SY0-601 Online Practice Questions and Answers

An employee, receives an email stating he won the lottery. The email includes a link that requests a name, mobile phone number, address, and date of birth be provided to confirm employee's identity before sending him the prize. Which of the following BEST describes this type of email?

A. Spear phishing

B. Whaling

C. Phishing

D. Vishing

When used at the design stage, which of the following improves the efficiency, accuracy, and speed of a database?

A. Tokenization

B. Data masking

C. Normalization

D. Obfuscation

The Chief Information Secunty Officer came across a news arbcle outining a mechan'sm thal allows certan OS passwords to be bypassed The security team was then tasked with determining which method could be used to prevent data loss in the corporate environment in case an attacker bypasses authentication Which of the following will accomplish this objective?

A. FDE

B. Proper patch management protocols

C. TPM

D. Input validations

Which of the following uses SAML for authentication?

A. TOTP

B. Federation

C. Kerberos

D. HOTP

A security analyst is receiving several alerts per user and is trying to determine If various logins are malicious. The security analyst would like to create a baseline of normal operations and reduce noise. Which of the following actions should the security analyst perform?

A. Adjust the data flow from authentication sources to the SIEM.

B. Disable email alerting and review the SIEM directly.

C. Adjust the sensitivity levels of the SIEM correlation engine.

D. Utilize behavioral analysis to enable the SIEM's learning mode.

A user reset the password for a laptop but has been unable to log in to it since then. In addition, several unauthorized emails were sent on the user's behalf recently. The security team investigates the issue and identifies the following findings:

Firewall logs show excessive traffic from the laptop to an external site.

Unknown processes were running on the laptop.

RDP connections that appeared to be authorized were made to other network devices from the laptop.

High bandwidth utilization alerts from that user's username.

Which of the following is most likely installed on the laptop?

A. Worm

B. Keylogger

C. Trojan

D. Logic bomb

A security team is engaging a third-party vendor to do a penetration test of a new proprietary application prior to its release. Which of the following documents would the third-party vendor most likely be required to review and sign?

A. SLA

B. NDA

C. MOU

D. AUP

A company reduced the area utilized in its data center by creating virtual networking through automation and by creating provisioning routes and rules through scripting. Which of the following does this example describe?

A. IaC

B. MSSP

C. Containers

D. SaaS

A penetration-testing firm is working with a local community bank to create a proposal that best fits the needs of the bank. The bank's information security manager would like the penetration test to resemble a real attack scenario, but it cannot afford the hours required by the penetration-testing firm. Which of the following would best address the bank's desired scenario and budget?

A. Engage the penetration-testing firm's rea-team services to fully mimic possible attackers.

B. Give the penetration tester data diagrams of core banking applications in a known-environment test.

C. Limit the scope of the penetration test to only the system that is used for teller workstations.

D. Provide limited networking details in a partially known-environment test to reduce reconnaissance efforts.

While considering the organization's cloud-adoption strategy, the Chief Information Security Officer sets a goal to outsource patching of firmware, operating systems, and applications to the chosen cloud vendor. Which of the following best meets this goal?

A. Community cloud

B. PaaS

C. Containerization

D. Private cloud

E. SaaS

F. IaaS