Home / CompTIA / SY0-601

Question list

List of questions

Question 1

(0)

DRAG DROP A data owner has been tasked with assigning proper data classifications and destruction methods for various types of data contained within the environment.

Question 2

(0)

DRAG DROP A security engineer is setting up passwordless authentication for the first time. INSTRUCTIONS Use the minimum set of commands to set this up and verify that it works. Commands cannot b

Question 3

(0)

DRAG DROP Leveraging the information supplied below, complete the CSR for the server to set up TLS (HTTPS) • Hostname: ws01 • Domain: comptia.org • IPv4: 10.1.9.50 • IPV4: 10.2.10.50 • Root: h

Question 4

(0)

DRAG DROP An attack has occurred against a company. INSTRUCTIONS You have been tasked to do the following: Identify the type of attack that is occurring on the network by clicking on the attacke

Question 5

(0)

HOTSPOT You received the output of a recent vulnerability assessment. Review the assessment and scan output and determine the appropriate remedialion(s} 'or «ach dewce. Remediation options may be

Question 6

(0)

HOTSPOT Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation. INSTRUCTIONS Not all attacks and remediation acti

Question 7

(0)

HOTSPOT An incident has occurred in the production environment. Analyze the command outputs and identify the type of compromise. If at any time you would like to bring back the initial state of t

Question 8

(0)

HOTSPOT The security administrator has installed a new firewall which implements an implicit DENY policy by default. INSTRUCTIONS Click on the firewall and configure it to allow ONLY the

Question 9

(0)

HOTSPOT You are security administrator investigating a potential infection on a network. Click on each host and firewall. Review all logs to determine which host originated the Infecton and then d

Question 10

(0)

A company has discovered unauthorized devices are using its WiFi network, and it wants to harden the access point to improve security. Which f the following configuration should an analysis enable T

Question 530 - SY0-601 discussion

A security architect at a large, multinational organization is concerned about the complexities and overhead of managing multiple encryption keys securely in a multicioud provider environment. The security architect is looking for a solution with reduced latency to allow the incorporation of the organization's existing keys and to maintain consistent, centralized control and management regardless of the data location. Which of the following would best meet the architect's objectives?

Trusted Platform Module

laaS

HSMaas

PaaS

Suggested answer: C

Explanation:

HSMaas stands for Hardware Security Module as a Service, which is a cloud-based service that provides secure and scalable key management and cryptographic operations for data encryption and decryption. HSMaas allows the organization to use its own keys or generate new ones, and to control and manage them centrally regardless of where the data is stored or processed. HSMaas also reduces the latency and complexity of managing multiple encryption keys across different cloud providers, as well as the cost and maintenance of deploying physical HSM devices.

A. Trusted Platform Module. This is not the correct answer, because a Trusted Platform Module (TPM) is a hardware chip that provides secure storage and generation of cryptographic keys on a device, such as a laptop or a server. A TPM does not offer a cloud-based solution for key management and encryption across multiple cloud providers.

B. laaS. This is not the correct answer, because laaS stands for Infrastructure as a Service, which is a cloud computing model that provides virtualized computing resources, such as servers, storage, and networks, over the internet. laaS does not provide a specific solution for key management and encryption across multiple cloud providers.

C. HSMaas. This is the correct answer, because HSMaas stands for Hardware Security Module as a Service, which is a cloud-based service that provides secure and scalable key management and cryptographic operations for data encryption and decryption across multiple cloud providers.

D. PaaS. This is not the correct answer, because PaaS stands for Platform as a Service, which is a cloud computing model that provides a platform for developing and deploying applications over the internet. PaaS does not provide a specific solution for key management and encryption across multiple cloud providers.

Reference: HSM as a Service (HSMaaS) | Encryption Consulting, What Is Hardware Security Module (HSM)? | Thales.

Show Answer

asked 02/10/2024

Hendrik Woldhuis

50 questions

Your answer: A B C D

0 comments

Sorted by