A systems administrator wants to implement a backup solution. The solution needs to allow recovery of the entire system, including the operating system, in case of a disaster. Which of the following backup types should the administrator consider?
A. Incremental
B. Storage area network
C. Differential
D. Image
An administrator is investigating an incident and discovers several users
A security analyst discovers that a large number of employee credentials had been stolen and were being sold on the dark web. The analyst investigates and discovers that some hourly employee credentials were compromised, but salaried employee credentials were not affected.
Most employees clocked in and out while they were inside the building using one of the kiosks connected to the network. However, some clocked out and recorded their time after leaving to go home. Only those who clocked in and out while inside the building had credentials stolen. Each of the kiosks are on different floors, and there are multiple routers, since the business segments environments for certain business functions.
Hourly employees are required to use a website called acmetimekeeping.com to clock in and out. This website is accessible from the internet. Which of the following is the most likely reason for this compromise?
A. A brute-force attack was used against the time-keeping website to scan for common passwords.
B. A malicious actor compromised the time-keeping website with malicious code using an unpatched vulnerability on the site, stealing the credentials.
C. The internal DNS servers were poisoned and were redirecting acmetimekeeping.com to a malicious domain that intercepted the credentials and then passed them through to the real site.
D. ARP poisoning affected the machines in the building and caused the kiosks to send a copy of all the submitted credentials to a malicious machine.
The Chief Information Security Officer of an organization needs to ensure recovery from ransomware would likely occur within the organization's agreed-upon RPOs and RTOs. Which of the following backup scenarios would best ensure recovery?
A. Hourly differential backups stored on a local SAN array
B. Daily full backups stored on premises in magnetic offline media
C. Daily differential backups maintained by a third-party cloud provider
D. Weekly full backups with daily incremental stored on a NAS drive
A company is currently utilizing usernames and passwords, and it wants to integrate an MFA method that is seamless, can integrate easily into a user's workflow, and can utilize employee-owned devices. Which of the following will meet these requirements?
A. Push notifications
B. Phone call
C. Smart card
D. Offline backup codes
Since a recent upgrade to a WLAN infrastructure, several mobile users have been unable to access the internet from the lobby. The networking team performs a heat map survey of the building and finds several WAPs in the area. The WAPs are using similar frequencies with high power settings. Which of the following installation considerations should the security team evaluate next?
A. Channel overlap
B. Encryption type
C. New WLAN deployment
D. WAP placement
A security administrator needs to publish multiple application URLs that will run on different internal web servers but use only one external IP address. Which of the following is the best way for the administrator to achieve this goal?
A. Jump server
B. Reverse proxy
C. MAC filtering
D. Source NAT
Which of the following is the first step to take when creating an anomaly detection process?
A. Selecting events
B. Building a baseline
C. Selecting logging options
D. Creating an event log
When a newly developed application was tested, a specific internal resource was unable to be accessed. Which of the following should be done to ensure the application works correctly?
A. Modify the allow/deny list for those specific resources.
B. Follow the secure coding practices for the internal resource.
C. Configure the application in a sandbox environment.
D. Utilize standard network protocols.
Which of the following best describes why the SMS OTP authentication method is more risky to implement than the TOTP method?
A. The SMS OTP method requires an end user to have an active mobile telephone service and SIM card.
B. Generally, SMS OTP codes are valid for up to 15 minutes, while the TOTP time frame is 30 to 60 seconds.
C. The SMS OTP is more likely to be intercepted and lead to unauthorized disclosure of the code than the TOTP method.
D. The algorithm used to generate an SMS OTP code is weaker than the one used to generate a TOTP code.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-601 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.