An organization wants seamless authentication to its applications. Which of the following should the organization employ to meet this requirement?
A. SOAP
B. SAML
C. SSO
D. Kerberos
A major clothing company recently lost a large amount of proprietary information. The security officer must find a solution to ensure this never happens again. Which of the following is the BEST technical implementation to prevent this from happening again?
A. Configure DLP solutions
B. Disable peer-to-peer sharing
C. Enable role-based access controls.
D. Mandate job rotation
E. Implement content filters
A security analyst must enforce policies to harden an MDM infrastructure. The requirements are as follows:
1.
Ensure mobile devices can be tracked and wiped.
2.
Confirm mobile devices are encrypted.
Which of the following should the analyst enable on all the devices to meet these requirements?
A. Geofencing
B. Biometric authentication
C. Geolocation
D. Geotagging
A security researcher is tracking an adversary by noting its attacks and techniques based on its capabilities, infrastructure, and victims. Which of the following is the researcher MOST likely using?
A. The Diamond Mode! of Intrusion Analysis
B. The Cyber Kill Chain e
C. The MITRE CVE database
D. The incident response process
Aconbgany uses a drone for precise perimeter and boundary monitoring. Which of the following should be MOST conceming to the company?
A. Privacy
B. Cloud storage of telemetry data
C. GPS spoofing
D. Weather events
If a current private key is compromised, which of the following would ensure it cannot be used to decrypt all historical data?
A. Perfect forward secrecy
B. Elliptic-curve cryptography
C. Key stretching
D. Homomorphic encryption
An enterpnse has hired an outside security firm to facilitate penetration testing on its network and applications. The firm has agreed to pay for each vulnerability that ts discovered. Which of the following BEST represents the type of testing that is being used?
A. White-box
B. Red-leam
C. Bug bounty
D. Gray-box
E. Black-box
Which of the following disaster recovery tests is the LEAST time consuming for the disaster recovery team?
A. Tabletop
B. Parallel
C. Full interruption
D. Simulation
A security analyst is investigating multiple hosts that are communicating to external IP addresses during the hours of 2:00 a.m - 4:00 am. The malware has evaded detection by traditional antivirus software. Which of the following types of malware is MOST likely infecting the hosts?
A. A RAT
B. Ransomware
C. Polymophic
D. A worm
A security researcher has alerted an organization that its sensitive user data was found for sale on a website. Which of the following should the organization use to inform the affected parties?
A. An incident response plan
B. A communications plan
C. A business continuity plan
D. A disaster recovery plan
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-601 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.