ExamGecko
Home / CompTIA / SY0-601 / List of questions
Ask Question

CompTIA SY0-601 Practice Test - Questions Answers, Page 7

List of questions

Question 61

Report Export Collapse

A cybersecurity administrator needs to allow mobile BYOD devices to access network resources. As the devices are not enrolled to the domain and do not have policies applied to them, which of the following are best practices for authentication and infrastructure security? (Select TWO).

Create a new network for the mobile devices and block the communication to the internal network and servers
Create a new network for the mobile devices and block the communication to the internal network and servers
Use a captive portal for user authentication.
Use a captive portal for user authentication.
Authenticate users using OAuth for more resiliency
Authenticate users using OAuth for more resiliency
Implement SSO and allow communication to the internal network
Implement SSO and allow communication to the internal network
Use the existing network and allow communication to the internal network and servers.
Use the existing network and allow communication to the internal network and servers.
Use a new and updated RADIUS server to maintain the best solution
Use a new and updated RADIUS server to maintain the best solution
Suggested answer: B, C
Explanation:

When allowing mobile BYOD devices to access network resources, using a captive portal for user authentication and authenticating users using OAuth are both best practices for authentication and infrastructure security. A captive portal requires users to authenticate before accessing the network and can be used to enforce policies and restrictions. OAuth allows users to authenticate using third- party providers, reducing the risk of password reuse and credential theft. Reference: CompTIA Security+ Study Guide, pages 217-218, 225-226

asked 02/10/2024
om Kumar
46 questions

Question 62

Report Export Collapse

An analyst is working on an email security incident in which the target opened an attachment containing a worm. The analyst wants to implement mitigation techniques to prevent further spread. Which of the following is the BEST course of action for the analyst to take?

Apply a DLP solution.
Apply a DLP solution.
Implement network segmentation
Implement network segmentation
Utilize email content filtering,
Utilize email content filtering,
isolate the infected attachment.
isolate the infected attachment.
Suggested answer: D
Explanation:


asked 02/10/2024
Grant Taylor
63 questions

Question 63

Report Export Collapse

An enterprise needs to keep cryptographic keys in a safe manner. Which of the following network appliances can achieve this goal?

HSM
HSM
CASB
CASB
TPM
TPM
DLP
DLP
Suggested answer: A
Explanation:

Hardware Security Module (HSM) is a network appliance designed to securely store cryptographic keys and perform cryptographic operations. HSMs provide a secure environment for key management and can be used to keep cryptographic keys safe from theft, loss, or unauthorized access. Therefore, an enterprise can achieve the goal of keeping cryptographic keys in a safe manner by using an HSM appliance. Reference: CompTIA Security+ Certification Exam Objectives, Exam Domain 2.0: Technologies and Tools, 2.4 Given a scenario, use appropriate tools and techniques to troubleshoot security issues, p. 21

asked 02/10/2024
Tom Rez
39 questions

Question 64

Report Export Collapse

An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification?

It allows for the sharing of digital forensics data across organizations
It allows for the sharing of digital forensics data across organizations
It provides insurance in case of a data breach
It provides insurance in case of a data breach
It provides complimentary training and certification resources to IT security staff.
It provides complimentary training and certification resources to IT security staff.
It certifies the organization can work with foreign entities that require a security clearance
It certifies the organization can work with foreign entities that require a security clearance
It assures customers that the organization meets security standards
It assures customers that the organization meets security standards
Suggested answer: E
Explanation:

ISO 27001 is an international standard that outlines the requirements for an Information Security Management System (ISMS). It provides a framework for managing and protecting sensitive information using risk management processes. Acquiring an ISO 27001 certification assures customers that the organization meets security standards and follows best practices for information security management. It helps to build customer trust and confidence in the organization's ability to protect their sensitive information. Reference: CompTIA Security+ Certification Exam Objectives, Exam Domain 1.0: Attacks, Threats, and Vulnerabilities, 1.2 Given a scenario, analyze indicators of compromise and determine the type of malware, p. 7

asked 02/10/2024
Joao Domingues
33 questions

Question 65

Report Export Collapse

A company would like to provide flexibility for employees on device preference. However, the company is concerned about supporting too many different types of hardware. Which of the following deployment models will provide the needed flexibility with the GREATEST amount of control and security over company data and infrastructure?

BYOD
BYOD
VDI
VDI
COPE
COPE
CYOD
CYOD
Suggested answer: D
Explanation:

Choose Your Own Device (CYOD) is a deployment model that allows employees to select from a predefined list of devices. It provides employees with flexibility in device preference while allowing the company to maintain control and security over company data and infrastructure. CYOD deployment model provides a compromise between the strict control provided by Corporate-Owned, Personally Enabled (COPE) deployment model and the flexibility provided by Bring Your Own Device (BYOD) deployment model. Reference: CompTIA Security+ Study Guide, Chapter 6: Securing Application, Data, and Host Security, 6.5 Implement Mobile Device Management, pp. 334-335

asked 02/10/2024
Rene Claassen
43 questions

Question 66

Report Export Collapse

A security analyst reports a company policy violation in a case in which a large amount of sensitive data is being downloaded after hours from various mobile devices to an external site. Upon further investigation, the analyst notices that successful login attempts are being conducted with impossible travel times during the same time periods when the unauthorized downloads are occurring. The analyst also discovers a couple of WAPs are using the same SSID, but they have non-standard DHCP configurations and an overlapping channel. Which of the following attacks is being conducted?

Evil twin
Evil twin
Jamming
Jamming
DNS poisoning
DNS poisoning
Bluesnarfing
Bluesnarfing
DDoS
DDoS
Suggested answer: A
Explanation:

The attack being conducted is an Evil twin attack. An Evil twin attack involves creating a rogue wireless access point (WAP) with the same Service Set Identifier (SSID) as a legitimate WAP to trick users into connecting to it. Once connected, the attacker can intercept traffic or steal login credentials. The successful login attempts with impossible travel times suggest that an attacker is using a stolen or compromised credential to access the external site to which the sensitive data is being downloaded. The non-standard DHCP configurations and overlapping channels of the WAPs suggest that the attacker is using a rogue WAP to intercept traffic. Reference: CompTIA Security+ Certification Exam Objectives, Exam Domain 1.0: Attacks, Threats, and Vulnerabilities, 1.4 Compare and contrast types of attacks, p. 8

asked 02/10/2024
Lyndon Kumire
29 questions

Question 67

Report Export Collapse

A security analyst must enforce policies to harden an MDM infrastructure. The requirements are as follows:

* Ensure mobile devices can be tracked and wiped.

* Confirm mobile devices are encrypted.

Which of the following should the analyst enable on all the devices to meet these requirements?

A Geofencing
A Geofencing
Biometric authentication
Biometric authentication
Geolocation
Geolocation
Geotagging
Geotagging
Suggested answer: A
Explanation:

Geofencing is a technology used in mobile device management (MDM) to allow administrators to define geographical boundaries within which mobile devices can operate. This can be used to enforce location-based policies, such as ensuring that devices can be tracked and wiped if lost or stolen. Additionally, encryption can be enforced on the devices to ensure the protection of sensitive data in the event of theft or loss. Reference:

CompTIA Security+ Study Guide, Exam SY0-601, 4th Edition, Chapter 7

asked 02/10/2024
Omar Olaya
41 questions

Question 68

Report Export Collapse

A company installed several crosscut shredders as part of increased information security practices targeting data leakage risks. Which of the following will this practice reduce?

Dumpster diving
Dumpster diving
Shoulder surfing
Shoulder surfing
Information elicitation
Information elicitation
Credential harvesting
Credential harvesting
Suggested answer: A
Explanation:

Crosscut shredders are used to destroy paper documents and reduce the risk of data leakage through dumpster diving. Dumpster diving is a method of retrieving sensitive information from paper waste by searching through discarded documents.

Reference:

CompTIA Security+ Study Guide, Exam SY0-601, 4th Edition, Chapter 2

asked 02/10/2024
Anna Fagulova
37 questions

Question 69

Report Export Collapse

Which of the following conditions impacts data sovereignty?

Rights management
Rights management
Criminal investigations
Criminal investigations
Healthcare data
Healthcare data
International operations
International operations
Suggested answer: D
Explanation:

Data sovereignty refers to the legal concept that data is subject to the laws and regulations of the country in which it is located. International operations can impact data sovereignty as companies operating in multiple countries may need to comply with different laws and regulations. Reference:

CompTIA Security+ Study Guide, Exam SY0-601, 4th Edition, Chapter 5

asked 02/10/2024
Albert Terrell
40 questions

Question 70

Report Export Collapse

Developers are writing code and merging it into shared repositories several times a day, where it is tested automatically. Which of the following concepts does this BEST represent?

Functional testing
Functional testing
Stored procedures
Stored procedures
Elasticity
Elasticity
Continuous integration
Continuous integration
Suggested answer: D
Explanation:

Continuous integration is a software development practice where developers merge their code into a shared repository several times a day, and the code is tested automatically. This ensures that code changes are tested and integrated continuously, reducing the risk of errors and conflicts.

asked 02/10/2024
Andres Romo
50 questions
Total 603 questions
Go to page: of 61
Search

Related questions