ExamGecko
Login
Home / CompTIA / SY0-601 / List of questions
Ask Question

CompTIA SY0-601 Practice Test - Questions Answers, Page 15

List of questions

Question 141

Report Export Collapse

A security manager needs to assess the security posture of one of the organization's vendors. The contract with the vendor does not allow for auditing of the vendor's security controls. Which of (he following should the manager request to complete the assessment?

A service-level agreement
A service-level agreement
A business partnership agreement
A business partnership agreement
A SOC 2 Type 2 report
A SOC 2 Type 2 report
A memorandum of understanding
A memorandum of understanding
Suggested answer: C
Explanation:

SOC 2 (Service Organization Control 2) is a type of audit report that evaluates the controls of service providers to verify their compliance with industry standards for security, availability, processing integrity, confidentiality, and privacy. A Type 2 report is based on an audit that tests the effectiveness of the controls over a period of time, unlike a Type 1 report which only evaluates the design of the controls at a specific point in time.

A SOC 2 Type 2 report would provide evidence of the vendor's security controls and how effective they are over time, which can help the security manager assess the vendor's security posture despite the vendor not allowing for a direct audit.

The security manager should request a SOC 2 Type 2 report to assess the security posture of the vendor. Reference: CompTIA Security+ Study Guide: Exam SY0-601, Chapter 5

asked 02/10/2024
Tural Pashayev
33 questions

Question 142

Report Export Collapse

A security administrator has discovered that workstations on the LAN are becoming infected with malware. The cause of the infections appears to be users receiving phishing emails that are bypassing the current email-filtering technology. As a result, users are being tricked into clicking on malicious URLs, as no internal controls currently exist in the environment to evaluate their safety. Which of the following would be BEST to implement to address the issue?

Forward proxy
Forward proxy
HIDS
HIDS
Awareness training
Awareness training
A jump server
A jump server
IPS
IPS
Suggested answer: C
Explanation:

Awareness training should be implemented to educate users on the risks of clicking on malicious URLs. Reference: CompTIA Security+ Study Guide: Exam SY0-601, Chapter 9

asked 02/10/2024
Eissa Abdulrahman Eissa
38 questions

Question 143

Report Export Collapse

A company's public-facing website, https://www.organization.com, has an IP address of 166.18.75.6. However, over the past hour the SOC has received reports of the site's homepage displaying incorrect information. A quick nslookup search shows hitps://;www.organization.com is pointing to 151.191.122.115. Which of the following is occurring?

DoS attack
DoS attack
ARP poisoning
ARP poisoning
DNS spoofing
DNS spoofing
NXDOMAIN attack
NXDOMAIN attack
Suggested answer: C
Explanation:

The issue is DNS spoofing, where the DNS resolution has been compromised and is pointing to a malicious IP address. Reference: CompTIA Security+ Study Guide: Exam SY0-601, Chapter 7

asked 02/10/2024
Corey Rivers
43 questions

Question 144

Report Export Collapse

A dynamic application vulnerability scan identified code injection could be performed using a web form. Which of the following will be BEST remediation to prevent this vulnerability?

Implement input validations
Implement input validations
Deploy MFA
Deploy MFA
Utilize a WAF
Utilize a WAF
Configure HIPS
Configure HIPS
Suggested answer: A
Explanation:

Implementing input validations will prevent code injection attacks by verifying the type and format of user input. Reference: CompTIA Security+ Study Guide: Exam SY0-601, Chapter 8

asked 02/10/2024
Gaurav Nayak
47 questions

Question 145

Report Export Collapse

A Chief information Officer is concerned about employees using company-issued laptops to steal data when accessing network shares Which of the following should the company implement?

DLP
DLP
CASB
CASB
HIDS
HIDS
EDR
EDR
UEFI
UEFI
Suggested answer: A
Explanation:

Detailed Data Loss Prevention (DLP) can help prevent employees from stealing data by monitoring and controlling access to sensitive data. DLP can also detect and block attempts to transfer sensitive data outside of the organization, such as via email, file transfer, or cloud storage.

Reference: CompTIA Security+ Study Guide: Exam SY0-601, Chapter 10: Managing Identity and Access, p. 465

asked 02/10/2024
Ivan Galir
52 questions

Question 146

Report Export Collapse

A junior security analyst is reviewing web server logs and identifies the following pattern in the log file:

CompTIA SY0-601 image Question 137 98227 10022024175359000000

Which ol the following types of attacks is being attempted and how can it be mitigated?

XSS. mplement a SIEM
XSS. mplement a SIEM
CSRF. implement an IPS
CSRF. implement an IPS
Directory traversal implement a WAF
Directory traversal implement a WAF
SQL infection, mplement an IDS
SQL infection, mplement an IDS
Suggested answer: C
Explanation:

Detailed The attack being attempted is directory traversal, which is a web application attack that allows an attacker to access files and directories outside of the web root directory. A WAF can help mitigate this attack by detecting and blocking attempts to access files outside of the web root directory.

Reference: CompTIA Security+ Study Guide: Exam SY0-601, Chapter 4: Securing Application Development and Deployment, p. 191

asked 02/10/2024
Maurizio Budicin
35 questions

Question 147

Report Export Collapse

A security analyst has been tasked with creating a new WiFi network for the company. The requirements received by the analyst are as follows:

• Must be able to differentiate between users connected to WiFi

• The encryption keys need to change routinely without interrupting the users or forcing reauthentication

• Must be able to integrate with RADIUS

• Must not have any open SSIDs

Which of the following options BEST accommodates these requirements?

WPA2-Enterprise
WPA2-Enterprise
WPA3-PSK
WPA3-PSK
802.11n
802.11n
WPS
WPS
Suggested answer: A
Explanation:

Detailed WPA2-Enterprise can accommodate all of the requirements listed. WPA2-Enterprise uses 802.1X authentication to differentiate between users, supports the use of RADIUS for authentication, and allows for the use of dynamic encryption keys that can be changed without disrupting the users or requiring reauthentication. Additionally, WPA2-Enterprise does not allow for open SSIDs.

Reference: CompTIA Security+ Study Guide: Exam SY0-601, Chapter 7: Securing Networks, p. 317

asked 02/10/2024
Reza Mirabrishami
44 questions

Question 148

Report Export Collapse

Employees at a company are receiving unsolicited text messages on their corporate cell phones. The unsolicited text messages contain a password reset Link. Which of the attacks is being used to target the company?

Phishing
Phishing
Vishing
Vishing
Smishing
Smishing
Spam
Spam
Suggested answer: C
Explanation:

Smishing is a type of phishing attack which begins with an attacker sending a text message to an individual. The message contains social engineering tactics to convince the person to click on a malicious link or send sensitive information to the attacker. Criminals use smishing attacks for purposes like:

Learn login credentials to accounts via credential phishing

Discover private data like social security numbers

Send money to the attacker

Install malware on a phone

Establish trust before using other forms of contact like phone calls or emails

Attackers may pose as trusted sources like a government organization, a person you know, or your bank. And messages often come with manufactured urgency and time-sensitive threats. This can make it more difficult for a victim to notice a scam.

Phone numbers are easy to spoof with VoIP texting, where users can create a virtual number to send and receive texts. If a certain phone number is flagged for spam, criminals can simply recycle it and use a new one.

asked 02/10/2024
Jaimie Lloyd
43 questions

Question 149

Report Export Collapse

Which of the following involves the inclusion of code in the main codebase as soon as it is written?

Continuous monitoring
Continuous monitoring
Continuous deployment
Continuous deployment
Continuous Validation
Continuous Validation
Continuous integration
Continuous integration
Suggested answer: D
Explanation:

Detailed Continuous Integration (CI) is a practice where developers integrate code into a shared repository frequently, preferably several times a day. Each integration is verified by an automated build and automated tests. CI allows for the detection of errors early in the development cycle, thereby reducing overall development costs.

asked 02/10/2024
Echo Wind
30 questions

Question 150

Report Export Collapse

An information security manager for an organization is completing a PCI DSS self-assessment for the first time. which of the is following MOST likely reason for this type of assessment?

An international expansion project is currently underway.
An international expansion project is currently underway.
Outside consultants utilize this tool to measure security maturity.
Outside consultants utilize this tool to measure security maturity.
The organization is expecting to process credit card information.
The organization is expecting to process credit card information.
A government regulator has requested this audit to be completed
A government regulator has requested this audit to be completed
Suggested answer: C
Explanation:

PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. Any organization that accepts credit card payments is required to comply with PCI DSS.

asked 02/10/2024
Renata Maria DA SILVA
48 questions
Total 603 questions
Go to page: of 61
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A security analyst notices an unusual amount of traffic hitting the edge of the network. Upon examining the logs, the analyst identifies a source IP address and blocks that address from communicating with the network. Even though the analyst is blocking this address, the attack is still ongoing and coming from a large number of different source IP addresses. Which of the following describes this type of attack?
A desktop support technician recently installed a new document-scanning software program on a computer. However, when the end user tried to launch the program, it did not respond. Which of the following is MOST likely the cause?
Which Of the following will provide the best physical security countermeasures to Stop intruders? (Select two).
Which of the following can be used to calculate the total loss expected per year due to a threat targeting an asset?
A penetration tester was able to compromise a host using previously captured network traffic. Which of the following is the result of this action?
A candidate attempts to go to but accidentally visits http://comptiia.org . The malicious website looks exactly like the legitimate website. Which of the following best describes this type of attack?
Which of the following is a solution that can be used to stop a disgruntled employee from copying confidential data to a USB drive?
one of the attendees starts to notice delays in the connection. and the HTTPS site requests are reverting to HTTP. Which of the following BEST describes what is happening?
DRAG DROP A data owner has been tasked with assigning proper data classifications and destruction methods for various types of data contained within the environment.
A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system Which of the following would detect this behavior?