Questions for the SY0-601 were updated on : Nov 29 ,2024
A multinational organization that offers web-based services has datacenters that are located only in the United States; however, a large number of its customers are in Australia, Europe, and China. Payments for services are managed by a third party in the United Kingdom that specializes in payment gateways. The management team is concerned the organization is not compliant with privacy laws that cover some of its customers. Which of the following frameworks should the management team follow?
a
Security analysts notice a server login from a user who has been on vacation for two weeks. The analysts confirm that the user did not log in to the system while on vacation. After reviewing packet capture logs, the analysts notice the following:
Which of the following occurred?
c
A database administrator needs to ensure all passwords are stored in a secure manner, so the administrator adds randomly generated data to each password before storing.
Which of the following techniques BEST explains this action?
c
The website http://companywebsite.com requires users to provide personal information, including security question responses, for registration. Which of the following would MOST likely cause a data breach?
c
A security analyst is configuring a large number of new company-issued laptops. The analyst received the following requirements:
The devices will be used internationally by staff who travel extensively.
Occasional personal use is acceptable due to the travel requirements.
Users must be able to install and configure sanctioned programs and productivity suites.
The devices must be encrypted.
The devices must be capable of operating in low-bandwidth environments.
Which of the following would provide the GREATEST benefit to the security posture of the devices?
d
In which of the following risk management strategies would cybersecurity insurance be used?
a
A security analyst is scanning a company's public network and discovers a host is running a remote desktop that can be used to access the production network. Which of the following changes should the security analyst recommend?
b
In which of the following common use cases would steganography be employed?
a
Which of the following examples would be best mitigated by input sanitization?
a
A security analyst is reviewing the following command-line output:
Which of the following is the analyst observing?
a