SY0-601 Online Practice Questions and Answers

Which of the following roles would MOST likely have direct access to the senior management team?

A. Data custodian

B. Data owner

C. Data protection officer

D. Data controller

A security analyst is reviewing a penetration-testing report from a third-party contractor. The penetration testers used the organization's new API to bypass a driver to perform privilege escalation on the organization's web servers. Upon looking at the API, the security analyst realizes the particular API call was to a legacy system running an outdated OS.

Which of the following is the MOST likely attack type?

A. Request forgery

B. Session replay

C. DLL injection

D. Shimming

A startup company is using multiple SaaS and IaaS platform to stand up a corporate infrastructure and build out a customer-facing web application. Which of the following solutions would be BEST to provide security, manageability, and visibility into the platforms?

A. SIEM

B. DLP

C. CASB

D. SWG

A company recently moved sensitive videos between on-premises. Company-owned websites. The company then learned the videos had been uploaded and shared to the internet. Which of the following would MOST likely allow the company to find the cause?

A. Checksums

B. Watermarks

C. Oder of volatility

D. A log analysis

E. A right-to-audit clause

The Chief Information Secunty Officer came across a news arbcle outining a mechan'sm thal allows certan OS passwords to be bypassed The security team was then tasked with determining which method could be used to prevent data loss in the corporate environment in case an attacker bypasses authentication Which of the following will accomplish this objective?

A. FDE

B. Proper patch management protocols

C. TPM

D. Input validations

Which of the following organizations sets frameworks and controls for optimal security configuration on systems?

A. ISO

B. GDPR

C. PCI DSS

D. NIST

A security administrator would like to ensure all cloud servers will have software preinstalled for facilitating vulnerability scanning and continuous monitoring. Which of the following concepts should the administrator utilize?

A. Provisioning

B. Staging

C. Quality assurance

A Chief Information Security Officer (CISO) wants to explicitly raise awareness about the increase of ransomware-as-a-service in a report to the management team. Which of the following best describes the threat actor in the CISO's report?

A. Insider threat

B. Hacktivist

C. Nation-state

D. Organized crime

During a forensic investigation, an analyst uses software to create a checksum of the affected subject's email file. Which of the following is the analyst practicing?

A. Chain of custody

B. Data recovery

C. Non-repudiation

D. Integrity

DRAG DROP

A data owner has been tasked with assigning proper data classifications and destruction methods for various types of data contained within the environment.

Select and Place: