A vulnerability assessment report will include the CVSS score of the discovered vulnerabilities because the score allows the organization to better.
A. validate the vulnerability exists in the organization's network through penetration testing
B. research the appropriate mitigation techniques in a vulnerability database
C. find the software patches that are required to mitigate a vulnerability
D. prioritize remediation of vulnerabilities based on the possible impact.
A privileged user at a company stole several proprietary documents from a server. The user also went into the log files and deleted all records of the incident. The systems administrator has Just informed investigators that other log files are available for review.
Which of the following did the administrator MOST likely configure that will assist the investigators?
A. Memory dumps
B. The syslog server
C. The application logs
D. The log retention policy
An analyst needs to set up a method for securely transferring files between systems. One of the requirements is to authenticate the IP header and the payload. Which of the following services would BEST meet the criteria?
A. TLS
B. PFS
C. ESP
D. AH
A company has drafted an insider-threat policy that prohibits the use of external storage devices. Which of the following would BEST protect the company from data exfiltration via removable media?
A. Monitoring large data transfer transactions in the firewall logs
B. Developing mandatory training to educate employees about the removable media policy
C. Implementing a group policy to block user access to system files
D. Blocking removable-media devices and write capabilities using a host-based security tool
Which of the following BEST describes a security exploit for which a vendor patch is not readily available?
A. Integer overflow
B. Zero-day
C. End of life
D. Race condition
Which of the following incident response steps involves actions to protect critical systems while maintaining business operations?
A. Investigation
B. Containment
C. Recovery
D. Lessons learned
Which of the following BEST explains the reason why a server administrator would place a document named password.txt on the desktop of an administrator account on a server?
A. The document is a honeyfile and is meant to attract the attention of a cyberintruder.
B. The document is a backup file if the system needs to be recovered.
C. The document is a standard file that the OS needs to verify the login credentials.
D. The document is a keylogger that stores all keystrokes should the account be compromised.
An organization suffered an outage and a critical system took 90 minutes to come back online. Though there was no data loss during the outage, the expectation was that the critical system would be available again within 60 minutes Which of the following is the 60- minute expectation an example of:
A. MTBF
B. RPO
C. MTTR
D. RTO
A systems administrator needs to implement an access control scheme that will allow an object's access policy to be determined by its owner. Which of the following access control schemes BEST fits the requirements?
A. Role-based access control
B. Discretionary access control
C. Mandatory access control
D. Attribute-based access control
Which of the following would be BEST to establish between organizations that have agreed cooperate and are engaged in early discussion to define the responsibilities of each party, but do not want to establish a contractually binding agreement?
A. An SLA
B. An NDA
C. A BPA
D. An MOU
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-601 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.