CompTIA SY0-601 Practice Test - Questions Answers, Page 23

List of questions
Question 221

Which of Ihe following control types is patch management classified under?
Question 222

A new security engineer has started hardening systems. One o( the hardening techniques the engineer is using involves disabling remote logins to the NAS. Users are now reporting the inability lo use SCP to transfer files to the NAS, even though the data is still viewable from the users' PCs. Which of the following is the MOST likely cause of this issue?
Question 223

A Chief Information Security Officer (CISO) is evaluating the dangers involved in deploying a new ERP system for the company. The CISO categorizes the system, selects the controls that apply to the system, implements the controls, and then assesses the success of the controls before authorizing the system. Which of the following is the CISO using to evaluate the environment for this new ERP system?
Question 224

The findings in a consultant's report indicate the most critical risk to the security posture from an incident response perspective is a lack of workstation and server investigation capabilities. Which of the following should be implemented to remediate this risk?
Question 225

The management team has requested that the security team implement 802.1X into the existing wireless network setup. The following requirements must be met:
β’ Minimal interruption to the end user
β’ Mutual certificate validation
Which of the following authentication protocols would meet these requirements?
Question 226

Which of the following describes where an attacker can purchase DDoS or ransomware services?
Question 227

A digital forensics team at a large company is investigating a case in which malicious code was downloaded over an HTTPS connection and was running in memory, but was never committed to disk. Which of the following techniques should the team use to obtain a sample of the malware binary?
Question 228

A security administrator is managing administrative access to sensitive systems with the following requirements:
β’ Common login accounts must not be used for administrative duties.
β’ Administrative accounts must be temporal in nature.
β’ Each administrative account must be assigned to one specific user.
β’ Accounts must have complex passwords.
" Audit trails and logging must be enabled on all systems.
Which of the following solutions should the administrator deploy to meet these requirements? (Give
Explanation and Reference from CompTIA Security+ SY0-601 Official Text Book and Resources)
Question 229

Physical access to the organization's servers in the data center requires entry and exit through multiple access points: a lobby, an access control vestibule, three doors leading to the server floor itself and eventually to a caged area solely for the organization's hardware. Which of the following controls is described in this scenario?
Question 230

Which of the following procedures would be performed after the root cause of a security incident has been identified to help avoid future incidents from occurring?
Question