Question 430: Which of the following policies establishes rules to measure...
- Question 431: A company just developed a new web application for a governm...
- Question 432: A company is providing security awareness training regarding...
- Question 433: A hospital's administration is concerned about a potential l...
- Question 434: A company wants to deploy systems alongside production syste...
- Question 435: A workwide manufacturing company has been experiencing email...
- Question 436: The help desk has received calls from users in multiple loca...
- Question 437: A database administrator wants to grant access to an applica...
- Question 438: An organization's help desk is flooded with phone calls from...
- Question 439: Law enforcement officials sent a company a notification that...
- Question 440: A security engineer needs to Implement the following require...
- Question 441: Given the following logs: (Exhibit) Which of the following B...
- Question 442: Several users have opened tickets with the help desk. The he...
- Question 443: Physical access to the organization's servers in the data ce...
- Question 444: An IT security manager requests a report on company informat...
- Question 445: A security team discovered a large number of company-issued ...
- Question 446: Which of the following methods is the most effective for red...
- Question 447: A systems administrator wants to implement a backup solution...
- Question 448: A user wanted to catch up on some work over the weekend but ...
- Question 449: Which of the following can a security director use to priori...
- Question 450: A security engineer obtained the following output from a thr...
- Question 451: A cybersecurity analyst at Company A is working to establish...
- Question 452: Which of the following roles, according to the shared respon...
- Question 453: An analyst needs to set up a method for securely transferrin...
- Question 454: Which of the following are common VoIP-associated vulnerabil...
- Question 455: After a recent external audit, the compliance team provided ...
- Question 456: A security analyst has identified malware spreading through ...
- Question 457: A software developer needs to perform code-execution testing...
- Question 458: A security administrator needs to inspect in-transit files o...
- Question 459: An organization is concerned about hackers bypassing MFA thr...
- Question 460: A web application for a bank displays the following output w...
- Question 461: A user s laptop constantly disconnects from the Wi-Fi networ...
- Question 462: A user enters a username and a password at the login screen ...
- Question 463: Which of the following rales is responsible for defining the...
- Question 464: A security administrator currently spends a large amount of ...
- Question 465: A root cause analysis reveals that a web application outage ...
- Question 466: Employees are having issues accessing the company's website....
- Question 467: A security administrator needs to inspect in-transit files o...
- Question 468: Which of the following authentication methods sends out a un...
- Question 469: A recent vulnerability scan revealed multiple servers have n...
- Question 470: An organization experiences a cybersecurity incident involvi...
- Question 471: A large industrial system's smart generator monitors the sys...
- Question 472: On which of the following is the live acquisition of data fo...
- Question 473: A retail executive recently accepted a job with a major comp...
- Question 474: A security administrator is reviewing reports about suspicio...
- Question 475: A systems administrator is required to enforce MFA for corpo...
- Question 476: A company discovered that terabytes of data have been exfilt...
- Question 477: Which of the following actions would be recommended to impro...
- Question 478: A retail company that is launching a new website to showcase...
- Question 479: Which of the following is the most important security concer...
- Question 480: An organization discovered a disgruntled employee exfiltrate...
- Question 481: A security team suspects that the cause of recent power cons...
- Question 482: Historically, a company has had issues with users plugging i...
- Question 483: Which of the following would a security analyst use to deter...
- Question 484: To reduce and overhead, an organization wants to move from a...
- Question 485: After reading a security bulletin, a network security manage...
- Question 486: The security team received a report of copyright infringemen...
- Question 487: A customer has reported that an organization's website displ...
- Question 488: A security analyst discovers that one of the web APIs is bei...
- Question 489: An organization wants to ensure it can track changes between...
- Question 490: Which of the following tools is effective in preventing a us...
- Question 491: An amusement park is implementing a biometric system that va...
- Question 492: An incident has occurred in the production environment. Anal...
- Question 493: Which of the following is the BEST use of a WAF?...
- Question 494: A systems analyst is responsible for generating a new digita...
- Question 495: An organization would like to remediate the risk associated ...
- Question 496: During an investigation, the incident response team discover...
- Question 497: A user reports that a bank's website no longer displays a pa...
- Question 498: A company employee recently retired, and there was a schedul...
- Question 499: A new plug-and-play storage device was installed on a PC in ...
- Question 500: Which of the following security controls is used to isolate ...
- Question 501: A privileged user at a company stole several proprietary doc...
- Question 502: A large retail store's network was breached recently, and th...
- Question 503: Which of the following would be MOST effective to contain a ...
- Question 504: After a hardware incident, an unplanned emergency maintenanc...
- Question 505: In which of the following scenarios is tokenization the best...
- Question 506: A user downloaded an extension for a browser and the user's ...
- Question 507: A company has a flat network in the cloud. The company needs...
- Question 508: A user recent an SMS on a mobile phone that asked for bank d...
- Question 509: A user forwarded a suspicious email to the security team, Up...
- Question 510: A web server has been compromised due to a ransomware attack...
- Question 511: A company has installed badge readers for building access bu...
- Question 512: Which of the following is an algorithm performed to verify t...
- Question 513: A company's security team received notice of a critical vuln...
- Question 514: A large financial services firm recently released informatio...
- Question 515: A financial organization has adopted a new secure, encrypted...
- Question 516: An organization is developing a plan in the event of a compl...
- Question 517: A SOC operator is analyzing a log file that contains the fol...
- Question 518: A cloud administrator is configuring five compute instances ...
- Question 519: A large financial services firm recently released informatio...
- Question 520: Which of the following describes the ability of code to targ...
- Question 521: A network architect wants a server to have the ability to re...
- Question 522: An organization discovers that unauthorized applications hav...
- Question 523: A company is launching a new internet platform for its clien...
- Question 524: The new Chief Information Security Officer at a company has ...
- Question 525: A systems administrator works for a local hospital and needs...
- Question 526: Server administrators want to configure a cloud solution so ...
- Question 527: An organization routes all of its traffic through a VPN. Mos...
- Question 528: A security analyst needs to generate a server certificate to...
- Question 529: A systems administrator set up an automated process that che...
- Question 530: A report delivered to the Chief Information Security Officer...
- Question 531: Which of the following BEST describes when an organization u...
- Question 532: During a recent incident an external attacker was able to ex...
- Question 533: A Chief Executive Officer (CEO) is dissatisfied with the lev...
- Question 534: A company is working on mobile device security after a repor...
- Question 535: A host was infected with malware. During the incident respon...
- Question 536: On the way into a secure building, an unknown individual str...
- Question 537: A network engineer is troubleshooting wireless network conne...
- Question 538: Security analysts are conducting an investigation of an atta...
- Question 539: Which of the following best describes a threat actor who is ...
- Question 540: A company recently decided to allow employees to work remote...
- Question 541: An attacker is attempting, to harvest user credentials on a ...
- Question 542: Which of the following threat actors is MOST likely to be mo...
- Question 543: While investigating a data leakage incident a security analy...
- Question 544: Which of the following is the MOST effective control against...
- Question 545: A financial institution would like to store its customer dat...
- Question 546: A company's end users are reporting that they are unable to ...
- Question 547: Which of the following employee roles is responsible for pro...
- Question 548: A user attempts to load a web-based application, but the exp...
- Question 549: A security analyst wants to verify that a client-server (non...
- Question 550: Which of the following authentication methods is considered ...
- Question 551: A company is implementing a vendor's security tool in the cl...
- Question 552: A critical file server is being upgraded and the systems adm...
- Question 553: Which of the following best describes why a company would er...
- Question 554: An organization's corporate offices were destroyed due to a ...
- Question 555: An organization is building a single virtual environment tha...
- Question 556: Which of the following roles would MOST likely have direct a...
- Question 557: Which of the following control Types would be BEST to use in...
- Question 558: A website visitor is required to provide properly formatted ...
- Question 559: Which of the following tools can assist with detecting an em...
- Question 560: Hotspot Question A newly purchased corporate WAP needs to be...
- Question 561: Which of the following should a technician use to protect a ...
- Question 562: A security analyst has been reading about a newly discovered...
- Question 563: Which of the following can be used to detect a hacker who is...
- Question 564: An analyst visits an internet forum looking for information ...
- Question 565: Which of the following job roles would sponsor data quality ...
- Question 566: A security manager for a retailer needs to reduce the scope ...
- Question 567: A Chief Information Officer is concerned about employees usi...
- Question 568: Which of the following would BEST provide a systems administ...
- Question 569: A network analyst is investigating compromised corporate inf...
- Question 570: An analyst just discovered an ongoing attack on a host that ...
- Question 571: A security administrator has received multiple calls from th...
- Question 572: A software company adopted the following processes before re...
- Question 573: A manufacturing company has several one-off legacy informati...
- Question 574: An annual information security assessment has revealed that ...
- Question 575: A network engineer notices the VPN concentrator overloaded a...
- Question 576: A manufacturer creates designs for very high security produc...
- Question 577: During an investigation, events from two affected servers in...
- Question 578: A security administrator manages five on-site APs. Each AP u...
- Question 579: Which of the following concepts BEST describes tracking and ...
- Question 580: Which of the following serves to warn users against download...
- Question 581: A Chief Security Officer (CSO) has asked a technician to dev...
- Question 582: A security analyst was deploying a new website and found a c...
- Question 583: An employee finds a USB flash drive labeled "Salary Info" in...
- Question 584: A company is implementing MFA for all applications that stor...
- Question 585: A security analyst receives a SIEM alert that someone logged...
- Question 586: An auditor is performing an assessment of a security applian...
- Question 587: Which biometric error would allow an unauthorized user to ac...
- Question 588: An organization has activated an incident response plan due ...
- Question 589: A vendor needs to remotely and securely transfer files from ...
- Question 590: A security analyst is responding to a malware incident at a ...
- Question 591: A cybersecurity administrator needs to implement a Layer 7 s...
- Question 592: An administrator is configuring a firewall rule set for a su...
- Question 593: A backdoor was detected on the containerized application env...
- Question 594: Which of the following would be BEST for a technician to rev...
- Question 595: A news article states hackers have been selling access to Io...
- Question 596: A security engineer needs to implement an MDM solution that ...
- Question 597: A malicious actor recently penetration a company's network a...
- Question 598: A company is moving to new location. The systems administrat...
- Question 599: A security engineer is hardening existing solutions to reduc...
- Question 600: A security analyst is reviewing the following system command...
- Question 601: A security administrator installed a new web server. The adm...
- Question 602: A vulnerability scan returned the following results: - 2 Cri...
- Question 603: A company recently transitioned to a strictly BYOD culture d...
- Question 604: A company is designing the layout of a new datacenter so it ...
- Question 605: A security analyst reviews web server logs and notices the f...
- Question 606: A SOC is currently being outsourced. Which of the following ...
- Question 607: A security analyst needs an overview of vulnerabilities for ...
- Question 608: An enterprise has hired an outside security firm to conduct ...
- Question 609: An attacker was easily able to log in to a company's securit...
- Question 610: A company recently experienced a data breach and the source ...
