Free SY0-601 Exam Dumps

Question 206

A Chief Information Security Officer (CISO) needs to create a policy set that meets international standards for data privacy and sharing. Which of the following should the CISO read and understand before writing the policies?

A. PCI DSS
B. GDPR
C. NIST
D. ISO 31000

Correct Answer:B

Question 207

Which of the following should be put in place when negotiating with a new vendor about the timeliness of the response to a significant outage or incident?

A. MOU
B. MTTR
C. SLA
D. NDA

Correct Answer:C

Question 208

Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?

A. An attacker is sniffing traffic to port 53, and the server is managed using unencrypted usernames and passwords.
B. An organization is experiencing excessive traffic on port 53 and suspects an attacker is trying to DoS the domain name server.
C. Malware trying to resolve an unregistered domain name to determine if it is running in an isolated sandbox
D. Routing tables have been compromised, and an attacker is rerouting traffic to malicious websites

Correct Answer:D

Question 209

A company is setting up a web server on the Internet that will utilize both encrypted and unencrypted
web-browsing protocols. A security engineer runs a port scan against the server from the Internet and sees the following output:
Which of the following steps would be best for the security engineer to take NEXT?

A. Allow DNS access from the internet.
B. Block SMTP access from the Internet
C. Block HTTPS access from the Internet
D. Block SSH access from the Internet.

Correct Answer:D

Question 210

A security researcher is attempting to gather data on the widespread use of a Zero-day exploit. Which of the following will the researcher MOST likely use to capture this data?

A. A DNS sinkhole
B. A honeypot
C. A vulnerability scan
D. cvss

Correct Answer:B