Exam SY0-601 All QuestionsBrowse all questions from this exam
Go to Exam
Question 295

The Chief Executive Officer (CEO) of an organization would like staff members to have the flexibility to work from home anytime during business hours, including during a pandemic or crisis. However, the CEO is concerned that some staff members may take advantage of the flexibility and work from high-risk countries while on holiday or outsource work to a third-party organization in another country. The Chief Information Officer (CIO) believes the company can implement some basic controls to mitigate the majority of the risk. Which of the following would be BEST to mitigate the CEO's concerns? (Choose two.)

    Correct Answer: A, C

    To mitigate the CEO's concerns effectively, both geolocation and certificates should be implemented. Geolocation can restrict access based on the physical location of the employees, ensuring they do not work from high-risk countries. Certificates can authenticate devices, ensuring that only authorized devices can connect to the company's network, which helps to prevent employees from outsourcing work to third-party organizations.

Discussion
560examOptions: AB

The correct answer is AB imo. Geolocation , Time of day restriction.

[Removed]

I agree with AB

demianUYOptions: AC

Most people chose AB, but I believe that is incorrect. The question presents TWO issues to address: 1) Ensuring that employees do not work from a high-risk country while on vacation. 2) Preventing employees from outsourcing their work. The Geolocation answer addresses the first concern of the CISO, which is to prevent employees from working from other countries or high-risk countries. The other chosen answer (time of day restrictions) does not address the second concern of the CISO. Therefore, among the remaining answers, the only one that seems to address that concern is certificate-based authentication, which would allow only authorized devices with the installed certificate to work and connect to the company, preventing a third party from doing so.

klinkklonk

Geolocation prevents high risk countries and outsourcing. The CEO wants work done only during business hours also. So it's AB

LinkinTheStinkin

It's A & B ... "work from home anytime during business hours,"

RobDocOptions: AC

I think is A and C A) Geolocation: this would help in restricting access based on the physical location. C) Certificates: This can help mitigate the risk of unauthorized access, especially from third-party organizations. How does "Time of day restriction" address the concern of preventing employees from outsourcing work to a third-party organization?

bb6a612

I thought so too, but it states that the third-party is located in another country, so that falls under geolocation.

ApplebeesWaiter1122Options: AB

A. Geolocation: Implementing geolocation controls can help restrict access based on the physical location of the users. By defining approved locations or blocking high-risk countries, the organization can ensure that remote work is limited to authorized regions. B. Time-of-day restrictions: Enforcing time-of-day restrictions can limit remote access to specific business hours or predefined timeframes. This control ensures that employees cannot work from any location outside of designated working hours.

sarah2023

Isn't this the defenition of Geofencing though?

Afel_Null

Geolocating is just determining location via GPS. Geofencing is actively blocking access based on GPS. Geotagging is adding geographical information to other data. Geofencing would be better, but we don't have that as an answer.

ballap

If Geolocating is just "determining a location" it isn"t a security measure is it. We can"t just use this coz geofencing isn't there. If anyone can explain how geolocation is a security measure, please explain

user82Options: BF

Chatgpt says B and F. When I pressed further it said A could also be an answer but the best two answers are B and F.

shaneo007Options: AF

Answer A. Geolocation F. Role-based access controls

maynasOptions: BF

answers are B and F. B. Time-of-day restrictions: Implementing time-of-day restrictions would allow the organization to define specific business hours during which staff members are allowed to work from home. Outside of these hours, remote access could be limited or restricted entirely, reducing the likelihood of staff members working from high-risk countries during non-business hours or while on holiday. F. Role-based access controls: Role-based access controls (RBAC) would help the organization control and limit the activities that staff members can perform based on their roles and responsibilities. By defining appropriate access rights and permissions for each role, the CEO can ensure that staff members do not have the ability to outsource work to third-party organizations or perform tasks that are beyond their designated responsibilities.

MALEKMALAHIOptions: AC

Geolocation can prevent employees from working from high-risk countries or unauthorized locations. Certificates can authenticate the employee's device, ensuring that only approved devices (and thereby, presumably, employees) can access company systems. This helps mitigate the risk of employees outsourcing work to third-party organizations in other countries.

NetworkTester1235Options: AB

AB. Reasoning: The CEO wants staff to be able to work from home "anytime during business hours", and away from "high-risk countries". Time of day restriction fits with B, Geolocation fits with the location.

_deleteme_Options: AC

Key words "high risk country" and "Outsource work to a 3rd party". Geolocation covers the high risk country and would also include the time and day of the country. Certificates takes care of making sure the work is not outsourced because it binds to the users ID.

6809276Options: AC

AC because the CEO allow "anytime of day" which eliminate time of day restriction.

64d2259

" anytime during business hours" Business hours are not the same depending on your time zome

klinkklonkOptions: AB

Geolocation to stop outsourcing. Time ODR as the CEO only wants people working during business hours.

TheExileOptions: AC

Geolocation will prevent users from operating inside high risk countries and certificates will prevent the outsourcing of work to 3rd party organizations.

Teleco0997Options: AB

this question is also a few pages before a bit differently worded agreed it is A and B

sujon_londonOptions: AB

These two are priority basis over others

MyBJ

Answer is C & E. The risks are "...work from high-risk countries while on holiday or outsource work to a third-party organization in another country." The first issue will be addressed by Geotagging and the outsourcing risk will definitely be prevented by validating the certificates.

workhardOptions: AB

I agree that AB is the answer. The reason why I chose B (Time-of-day restrictions) is that the CEO would like people to work from home anytime DURING BUSINESS HOURS, which makes sense because having people connecting to the corporate network 24/7 could create the need for more security monitoring and become expensive for the company if they dont need people working outside business hours.

AmesCB

your selections do not address the fact that they can outsource work to a third-party organization in another country. what if the third party org works within their business hours?

Afel_Null

That's what geolocation is for. The only other option is access control, but how exactly is it going to stop someone from sending data to other firm to work on it, then send results? You'd need to use thin-clients, or VDI with restricted access.