ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-601 All Questions

View all questions & answers for the SY0-601 exam
Go to Exam

Exam SY0-601 topic 1 question 650 discussion

Actual exam question from CompTIA's SY0-601
Question #: 650
Topic #: 1
[All SY0-601 Questions]

Joe, a user at a company, clicked an email link that led to a website that infected his workstation. Joe was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and it has continued to evade detection. Which of the following should a security administrator implement to protect the environment from this malware?

  • A. Install a definition-based antivirus.
  • B. Implement an IDS/IPS.
  • C. Implement a heuristic behavior-detection solution.
  • D. Implement CASB to protect the network shares.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by zits88 at Aug. 31, 2023, 5:53 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
DChilds
Highly Voted 1 year, 8 months ago
Selected Answer: C
Heuristic scanning (or analysis) Heuristic scanning does not rely on a virus dictionary. Instead, it looks for suspicious behavior—anything that does not fit into a “normal” pattern of behavior for the operating system (OS) and applications running on the system being protected. CompTIA Security+ All In One Exam Guide. C
upvoted 9 times
...
spearous
Most Recent 1 year, 1 month ago
Selected Answer: B
B, i think it is obvious. question is asking to "protect". however, none of rest option can protect, they can only detect.
upvoted 4 times
...
Geronemo
1 year, 2 months ago
Selected Answer: C
Given the scenario's emphasis on the malware evading detection and spreading through the network shares, the most appropriate option would be: C. Implement a heuristic behavior-detection solution. By implementing a solution that can detect suspicious behavior and activity, the security administrator can better identify and stop the malware's spread within the network, even if its signature is not known. This proactive approach can help mitigate the impact of the malware and prevent similar incidents in the future.
upvoted 1 times
...
_invalid_nickname
1 year, 2 months ago
Selected Answer: B
Heuristic behavior is already part of IDS/IPS. Plus the goal is to protect the environment, not just detect. We cannot assume what protective and detective controls were already in place before the virus spread.
upvoted 2 times
...
ganymede
1 year, 5 months ago
Selected Answer: C
C. Implement a heuristic behavior-detection solution. Both B and C are correct. There are IDS/IPS systems with heuristic Behavior detection capabilities.
upvoted 1 times
...
ComPCertOn
1 year, 7 months ago
Selected Answer: C
Too late for everything else
upvoted 4 times
...
Soleandheel
1 year, 7 months ago
Here is what Chatgpt has to say: B. Implement an IDS/IPS: An Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) are designed to detect and prevent suspicious or malicious network activity. They can identify anomalies and behavior that may indicate malware activity, even if the malware is new or previously unknown. Implementing an IDS/IPS can provide real-time monitoring and protection against threats like the one described. C. Implement a heuristic behavior-detection solution: Heuristic behavior detection solutions analyze the behavior of software or network traffic to identify anomalies or potential threats. While this approach can be effective, it may not be the best choice in this scenario, as it's already mentioned that protective measures have failed, and a more robust solution like an IDS/IPS is warranted.
upvoted 1 times
Ragingrnova_111
1 year, 6 months ago
Stop using ChatGPT. It is more often wrong than not and uses falsified or completely made up info.
upvoted 7 times
...
...
LinkinPark4evr
1 year, 9 months ago
Selected Answer: C
Heuristic-based solutions are particularly good for situations where signature or definition-based ones are just not cutting it.
upvoted 3 times
...
sujon_london
1 year, 10 months ago
Selected Answer: C
since the malware has evaded detection and spread to the network shares, it's important to consider more advanced security measures. While all of the options listed could play a role in enhancing security, the most suitable choice to protect the environment from this malware is:
upvoted 1 times
sujon_london
1 year, 10 months ago
Implement a heuristic behavior-detection solution.Heuristic behavior-detection solutions are designed to identify suspicious or malicious behavior patterns, even if specific virus definitions are not available. This approach can help detect new and unknown malware strains that may evade traditional antivirus solutions.
upvoted 1 times
...
...
zits88
1 year, 10 months ago
Selected Answer: D
I'm going D here, because the answer is always CASB. C, the suggested answer, does not seem right to me.
upvoted 1 times
CS3000
1 year, 10 months ago
nowhere in this question states that Joe's network is hosted in the cloud
upvoted 5 times
rline63
1 year, 9 months ago
I'm not an expert on this, so don't take my word as correct, but isn't network storage by definition a cloud? Like even if you own the network share and have it on-premise isn't it just a private cloud solution?
upvoted 1 times
iking
1 year, 9 months ago
Nope! Thats why its say network storage it always means local network, if its a cloud storage thats in the cloud. Im with C. Heuristic-based solutions
upvoted 4 times
...
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel