Exam SY0-601 All QuestionsBrowse all questions from this exam
Question 400

A security analyst is concerned about traffic initiated to the dark web from the corporate LAN. Which of the following networks should the analyst monitor?

    Correct Answer: C

    Tor is an overlay network known for facilitating anonymous communication and is often associated with accessing the dark web. Monitoring the Tor network will help detect any unauthorized or suspicious traffic originating from the corporate LAN towards the dark web.

Discussion
rf18

Hi guys i passed my exam today i had 80 questions in exam the majority were from here my advice is to pay attention to details and meomrizing the questions isnt enouph bce they might twisted anyway goodluck to everyone ;) you can do it

KidVN

Thanks for sharing :)

JT4

Just passed the exam with a score of 800 on 10/28/23. About 90% of the questions are from here. This question is on the exam.

ComPCertOn

Amazing news, Thanks man, taking the exam on Friday

ComPCertOn

Congrats!!

Jibz18Option: C

Tor (Keyword: dark web)

ApplebeesWaiter1122Option: C

The Tor network, also known as the dark web, is an overlay network that enables anonymous communication over the internet. It is commonly used to access websites and services that are not indexed by traditional search engines and are known for hosting illicit activities. Monitoring the traffic initiated to the Tor network can help detect any unauthorized or suspicious activity originating from the corporate LAN.

[Removed]Option: A

Guys, seeing the Darknet may push you to the Tor browser option. But the suspicion here is data leakage from the local network to the darknet. If there was a leak from the local network, it was probably via SFTP. For this reason, examining SFTP logs would be a more accurate approach. Do you think you are in a corporate company?

Dapsie

SFTP is a protocol and not a network. The question is about which of the networks the SA will be studying. They are merely using words to create some confusion. The only network in the list is TOR

DWISE1Option: D

Threat Feeds Enable organizations to stay informed about indicators of compromise (IoCs) related to various threats that could adversely affect the network.