Online Access Free SY0-601 Practice Test

An email security vendor recently added a retroactive alert after discovering a phishing email had already been delivered to an inbox. Which of the following would be the best way for the security administrator to address this type of alert in the future?

• A.Ingest the alerts into a SIEM to correlate with delivered messages.
• B.Delay all emails until the retroactive alerts are received.
• C.Manually remove the phishing emails when alerts arrive.
• D.Utilize a SOAR playbook to remove the phishing message.

A security consultant needs secure, remote access to a client environment. Which of the following should the security consultant most likely use to gain access?

• A.NAT
• B.IPSec
• C.EAP
• D.DHCP

A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts. Which of the following security practices would have addressed the issue?

• A.A non-disclosure agreement
• B.An acceptable use policy
• C.Least privilege
• D.Off boarding

A malicious actor recently penetrated a company's network and moved laterally to the data center Upon investigation a forensics firm wants to know what was in the memory on the compromised server Which of the following files should be given to the forensics firm?

• A.Security
• B.Application
• C.Syslog
• D.Dump

Which of the following threat actors is most likely to be motivated by ideology?

• A.Disgruntled employee
• B.Script kiddie
• C.Criminal syndicate
• D.Business competitor
• E.Hacktivist