ExamGecko
Search Search Login
Home Home / CompTIA / SY0-601

CompTIA SY0-601 Practice Test - Questions Answers, Page 41

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A security analyst notices an unusual amount of traffic hitting the edge of the network. Upon examining the logs, the analyst identifies a source IP address and blocks that address from communicating with the network. Even though the analyst is blocking this address, the attack is still ongoing and coming from a large number of different source IP addresses. Which of the following describes this type of attack?
HOTSPOT You received the output of a recent vulnerability assessment. Review the assessment and scan output and determine the appropriate remedialion(s} 'or «ach dewce. Remediation options may be selected multiple times, and some devices may require more than one remediation. If at any time you would like to biing bade the initial state ot the simulation, please dick me Reset All button.
A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system Which of the following would detect this behavior?
A company is adding a clause to its AUP that states employees are not allowed to modify the operating system on mobile devices. Which of the following vulnerabilities is the organization addressing?
Which of the following threat actors is most likely to be motivated by ideology?
Which Of the following vulnerabilities is exploited an attacker Overwrite a reg-ister with a malicious address that changes the execution path?
Which Of the following will provide the best physical security countermeasures to Stop intruders? (Select two).
Which of the following would most likely include language prohibiting end users from accessing personal email from a company device?
A police department is using the cloud to share information city officials Which of the cloud models describes this scenario?
Which of the following is a solution that can be used to stop a disgruntled employee from copying confidential data to a USB drive?

Question 401

Report
Export
Collapse

Which of the following terms should be included in a contract to help a company monitor the ongoing security maturity Of a new vendor?

A.
A right-to-audit clause allowing for annual security audits
A.
A right-to-audit clause allowing for annual security audits
Answers
B.
Requirements for event logs to kept for a minimum of 30 days
B.
Requirements for event logs to kept for a minimum of 30 days
Answers
C.
Integration of threat intelligence in the companys AV
C.
Integration of threat intelligence in the companys AV
Answers
D.
A data-breach clause requiring disclosure of significant data loss
D.
A data-breach clause requiring disclosure of significant data loss
Answers
Suggested answer: A

Explanation:

A right-to-audit clause is a contractual provision that allows one party to audit the records and activities of another party to ensure compliance with security policies and standards. It can help a company monitor the ongoing security maturity of a new vendor by conducting annual security audits and identifying any gaps or issues that need to be addressed.

Question 402

Report
Export
Collapse

Which Of the following supplies non-repudiation during a forensics investiga-tion?

A.
Dumping volatile memory contents first
A.
Dumping volatile memory contents first
Answers
B.
Duplicating a drive With dd
B.
Duplicating a drive With dd
Answers
C.
a SHA 2 signature of a drive image
C.
a SHA 2 signature of a drive image
Answers
D.
Logging everyone in contact with evidence
D.
Logging everyone in contact with evidence
Answers
E.
Encrypting sensitive data
E.
Encrypting sensitive data
Answers
Suggested answer: C

Explanation:

A SHA 2 signature is a cryptographic hash function that produces a unique and fixed-length output for any given input. It can provide non-repudiation during a forensics investigation by verifying the integrity and authenticity of a drive image and proving that it has not been altered or tampered with since it was created

Question 403

Report
Export
Collapse

Which Of the following best ensures minimal downtime for organizations vÄh critical computing equipment located in earthquake-prone areas?

A.
Generators and UPS
A.
Generators and UPS
Answers
B.
Off-site replication
B.
Off-site replication
Answers
C.
Additional warm site
C.
Additional warm site
Answers
D.
Local
D.
Local
Answers
Suggested answer: B

Explanation:

Off-site replication is a process of copying and storing data in a remote location that is geographically separate from the primary site. It can ensure minimal downtime for organizations with critical computing equipment located in earthquake-prone areas by providing a backup copy of data that can be accessed and restored in case of a disaster or disruption at the primary site.

Question 404

Report
Export
Collapse

An audit identified Pll being utilized in the development environment of a crit-ical application. The Chief Privacy Officer (CPO) is adamant that this data must be removed: however, the developers are concerned that without real data they cannot perform functionality tests and search for specific dat a. Which of the following should a security professional implement to best satisfy both the CPOs and the development team's requirements?

A.
Data purge
A.
Data purge
Answers
B.
Data encryption
B.
Data encryption
Answers
C.
Data masking
C.
Data masking
Answers
D.
Data tokenization
D.
Data tokenization
Answers
Suggested answer: D

Explanation:

Data tokenization is a technique of replacing sensitive data with non-sensitive substitutes called tokens that have no intrinsic value or meaning. It can satisfy both the CPO's and the development team's requirements by removing personally identifiable information (PII) from the development environment of a critical application while preserving the functionality and format of the data for testing purposes.

Question 405

Report
Export
Collapse

A company has installed badge readers for building access but is finding unau-thorized individuals roaming the hallways Of the following is the most likely cause?

A.
Shoulder surfing
A.
Shoulder surfing
Answers
B.
Phishing
B.
Phishing
Answers
C.
Tailgating
C.
Tailgating
Answers
D.
Identity fraud
D.
Identity fraud
Answers
Suggested answer: C

Explanation:

Tailgating is a physical security threat that occurs when an unauthorized person follows an authorized person into a restricted area without proper identification or authorization. It can cause unauthorized individuals to roam the hallways after gaining access through badge readers installed for building access.

Question 406

Report
Export
Collapse

An organization is repairing damage after an incident. Which Of the following controls is being implemented?

A.
Detective
A.
Detective
Answers
B.
Preventive
B.
Preventive
Answers
C.
Corrective
C.
Corrective
Answers
D.
Compensating
D.
Compensating
Answers
Suggested answer: C

Explanation:

Corrective controls are security measures that are implemented after an incident to repair the damage and restore normal operations. They can include actions such as patching systems, restoring backups, removing malware, etc. An organization that is repairing damage after an incident is implementing corrective controls.

Question 407

Report
Export
Collapse

A research company discovered that an unauthorized piece of software has been detected on a small number of machines in its lab The researchers collaborate with other machines using port 445 and on the internet using port 443 The unau-thorized software is starting to be seen on additional machines outside of the lab and is making outbound communications using HTTPS and SMS. The security team has been instructed to resolve the issue as quickly as possible while causing minimal disruption to the researchers. Which of the following is the best course Of action in this scenario?

A.
Update the host firewalls to block outbound Stv1B.
A.
Update the host firewalls to block outbound Stv1B.
Answers
B.
Place the machines with the unapproved software in containment
B.
Place the machines with the unapproved software in containment
Answers
C.
Place the unauthorized application in a Bocklist.
C.
Place the unauthorized application in a Bocklist.
Answers
D.
Implement a content filter to block the unauthorized software communica-tion,
D.
Implement a content filter to block the unauthorized software communica-tion,
Answers
Suggested answer: B

Explanation:

Containment is an incident response strategy that aims to isolate and prevent the spread of an attack or compromise within a network or system. It can resolve the issue of unauthorized software detected on a small number of machines in a lab as quickly as possible while causing minimal disruption to the researchers by stopping the software from communicating with external sources using HTTPS and SMS and preventing it from infecting additional machines outside of the lab

Question 408

Report
Export
Collapse

Which Of the following is a primary security concern for a setting up a BYOD program?

A.
End of life
A.
End of life
Answers
B.
Buffer overflow
B.
Buffer overflow
Answers
C.
VM escape
C.
VM escape
Answers
D.
Jailbreaking
D.
Jailbreaking
Answers
Suggested answer: D

Explanation:

Jailbreaking is a process of bypassing or removing the manufacturer-imposed restrictions on a mobile device's operating system, allowing users to install unauthorized applications, modify settings, etc. It is a primary security concern for setting up a BYOD program because it can expose the device and its data to malware, vulnerabilities, unauthorized access, etc

Question 409

Report
Export
Collapse

A security analyst is taking part in an evaluation process that analyzes and categorizes threat actors Of real-world events in order to improve the incident response team's process. Which Of the following is the analyst most likely participating in?

A.
MITRE ATT&CK
A.
MITRE ATT&CK
Answers
B.
Walk-through
B.
Walk-through
Answers
C.
Red team
C.
Red team
Answers
D.
Purple team-I
D.
Purple team-I
Answers
E.
TAXI
E.
TAXI
Answers
Suggested answer: A

Explanation:

MITRE ATT&CK is a knowledge base and framework that analyzes and categorizes threat actors and real-world events based on their tactics, techniques and procedures. It can help improve the incident response team's process by providing a common language and reference for identifying, understanding and mitigating threats

Question 410

Report
Export
Collapse

A company wants to build a new website to sell products online. The website wd I host a storefront application that allow visitors to add products to a shopping cart and pay for products using a credit card. which Of the following protocols •would be most secure to implement?

A.
SSL
A.
SSL
Answers
B.
SFTP
B.
SFTP
Answers
C.
SNMP
C.
SNMP
Answers
D.
TLS
D.
TLS
Answers
Suggested answer: D

Explanation:

TLS (Transport Layer Security) is a cryptographic protocol that provides secure communication over the internet. It can protect the data transmitted between the website and the visitors from eavesdropping, tampering, etc. It is the most secure protocol to implement for a website that sells products online using a credit card.

Total 603 questions
Go to page: of 61
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms