ExamGecko
Home / CompTIA / SY0-601 / List of questions
Ask Question

CompTIA SY0-601 Practice Test - Questions Answers, Page 6

List of questions

Question 51

Report Export Collapse

An organization would like to remediate the risk associated with its cloud service provider not meeting its advertised 99.999% availability metrics. Which of the following should the organization consult for the exact requirements for the cloud provider?

SLA
SLA
BPA
BPA
NDA
NDA
MOU
MOU
Suggested answer: A
Explanation:

The Service Level Agreement (SLA) is a contract between the cloud service provider and the organization that stipulates the exact requirements for the cloud provider. It outlines the level of service that the provider must deliver, including the minimum uptime percentage, support response times, and the remedies and penalties for failing to meet the agreed-upon service levels.

asked 02/10/2024
Mark Anthony Acorda
40 questions

Question 52

Report Export Collapse

An enterprise has hired an outside security firm to facilitate penetration testing on its network and applications. The firm has agreed to pay for each vulnerability that ts discovered. Which of the following BEST represents the type of testing that is being used?

White-box
White-box
Red-leam
Red-leam
Bug bounty
Bug bounty
Gray-box
Gray-box
Black-box
Black-box
Suggested answer: C
Explanation:

Bug bounty is a type of testing in which an organization offers a reward or compensation to anyone who can identify vulnerabilities or security flaws in their network or applications. The outside security firm has agreed to pay for each vulnerability found, which is an example of a bug bounty program.

asked 02/10/2024
Sairam Emmidishetti
43 questions

Question 53

Report Export Collapse

A retail company that is launching @ new website to showcase the company’s product line and other information for online shoppers registered the following URLs:

* www companysite com

* shop companysite com

* about-us companysite com

contact-us. companysite com

secure-logon company site com

Which of the following should the company use to secure its website if the company is concerned with convenience and cost?

A self-signed certificate
A self-signed certificate
A root certificate
A root certificate
A code-signing certificate
A code-signing certificate
A wildcard certificate
A wildcard certificate
An extended validation certificate
An extended validation certificate
Suggested answer: D
Explanation:

The company can use a wildcard certificate to secure its website if it is concerned with convenience and cost. A wildcard certificate can secure multiple subdomains, which makes it cost-effective and convenient for securing the various registered domains.

The retail company should use a wildcard certificate if it is concerned with convenience and cost12. A wildcard SSL certificate is a single SSL/TLS certificate that can provide significant time and cost savings, particularly for small businesses. The certificate includes a wildcard character (*) in the domain name field, and can secure multiple subdomains of the primary domain1

asked 02/10/2024
Feroz Khan
52 questions

Question 54

Report Export Collapse

Which of the following disaster recovery tests is the LEAST time consuming for the disaster recovery team?

Tabletop
Tabletop
Parallel
Parallel
Full interruption
Full interruption
Simulation
Simulation
Suggested answer: A
Explanation:

A tabletop exercise is a type of disaster recovery test that simulates a disaster scenario in a discussion-based format, without actually disrupting operations or requiring physical testing of recovery procedures. It is the least time-consuming type of test for the disaster recovery team.

asked 02/10/2024
Olugbenga Fagbohun
44 questions

Question 55

Report Export Collapse

A systems administrator is considering different backup solutions for the IT infrastructure. The company is looking for a solution that offers the fastest recovery time while also saving the most amount of storage used to maintain the backups. Which of the following recovery solutions would be the BEST option to meet these requirements?

Snapshot
Snapshot
Differential
Differential
Full
Full
Tape
Tape
Suggested answer: B
Explanation:

Differential backup is a type of backup that backs up all data that has changed since the last full backup. This backup method offers faster recovery than a full backup, as it only needs to restore the full backup and the differential backup, reducing the amount of data that needs to be restored. It also uses less storage than a full backup as it only stores the changes made from the last full backup.

asked 02/10/2024
stefano nicoletti
41 questions

Question 56

Report Export Collapse

After a phishing scam fora user's credentials, the red team was able to craft payload to deploy on a server. The attack allowed the installation of malicious software that initiates a new remote session Which of the following types of attacks has occurred?

Privilege escalation
Privilege escalation
Session replay
Session replay
Application programming interface
Application programming interface
Directory traversal
Directory traversal
Suggested answer: A
Explanation:

"Privilege escalation is the act of exploiting a bug, design flaw, or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user." In this scenario, the red team was able to install malicious software, which would require elevated privileges to access and install. Therefore, the type of attack that occurred is privilege escalation. Reference: CompTIA Security+ Study Guide, pages 111-112

asked 02/10/2024
Duc Hai
41 questions

Question 57

Report Export Collapse

A cybersecurity administrator needs to implement a Layer 7 security control on a network and block potential attacks. Which of the following can block an attack at Layer 7? (Select TWO).

HIDS
HIDS
NIPS
NIPS
HSM
HSM
WAF
WAF
NAC
NAC
NIDS
NIDS
Stateless firewall
Stateless firewall
Suggested answer: D, F
Explanation:

A WAF (Web Application Firewall) and NIDS (Network Intrusion Detection System) are both examples of Layer 7 security controls. A WAF can block attacks at the application layer (Layer 7) of the OSI model by filtering traffic to and from a web server. NIDS can also detect attacks at Layer 7 by monitoring network traffic for suspicious patterns and behaviors. Reference: CompTIA Security+ Study Guide, pages 94-95, 116-118

asked 02/10/2024
Wojciech Oleksiak
39 questions

Question 58

Report Export Collapse

During an incident, a company's CIRT determines it is necessary to observe the continued network- based transactions between a callback domain and the malware running on an enterprise PC. Which of the following techniques would be BEST to enable this activity while reducing the nsk of lateral spread and the risk that the adversary would notice any changes?

Physically move the PC to a separate Internet point of presence.
Physically move the PC to a separate Internet point of presence.
Create and apply microsegmentation rules,
Create and apply microsegmentation rules,
Emulate the malware in a heavily monitored DMZ segment
Emulate the malware in a heavily monitored DMZ segment
Apply network blacklisting rules for the adversary domain
Apply network blacklisting rules for the adversary domain
Suggested answer: C
Explanation:

Emulating the malware in a heavily monitored DMZ segment is the best option for observing network-based transactions between a callback domain and the malware running on an enterprise PC. This approach provides an isolated environment for the malware to run, reducing the risk of lateral spread and detection by the adversary. Additionally, the DMZ can be monitored closely to gather intelligence on the adversary's tactics and techniques. Reference: CompTIA Security+ Study Guide, page 129

asked 02/10/2024
Rodolfo Ponce
41 questions

Question 59

Report Export Collapse

A business is looking for a cloud service provider that offers a la carte services, including cloud backups, VM elasticity, and secure networking. Which of the following cloud service provider types should business engage?

A laaS
A laaS
PaaS
PaaS
XaaS
XaaS
SaaS
SaaS
Suggested answer: A
Explanation:

Infrastructure as a Service (IaaS) providers offer a la carte services, including cloud backups, VM elasticity, and secure networking. With IaaS, businesses can rent infrastructure components such as virtual machines, storage, and networking from a cloud service provider. Reference: CompTIA Security+ Study Guide, pages 233-234

asked 02/10/2024
Sebasteen Lawrance
50 questions

Question 60

Report Export Collapse

A security analyst is responding to an alert from the SIEM. The alert states that malware was discovered on a host and was not automatically deleted. Which of the following would be BEST for the analyst to perform?

Add a deny-all rule to that host in the network ACL
Add a deny-all rule to that host in the network ACL
Implement a network-wide scan for other instances of the malware.
Implement a network-wide scan for other instances of the malware.
Quarantine the host from other parts of the network
Quarantine the host from other parts of the network
Revoke the client's network access certificates
Revoke the client's network access certificates
Suggested answer: C
Explanation:

When malware is discovered on a host, the best course of action is to quarantine the host from other parts of the network. This prevents the malware from spreading and potentially infecting other hosts. Adding a deny-all rule to the host in the network ACL may prevent legitimate traffic from being processed, implementing a network-wide scan is time-consuming and may not be necessary, and revoking the client's network access certificates is an extreme measure that may not be warranted.

Reference: CompTIA Security+ Study Guide, pages 113-114

asked 02/10/2024
Harri Jaakkonen
50 questions
Total 603 questions
Go to page: of 61
Search

Related questions