ExamGecko
Home / CompTIA / SY0-601 / List of questions
Ask Question

CompTIA SY0-601 Practice Test - Questions Answers, Page 4

Add to Whishlist

List of questions

Question 31

Report Export Collapse

Which of the following is the MOST secure but LEAST expensive data destruction method for data that is stored on hard drives?

Pulverizing
Pulverizing
Shredding
Shredding
Incinerating
Incinerating
Degaussing
Degaussing
Suggested answer: B
Explanation:

Shredding may be the most secure and cost-effective way to destroy electronic data in any media that contain hard drives or solid-state drives and have reached their end-of-life1. Shredding reduces electronic devices to pieces no larger than 2 millimeters2. Therefore, shredding is the most secure but least expensive data destruction method for data that is stored on hard drives.

asked 02/10/2024
Kushantha Gunawardana
56 questions

Question 32

Report Export Collapse

A security analyst is investigating multiple hosts that are communicating to external IP addresses during the hours of 2:00 a.m - 4:00 am. The malware has evaded detection by traditional antivirus software. Which of the following types of malware is MOST likely infecting the hosts?

A RAT
A RAT
Ransomware
Ransomware
Polymophic
Polymophic
A worm
A worm
Suggested answer: A
Explanation:

Based on the given information, the most likely type of malware infecting the hosts is a RAT (Remote Access Trojan). RATs are often used for stealthy unauthorized access to a victim's computer, and they can evade traditional antivirus software through various sophisticated techniques. In particular, the fact that the malware is communicating with external IP addresses during specific hours suggests that it may be under the control of an attacker who is issuing commands from a remote location. Ransomware, polymorphic malware, and worms are also possible culprits, but the context of the question suggests that a RAT is the most likely answer.

asked 02/10/2024
Muhanad Mohamed
38 questions

Question 33

Report Export Collapse

Which of the following would be BEST for a technician to review to determine the total risk an organization can bear when assessing a "cloud-first" adoption strategy?

Risk matrix
Risk matrix
Risk tolerance
Risk tolerance
Risk register
Risk register
Risk appetite
Risk appetite
Suggested answer: B
Explanation:

To determine the total risk an organization can bear, a technician should review the organization's risk tolerance, which is the amount of risk the organization is willing to accept. This information will help determine the organization's "cloud-first" adoption strategy. Reference: CompTIA Security+ Certification Exam Objectives (SY0-601)

asked 02/10/2024
Joseph Martin
34 questions

Question 34

Report Export Collapse

Which of the following cryptographic concepts would a security engineer utilize while implementing non-repudiation? (Select TWO)

Block cipher
Block cipher
Hashing
Hashing
Private key
Private key
Perfect forward secrecy
Perfect forward secrecy
Salting
Salting
Symmetric keys
Symmetric keys
Suggested answer: B, C
Explanation:

Non-repudiation is the ability to ensure that a party cannot deny a previous action or event. Cryptographic concepts that can be used to implement non-repudiation include hashing and digital signatures, which use a private key to sign a message and ensure that the signature is unique to the signer. Reference: CompTIA Security+ Certification Exam Objectives (SY0-601)

asked 02/10/2024
Pises Cuptintorn
44 questions

Question 35

Report Export Collapse

A security analyst notices several attacks are being blocked by the NIPS but does not see anything on the boundary firewall logs. The attack seems to have been thwarted Which of the following resiliency techniques was applied to the network to prevent this attack?

NIC Teaming
NIC Teaming
Port mirroring
Port mirroring
Defense in depth
Defense in depth
High availability
High availability
Geographic dispersal
Geographic dispersal
Suggested answer: C
Explanation:

Defense in depth is a resiliency technique that involves implementing multiple layers of security controls to protect against different types of threats. In this scenario, the NIPS likely provided protection at a different layer than the boundary firewall, demonstrating the effectiveness of defense in depth. Reference: CompTIA Security+ Certification Exam Objectives (SY0-601)

asked 02/10/2024
Seth Frizzell
44 questions

Question 36

Report Export Collapse

Which of the following isa risk that is specifically associated with hesting applications iin the public cloud?

Unsecured root accounts
Unsecured root accounts
Zero day
Zero day
Shared tenancy
Shared tenancy
Insider threat
Insider threat
Suggested answer: C
Explanation:

When hosting applications in the public cloud, there is a risk of shared tenancy, meaning that multiple organizations are sharing the same infrastructure. This can potentially allow one tenant to access another tenant's data, creating a security risk. Reference: CompTIA Security+ Certification Exam Objectives (SY0-601)

asked 02/10/2024
Mark Wingate
34 questions

Question 37

Report Export Collapse

A company is required to continue using legacy software to support a critical service. Which of the following BEST explains a risk of this practice?

Default system configuration
Default system configuration
Unsecure protocols
Unsecure protocols
Lack of vendor support
Lack of vendor support
Weak encryption
Weak encryption
Suggested answer: C
Explanation:

Using legacy software to support a critical service poses a risk due to lack of vendor support. Legacy software is often outdated and unsupported, which means that security patches and upgrades are no longer available. This can leave the system vulnerable to exploitation by attackers who may exploit known vulnerabilities in the software to gain unauthorized access to the system.

Reference: CompTIA Security+ Study Guide, Exam SY0-601, Chapter 1: Attacks, Threats, and Vulnerabilities

asked 02/10/2024
Jelle Kamp
47 questions

Question 38

Report Export Collapse

After a hardware incident, an unplanned emergency maintenance activity was conducted to rectify the issue. Multiple alerts were generated on the SIEM during this period of time. Which of the following BEST explains what happened?

The unexpected traffic correlated against multiple rules, generating multiple alerts.
The unexpected traffic correlated against multiple rules, generating multiple alerts.
Multiple alerts were generated due to an attack occurring at the same time.
Multiple alerts were generated due to an attack occurring at the same time.
An error in the correlation rules triggered multiple alerts.
An error in the correlation rules triggered multiple alerts.
The SIEM was unable to correlate the rules, triggering the alerts.
The SIEM was unable to correlate the rules, triggering the alerts.
Suggested answer: A
Explanation:

Multiple alerts were generated on the SIEM during the emergency maintenance activity due to unexpected traffic correlated against multiple rules. The SIEM generates alerts when it detects an event that matches a rule in its rulebase. If the event matches multiple rules, the SIEM will generate multiple alerts.

Reference: CompTIA Security+ Study Guide, Exam SY0-601, Chapter 3: Architecture and Design

asked 02/10/2024
laurence peterson
47 questions

Question 39

Report Export Collapse

A security administrator is setting up a SIEM to help monitor for notable events across the enterprise. Which of the following control types does this BEST represent?

Preventive
Preventive
Compensating
Compensating
Corrective
Corrective
Detective
Detective
Suggested answer: D
Explanation:

A SIEM is a security solution that helps detect security incidents by monitoring for notable events across the enterprise. A detective control is a control that is designed to detect security incidents and respond to them. Therefore, a SIEM represents a detective control.

Reference: CompTIA Security+ Study Guide, Exam SY0-601, Chapter 3: Architecture and Design

asked 02/10/2024
Narmada Balaji
34 questions

Question 40

Report Export Collapse

A network analyst is setting up a wireless access point for a home office in a remote, rural location. The requirement is that users need to connect to the access point securely but do not want to have to remember passwords Which of the following should the network analyst enable to meet the requirement?

MAC address filtering
MAC address filtering
802.1X
802.1X
Captive portal
Captive portal
WPS
WPS
Suggested answer: D
Explanation:

The network analyst should enable Wi-Fi Protected Setup (WPS) to allow users to connect to the wireless access point securely without having to remember passwords. WPS allows users to connect to a wireless network by pressing a button or entering a PIN instead of entering a password.

Reference: CompTIA Security+ Study Guide, Exam SY0-601, Chapter 4: Identity and Access Management

asked 02/10/2024
William Sorensen
46 questions
Total 603 questions
Go to page: of 61
Search

Related questions