CompTIA SY0-601 Practice Test - Questions Answers, Page 50

DLP stands for Data Loss Prevention, which is a technology that can monitor, detect and prevent the unauthorized transmission of sensitive data, such as PII (Personally Identifiable Information). DLP can be implemented on endpoints, networks, servers or cloud services to protect data in motion, in use or at rest. DLP can also block or alert on data transfers that violate predefined policies or rules. DLP is the best tool to assist with detecting an employee who has accidentally emailed a file containing a customer's PII, as it can scan the email content and attachments for any data that matches the criteria of PII and prevent the email from being sent or notify the administrator of the incident.

Verified Reference:

Data Loss Prevention Guide to Blocking Leaks - CompTIA

https://www.comptia.org/content/guides/data-loss-prevention-a-step-by-step-guide-to-blockingleaks

Data Loss Prevention – SY0-601 CompTIA Security+ : 2.1 https://www.professormesser.com/securityplus/ sy0-601/sy0-601-video/data-loss-prevention-4/ Data Loss Prevention – CompTIA Security+ SY0-501 – 2.1

https://www.professormesser.com/security-plus/sy0-501/data-loss-prevention-3/

Network access restrictions can limit the exposure of systems that have expired vendor support and lack an immediate replacement, as they can prevent unauthorized or unnecessary access to those systems from other devices or networks. Network access restrictions can include firewalls, network segmentation, VPNs, access control lists, and other methods that can filter or block traffic based on predefined rules or policies. Network access restrictions can reduce the security risks introduced by running systems that have expired vendor support, as they can mitigate the impact of potential vulnerabilities or exploits that may affect those systems. Verified Reference:

CompTIA Security+ Certification Exam Objectives Version 3.0

https://www.comptia.jp/pdf/Security%2B%20SY0-601%20Exam%20Objectives.pdf (See Domain 2.1:

Given a scenario, implement secure protocols.) CompTIA Security+ SY0-501 Study Guide https://www.certblaster.com/wpcontent/ uploads/2017/10/CompTIA-Security-SY0-501-Study-Guide.pdf (See Chapter 2: Technologies and Tools, Section 2.5: Firewall and Network Security Appliances.)

Integrity is a security concept that ensures that data is accurate, complete and consistent, and that it has not been tampered with or modified in an unauthorized or unintended way. Integrity is important for e-commerce organizations to protect against erroneous purchases, as it can prevent data corruption, duplication, loss or manipulation that could affect the transactions or the records of the customers. Integrity can be achieved by using methods such as hashing, digital signatures, checksums, encryption and access control. Verified Reference:

Security+ (Plus) Certification | CompTIA IT Certifications

https://www.comptia.org/certifications/security (See What Skills Will You Learn?) CompTIA Security+ 601 - Infosec https://www.infosecinstitute.com/wpcontent/ uploads/2021/03/CompTIA-Security-eBook.pdf (See Security+: 5 in-demand cybersecurity skills) CompTIA Security+ SY0-601 Certification Study Guide

https://www.comptia.org/training/books/security-sy0-601-study-guide (See Chapter 1: Threats, Attacks and Vulnerabilities, Section 1.4: Cryptography and PKI)

WAF stands for Web Application Firewall, which is a type of firewall that can monitor, filter and block web traffic to and from web applications. WAF can protect web applications from common attacks such as cross-site scripting (XSS), SQL injection, directory traversal, buffer overflow and more. WAF can also enforce security policies and rules that can prevent parameter manipulation or tampering by an unknown third party. WAF is the best solution to help protect against the attack on the web API, as it can inspect the HTTP requests and responses and block any malicious or anomalous activity.

Verified Reference:

Other Application Attacks – SY0-601 CompTIA Security+ : 1.3

https://www.professormesser.com/security-plus/sy0-601/sy0-601-video/other-application-attacks/ (See Web Application Firewall) CompTIA Security+ SY0-601 Exam Cram https://www.oreilly.com/library/view/comptia-security-sy0-601/9780136798767/ch03.xhtml (See Web Application Firewall) Security+ domain #1: Attacks, threats, and vulnerabilities [updated 2021]

https://resources.infosecinstitute.com/certification/security-domain-1-threats-attacks-andvulnerabilities/ (See Web application firewall)

S/MIME stands for Secure/Multipurpose Internet Mail Extensions, which is a standard for encrypting and digitally signing email messages. S/MIME can provide confidentiality, integrity, authentication and non-repudiation for email communications. S/MIME can encrypt the emails at rest, which means that the email contents are protected even if they are stored on the mail servers or the user inboxes.

S/MIME can prevent email contents from being released should another breach occur, as the attacker would not be able to decrypt or read the encrypted emails without the proper keys or certificates. Verified Reference:

Cryptography Concepts – SY0-601 CompTIA Security+ : 2.8

https://www.professormesser.com/security-plus/sy0-601/sy0-601-video/cryptography-concepts-2/ (See S/MIME) Mail Encryption - CompTIA Security+ All-in-One Exam Guide (Exam SY0-301)

https://www.oreilly.com/library/view/comptia-security-all-inone/ 9780071771474/sec5_chap14.html (See S/MIME) Symmetric and Asymmetric Encryption – CompTIA Security+ SY0-501 – 6.1

https://www.professormesser.com/security-plus/sy0-501/symmetric-and-asymmetric-encryption/ (See S/MIME)

Site-to-site VPN is a type of VPN solution that connects two or more networks or sites across the public internet in a secure and encrypted way. Site-to-site VPN can be implemented using VPN appliances, such as firewalls or routers, that can establish and maintain the VPN tunnel between the sites. Site-to-site VPN can support multiple users or devices that need to access resources on the other site without requiring individual VPN clients or software. Site-to-site VPN is the best solution to support the new remote office, as it can provide secure and seamless connectivity between the office network and the main network of the organization. Verified Reference:

Virtual Private Networks – SY0-601 CompTIA Security+ : 3.3

https://www.professormesser.com/security-plus/sy0-601/sy0-601-video/virtual-private-networkssy0-601-comptia-security-3-3/ (See Site-to-Site VPN) VPN Technologies – CompTIA Security+ SY0-501 – 3.2 https://www.professormesser.com/securityplus/ sy0-501/vpn-technologies/ (See Site-to-Site VPN) Security+ (Plus) Certification | CompTIA IT Certifications

https://www.comptia.org/certifications/security (See Domain 3: Architecture and Design, Objective 3.3: Given a scenario, implement secure network architecture concepts.)

MDM stands for Mobile Device Management, which is a software solution that can manage and secure smartphones, laptops, tablets and other mobile devices across heterogeneous platforms.

MDM can enforce security features such as encryption, password policies, remote wipe, device tracking, app control and more. MDM can also monitor and update the devices remotely and provide reports and alerts on their status. MDM is the most effective solution to implement security features across heterogeneous platforms, as it can provide centralized and consistent management of various types of devices. Verified Reference:

Security+ (Plus) Certification | CompTIA IT Certifications

https://www.comptia.org/certifications/security (See Domain 3: Architecture and Design, Objective 3.4: Given a scenario, implement secure systems design.) CompTIA Security+ 601 - Infosec

https://www.infosecinstitute.com/wpcontent/ uploads/2021/03/CompTIA-Security-eBook.pdf (See Security+: 5 in-demand cybersecurity skills, Implementation) Certification Security+ | CompTIA https://www.comptia.org/landing/securityplus/index.html (See Exam Objectives)

SED stands for Self-Encrypting Drive, which is a type of hard drive that automatically encrypts and decrypts data using a built-in hardware encryption engine1. SEDs do not require any additional software or configuration, and they do not affect the performance or usability of the laptop2. SEDs also have a feature called Instant Secure Erase, which allows the user to quickly and securely wipe the data on the drive by deleting the encryption key1.

Salting and hashing are techniques that can improve the security of passwords stored in a database by making them harder to crack or reverse-engineer by hackers who might access the database12.

Salting is the process of adding a unique, random string of characters known only to the site to each password before it is hashed2. Hashing is the process of converting a password into a fixed-length string of characters, which cannot be reversed3. Salting and hashing ensure that the encryption process results in a different hash value, even when two passwords are the same1. This makes it more difficult for an attacker to use pre-computed tables or dictionaries to guess the passwords, or to exploit duplicate hashes in the database4.