Exam SY0-601 topic 1 question 697 discussion

Hey guys I passed this exam this week and scored over 800/900 Let's me take a brief: - all 3 PBQ (interact questions) => so learn it carefully - all question in this dump, no new question - with 50/50 question just pick one base on your opinion, you don't need these question to be correct to pass the exam (only 1-2 question / 79 questions with 50/50 chance ?) - review all question at least 2 times and you good to go good luck guys

Would you not ensure the scan engine is running correctly before documenting as a false positive??

will go with D. Although A is one of next steps to check, D is the very next step that we need to document to avoid confusion.

i was thinking about A but since the indication was a false positive and there is no need to reconfigure or make sure the settings. If it ain't broke don't fix it ! right? so going with D.

False Positive: This is a result that indicates a given condition has been fulfilled when it actually has not been fulfilled. In this case, the vulnerability scan flagged a critical vulnerability on the domain controller, but the administrator discovered that the domain controller does not run the associated application with the vulnerability. This indicates that the vulnerability alert is likely a false positive.

document this as a false positive

By researching the Common Vulnerabilities and Exposures (CVE) entry for the flagged vulnerability, the administrator can gain more insight into the nature of the vulnerability, affected software/applications, and conditions under which the vulnerability would be applicable. This would help in confirming whether the vulnerability is indeed not applicable to the domain controller and whether it's a false positive.

First of all, document this as a false positive.

the most immediate action is to document the finding as a false positive (Option D), but further steps should also be considered to ensure the security and accuracy of the environment

Document first then fine tune the scanner.