CompTIA SY0-601 Practice Test - Questions Answers, Page 54

List of questions
Question 531

Which of the following security controls s sed to isolate a section of the network and its externally available resources from the internal corporate network in order to reduce the number of possible attacks?
Question 532

A security analyst is reviewing SIEM logs during an ongoing attack and notices the following:
http://company.com/get php? f=/etc/passwd
http://company.com/..%2F. .42F..42F.. $2Fetct2Fshadow
http: //company.com/../../../ ../etc/passwd
Which of the following best describes the type of attack?
Question 533

Local guidelines require that all information systems meet a minimum security baseline to be compliant Which of the following can security administrators use to assess their system configurations against the baseline?
Question 534

A Chief Security Officer (CSO) is concerned that cloud-based services are not adequately protected from advanced threats and malware. The CSO believes there is a high risk that a data breach could occur in the near future due to the lack of detective and preventive controls Which of the following should be implemented to best address the CSO's concerns? (Select two).
Question 535

A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system Which of the following would detect this behavior?
Question 536

A systems administrator is auditing all company servers to ensure they meet the minimum security baseline While auditing a Linux server the systems administrator observes the /etc/ahadow file has permissions beyond the baseline recommendation. Which of the following commands should the systems administrator use to resolve this issue?
Question 537

A security analyst is investigating a malware incident at a company The malware is accessing a command-and-control website at www.comptia.com. All outbound internet traffic is logged to a syslog server and stored in /logfiles/messages Which of the following commands would be best for the analyst to use on the syslog server to search for recent traffic to the command-and-control website?
Question 538

A company is designing the layout of a new data center so it will have an optimal environmental temperature Which of the following must be included? (Select two).
Question 539

A software company adopted the following processes before releasing software to production
β’ Peer review
β’ Static code scanning
β’ Signing
A considerable number of vulnerabilities are still being detected when code is executed on production Which of the following security tools can improve vulnerability detection on this environment?
Question 540

A company recently experienced a data breach and the source was determined to be an executive who was charging a phone in a public are a. Which of the following would most likely have prevented this breach?
Question