ExamGecko
Search Search Login
Home Home / CompTIA / SY0-601

CompTIA SY0-601 Practice Test - Questions Answers, Page 3

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A security analyst notices an unusual amount of traffic hitting the edge of the network. Upon examining the logs, the analyst identifies a source IP address and blocks that address from communicating with the network. Even though the analyst is blocking this address, the attack is still ongoing and coming from a large number of different source IP addresses. Which of the following describes this type of attack?
HOTSPOT You received the output of a recent vulnerability assessment. Review the assessment and scan output and determine the appropriate remedialion(s} 'or «ach dewce. Remediation options may be selected multiple times, and some devices may require more than one remediation. If at any time you would like to biing bade the initial state ot the simulation, please dick me Reset All button.
A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system Which of the following would detect this behavior?
A company is adding a clause to its AUP that states employees are not allowed to modify the operating system on mobile devices. Which of the following vulnerabilities is the organization addressing?
Which of the following threat actors is most likely to be motivated by ideology?
Which Of the following vulnerabilities is exploited an attacker Overwrite a reg-ister with a malicious address that changes the execution path?
Which Of the following will provide the best physical security countermeasures to Stop intruders? (Select two).
Which of the following would most likely include language prohibiting end users from accessing personal email from a company device?
A police department is using the cloud to share information city officials Which of the cloud models describes this scenario?
Which of the following is a solution that can be used to stop a disgruntled employee from copying confidential data to a USB drive?

Question 21

Report
Export
Collapse

Which of the following environments can be stood up in a short period of time, utilizes either dummy data or actual data, and is used to demonstrate and model system capabilities and functionality for a fixed, agreed-upon duration of time?

A.
PoC
A.
PoC
Answers
B.
Production
B.
Production
Answers
C.
Test
C.
Test
Answers
D.
Development
D.
Development
Answers
Suggested answer: A

Explanation:

A proof of concept (PoC) environment can be stood up quickly and is used to demonstrate and model system capabilities and functionality for a fixed, agreed-upon duration of time. This environment can utilize either dummy data or actual data. Reference: CompTIA Security+ Certification Guide, Exam SY0-501

Question 22

Report
Export
Collapse

After segmenting the network, the network manager wants to control the traffic between the segments. Which of the following should the manager use to control the network traffic?

A.
A DMZ
A.
A DMZ
Answers
B.
A VPN a
B.
A VPN a
Answers
C.
A VLAN
C.
A VLAN
Answers
D.
An ACL
D.
An ACL
Answers
Suggested answer: D

Explanation:

After segmenting the network, a network manager can use an access control list (ACL) to control the traffic between the segments. An ACL is a set of rules that permit or deny traffic based on its characteristics, such as the source and destination IP addresses, protocol type, and port number.

Reference: CompTIA Security+ Certification Guide, Exam SY0-501

Question 23

Report
Export
Collapse

A security researcher is tracking an adversary by noting its attacks and techniques based on its capabilities, infrastructure, and victims. Which of the following is the researcher MOST likely using?

A.
The Diamond Model of Intrusion Analysis
A.
The Diamond Model of Intrusion Analysis
Answers
B.
The Cyber Kill Chain
B.
The Cyber Kill Chain
Answers
C.
The MITRE CVE database
C.
The MITRE CVE database
Answers
D.
The incident response process
D.
The incident response process
Answers
Suggested answer: A

Explanation:

The Diamond Model is a framework for analyzing cyber threats that focuses on four key elements:

adversary, capability, infrastructure, and victim. By analyzing these elements, security researchers can gain a better understanding of the threat landscape and develop more effective security strategies.

Question 24

Report
Export
Collapse

A security engineer needs to create a network segment that can be used for servers thal require connections from untrusted networks. Which of the following should the engineer implement?

A.
An air gap
A.
An air gap
Answers
B.
A hot site
B.
A hot site
Answers
C.
A VUAN
C.
A VUAN
Answers
D.
A screened subnet
D.
A screened subnet
Answers
Suggested answer: D

Explanation:

A screened subnet is a network segment that can be used for servers that require connections from untrusted networks. It is placed between two firewalls, with one firewall facing the untrusted network and the other facing the trusted network. This setup provides an additional layer of security by screening the traffic that flows between the two networks. Reference: CompTIA Security+ Certification Guide, Exam SY0-501

Question 25

Report
Export
Collapse

one of the attendees starts to notice delays in the connection. and the HTTPS site requests are reverting to HTTP. Which of the following BEST describes what is happening?

A.
Birthday collision on the certificate key
A.
Birthday collision on the certificate key
Answers
B.
DNS hacking to reroute traffic
B.
DNS hacking to reroute traffic
Answers
C.
Brute force to the access point
C.
Brute force to the access point
Answers
D.
A SSL/TLS downgrade
D.
A SSL/TLS downgrade
Answers
Suggested answer: D

Explanation:

The scenario describes a Man-in-the-Middle (MitM) attack where the attacker intercepts traffic and downgrades the secure SSL/TLS connection to an insecure HTTP connection. This type of attack is commonly known as SSL/TLS downgrade attack or a stripping attack. The attacker is able to see and modify the communication between the client and server.

Question 26

Report
Export
Collapse

A major clothing company recently lost a large amount of proprietary information. The security officer must find a solution to ensure this never happens again. Which of the following is the BEST technical implementation to prevent this from happening again?

A.
Configure DLP solutions
A.
Configure DLP solutions
Answers
B.
Disable peer-to-peer sharing
B.
Disable peer-to-peer sharing
Answers
C.
Enable role-based
C.
Enable role-based
Answers
D.
Mandate job rotation
D.
Mandate job rotation
Answers
E.
Implement content filters
E.
Implement content filters
Answers
Suggested answer: A

Explanation:

Data loss prevention (DLP) solutions can prevent the accidental or intentional loss of sensitive data. DLP tools can identify and protect sensitive data by classifying and categorizing it, encrypting it, or blocking it from being transferred outside the organization's network.

Question 27

Report
Export
Collapse

The spread of misinformation surrounding the outbreak of a novel virus on election day led to eligible voters choosing not to take the risk of going the polls. This is an example of:

A.
prepending.
A.
prepending.
Answers
B.
an influence campaign.
B.
an influence campaign.
Answers
C.
a watering-hole attack.
C.
a watering-hole attack.
Answers
D.
intimidation.
D.
intimidation.
Answers
E.
information elicitation.
E.
information elicitation.
Answers
Suggested answer: B

Explanation:

This scenario describes an influence campaign, where false information is spread to influence or manipulate people's beliefs or actions. In this case, the misinformation led eligible voters to avoid polling places, which influenced the outcome of the election.

Question 28

Report
Export
Collapse

A company is required to continue using legacy software to support a critical service. Which of the following BEST explains a risk of this practice?

A.
Default system configuration
A.
Default system configuration
Answers
B.
Unsecure protocols
B.
Unsecure protocols
Answers
C.
Lack of vendor support
C.
Lack of vendor support
Answers
D.
Weak encryption
D.
Weak encryption
Answers
Suggested answer: C

Explanation:

One of the risks of using legacy software is the lack of vendor support. This means that the vendor may no longer provide security patches, software updates, or technical support for the software. This leaves the software vulnerable to new security threats and vulnerabilities that could be exploited by attackers.

Question 29

Report
Export
Collapse

A security researcher has alerted an organization that its sensitive user data was found for sale on a website. Which of the following should the organization use to inform the affected parties?

A.
A An incident response plan
A.
A An incident response plan
Answers
B.
A communications plan
B.
A communications plan
Answers
C.
A business continuity plan
C.
A business continuity plan
Answers
D.
A disaster recovery plan
D.
A disaster recovery plan
Answers
Suggested answer: B

Explanation:

The organization should use a communications plan to inform the affected parties. A communications plan is a document that outlines how an organization will communicate with internal and external stakeholders during a crisis or incident. It should include details such as who will be responsible for communicating with different stakeholders, what channels will be used to communicate, and what messages will be communicated.

An incident response plan is a document that outlines the steps an organization will take to respond to a security incident or data breach. A business continuity plan is a document that outlines how an organization will continue to operate during and after a disruption. A disaster recovery plan is a document that outlines how an organization will recover its IT infrastructure and data after a disaster.

Question 30

Report
Export
Collapse

A company wants to modify its current backup strategy to modify its current backup strategy to minimize the number of backups that would need to be restored in case of data loss. Which of the following would be the BEST backup strategy

A.
Incremental backups followed by differential backups
A.
Incremental backups followed by differential backups
Answers
B.
Full backups followed by incremental backups
B.
Full backups followed by incremental backups
Answers
C.
Delta backups followed by differential backups
C.
Delta backups followed by differential backups
Answers
D.
Incremental backups followed by delta backups
D.
Incremental backups followed by delta backups
Answers
E.
Full backup followed by different backups
E.
Full backup followed by different backups
Answers
Suggested answer: B

Explanation:

The best backup strategy for minimizing the number of backups that need to be restored in case of data loss is full backups followed by incremental backups. This strategy allows for a complete restoration of data by restoring the most recent full backup followed by the most recent incremental backup. Reference: CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) page 126

Total 603 questions
Go to page: of 61
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms