Free SY0-601 Exam Braindumps

- (Exam Topic 6)
Per company security policy, IT staff members are required to have separate credentials to perform administrative functions using just-in-time permissions. Which of the following solutions is the company Implementing?

1. A. Privileged access management
2. B. SSO
3. C. RADIUS
4. D. Attribute-based access control

Correct Answer: A

- (Exam Topic 6)
As part of annual audit requirements, the security team performed a review of exceptions to the company policy that allows specific users the ability to use USB storage devices on their laptops The review yielded the following results.
• The exception process and policy have been correctly followed by the majority of users
• A small number of users did not create tickets for the requests but were granted access
• All access had been approved by supervisors.
• Valid requests for the access sporadically occurred across multiple departments.
• Access, in most cases, had not been removed when it was no longer needed
Which of the following should the company do to ensure that appropriate access is not disrupted but unneeded access is removed in a reasonable time frame?

1. A. Create an automated, monthly attestation process that removes access if an employee's supervisor denies the approval
2. B. Remove access for all employees and only allow new access to be granted if the employee's supervisor approves the request
3. C. Perform a quarterly audit of all user accounts that have been granted access and verify the exceptions with the management team
4. D. Implement a ticketing system that tracks each request and generates reports listing which employees actively use USB storage devices

Correct Answer: C

- (Exam Topic 6)
Which of the following should customers who are involved with Ul developer agreements be concerned with when considering the use of these products on highly sensitive projects?

1. A. Weak configurations
2. B. Integration activities
3. C. Unsecure user accounts
4. D. Outsourced code development

Correct Answer: A
Customers who are involved with Ul developer agreements should be concerned with weak configurations when considering the use of these products on highly sensitive projects. Weak configurations can lead to security vulnerabilities, which can be exploited by malicious actors. It is important to ensure that all configurations are secure and up-to-date in order to protect sensitive data. Source: UL

- (Exam Topic 3)
A security auditor is reviewing vulnerability scan data provided by an internal security team. Which of the following BEST indicates that valid credentials were used?

1. A. The scan results show open ports, protocols, and services exposed on the target host
2. B. The scan enumerated software versions of installed programs
3. C. The scan produced a list of vulnerabilities on the target host
4. D. The scan identified expired SSL certificates

Correct Answer: B

- (Exam Topic 3)
An organization's RPO for a critical system is two hours. The system is used Monday through Friday, from 9:00 am to 5:00 pm. Currently, the organization performs a full backup every Saturday that takes four hours to complete. Which of the following additional backup implementations would be the BEST way for the analyst to meet the business requirements?

1. A. Incremental backups Monday through Friday at 6:00 p.m and differential backups hourly
2. B. Full backups Monday through Friday at 6:00 p.m and incremental backups hourly.
3. C. incremental backups Monday through Friday at 6:00 p.m and full backups hourly.
4. D. Full backups Monday through Friday at 6:00 p.m and differential backups hourly.

Correct Answer: A