ExamGecko
Login
Home / CompTIA / SY0-601 / List of questions
Ask Question

CompTIA SY0-601 Practice Test - Questions Answers, Page 15

Add to Whishlist

List of questions

Question 141

Report Export Collapse

A security manager needs to assess the security posture of one of the organization's vendors. The contract with the vendor does not allow for auditing of the vendor's security controls. Which of (he following should the manager request to complete the assessment?

Become a Premium Member for full access
  Unlock Premium Member

Question 142

Report Export Collapse

A security administrator has discovered that workstations on the LAN are becoming infected with malware. The cause of the infections appears to be users receiving phishing emails that are bypassing the current email-filtering technology. As a result, users are being tricked into clicking on malicious URLs, as no internal controls currently exist in the environment to evaluate their safety. Which of the following would be BEST to implement to address the issue?

Become a Premium Member for full access
  Unlock Premium Member

Question 143

Report Export Collapse

A company's public-facing website, https://www.organization.com, has an IP address of 166.18.75.6. However, over the past hour the SOC has received reports of the site's homepage displaying incorrect information. A quick nslookup search shows hitps://;www.organization.com is pointing to 151.191.122.115. Which of the following is occurring?

Become a Premium Member for full access
  Unlock Premium Member

Question 144

Report Export Collapse

A dynamic application vulnerability scan identified code injection could be performed using a web form. Which of the following will be BEST remediation to prevent this vulnerability?

Become a Premium Member for full access
  Unlock Premium Member

Question 145

Report Export Collapse

A Chief information Officer is concerned about employees using company-issued laptops to steal data when accessing network shares Which of the following should the company implement?

Become a Premium Member for full access
  Unlock Premium Member

Question 146

Report Export Collapse

A junior security analyst is reviewing web server logs and identifies the following pattern in the log file:

CompTIA SY0-601 image Question 137 98227 10022024175359000000

Which ol the following types of attacks is being attempted and how can it be mitigated?

Become a Premium Member for full access
  Unlock Premium Member

Question 147

Report Export Collapse

A security analyst has been tasked with creating a new WiFi network for the company. The requirements received by the analyst are as follows:

β€’ Must be able to differentiate between users connected to WiFi

β€’ The encryption keys need to change routinely without interrupting the users or forcing reauthentication

β€’ Must be able to integrate with RADIUS

β€’ Must not have any open SSIDs

Which of the following options BEST accommodates these requirements?

Become a Premium Member for full access
  Unlock Premium Member

Question 148

Report Export Collapse

Employees at a company are receiving unsolicited text messages on their corporate cell phones. The unsolicited text messages contain a password reset Link. Which of the attacks is being used to target the company?

Become a Premium Member for full access
  Unlock Premium Member

Question 149

Report Export Collapse

Which of the following involves the inclusion of code in the main codebase as soon as it is written?

Become a Premium Member for full access
  Unlock Premium Member

Question 150

Report Export Collapse

An information security manager for an organization is completing a PCI DSS self-assessment for the first time. which of the is following MOST likely reason for this type of assessment?

Become a Premium Member for full access
  Unlock Premium Member
Total 603 questions
Go to page: of 61
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A security analyst notices an unusual amount of traffic hitting the edge of the network. Upon examining the logs, the analyst identifies a source IP address and blocks that address from communicating with the network. Even though the analyst is blocking this address, the attack is still ongoing and coming from a large number of different source IP addresses. Which of the following describes this type of attack?
A desktop support technician recently installed a new document-scanning software program on a computer. However, when the end user tried to launch the program, it did not respond. Which of the following is MOST likely the cause?
Which Of the following will provide the best physical security countermeasures to Stop intruders? (Select two).
Which of the following can be used to calculate the total loss expected per year due to a threat targeting an asset?
A penetration tester was able to compromise a host using previously captured network traffic. Which of the following is the result of this action?
A candidate attempts to go to but accidentally visits http://comptiia.org . The malicious website looks exactly like the legitimate website. Which of the following best describes this type of attack?
Which of the following is a solution that can be used to stop a disgruntled employee from copying confidential data to a USB drive?
one of the attendees starts to notice delays in the connection. and the HTTPS site requests are reverting to HTTP. Which of the following BEST describes what is happening?
DRAG DROP A data owner has been tasked with assigning proper data classifications and destruction methods for various types of data contained within the environment.
A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system Which of the following would detect this behavior?