ExamGecko
Search Search Login
Home Home / CompTIA / SY0-601

CompTIA SY0-601 Practice Test - Questions Answers, Page 8

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A security analyst notices an unusual amount of traffic hitting the edge of the network. Upon examining the logs, the analyst identifies a source IP address and blocks that address from communicating with the network. Even though the analyst is blocking this address, the attack is still ongoing and coming from a large number of different source IP addresses. Which of the following describes this type of attack?
HOTSPOT You received the output of a recent vulnerability assessment. Review the assessment and scan output and determine the appropriate remedialion(s} 'or «ach dewce. Remediation options may be selected multiple times, and some devices may require more than one remediation. If at any time you would like to biing bade the initial state ot the simulation, please dick me Reset All button.
A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system Which of the following would detect this behavior?
A company is adding a clause to its AUP that states employees are not allowed to modify the operating system on mobile devices. Which of the following vulnerabilities is the organization addressing?
Which of the following threat actors is most likely to be motivated by ideology?
Which Of the following vulnerabilities is exploited an attacker Overwrite a reg-ister with a malicious address that changes the execution path?
Which Of the following will provide the best physical security countermeasures to Stop intruders? (Select two).
Which of the following would most likely include language prohibiting end users from accessing personal email from a company device?
A police department is using the cloud to share information city officials Which of the cloud models describes this scenario?
Which of the following is a solution that can be used to stop a disgruntled employee from copying confidential data to a USB drive?

Question 71

Report
Export
Collapse

A company uses a drone for precise perimeter and boundary monitoring. Which of the following should be MOST concerning to the company?

A.
Privacy
A.
Privacy
Answers
B.
Cloud storage of telemetry data
B.
Cloud storage of telemetry data
Answers
C.
GPS spoofing
C.
GPS spoofing
Answers
D.
Weather events
D.
Weather events
Answers
Suggested answer: A

Explanation:

The use of a drone for perimeter and boundary monitoring can raise privacy concerns, as it may capture video and images of individuals on or near the monitored premises. The company should take measures to ensure that privacy rights are not violated. Reference:

CompTIA Security+ Study Guide, Exam SY0-601, 4th Edition, Chapter 8

Question 72

Report
Export
Collapse

The security team received a report of copyright infringement from the IP space of the corporate network. The report provided a precise time stamp for the incident as well as the name of the copyrighted files. The analyst has been tasked with determining the infringing source machine and instructed to implement measures to prevent such incidents from occurring again. Which of the following is MOST capable of accomplishing both tasks?

A.
HIDS
A.
HIDS
Answers
B.
Allow list
B.
Allow list
Answers
C.
TPM
C.
TPM
Answers
D.
NGFW
D.
NGFW
Answers
Suggested answer: D

Explanation:

Next-Generation Firewalls (NGFWs) are designed to provide advanced threat protection by combining traditional firewall capabilities with intrusion prevention, application control, and other security features. NGFWs can detect and block unauthorized access attempts, malware infections, and other suspicious activity. They can also be used to monitor file access and detect unauthorized copying or distribution of copyrighted material.

A next-generation firewall (NGFW) can be used to detect and prevent copyright infringement by analyzing network traffic and blocking unauthorized transfers of copyrighted material. Additionally, NGFWs can be configured to enforce access control policies that prevent unauthorized access to sensitive resources. Reference:

CompTIA Security+ Study Guide, Exam SY0-601, 4th Edition, Chapter 6

Question 73

Report
Export
Collapse

A user reports trouble using a corporate laptop. The laptop freezes and responds slowly when writing documents and the mouse pointer occasional disappears.

The task list shows the following results

Which of the following is MOST likely the issue?

A.
RAT
A.
RAT
Answers
B.
PUP
B.
PUP
Answers
C.
Spyware
C.
Spyware
Answers
D.
Keylogger
D.
Keylogger
Answers
Suggested answer: C

Explanation:

Spyware is malicious software that can cause a computer to slow down or freeze. It can also cause the mouse pointer to disappear. The task list shows an application named "spyware.exe" running, indicating that spyware is likely the issue. Reference:

CompTIA Security+ Certification Exam Objectives 6.0: Given a scenario, analyze indicators of compromise and determine the type of malware.

CompTIA Security+ Study Guide, Sixth Edition, pages 125-126

Question 74

Report
Export
Collapse

Which of the following function as preventive, detective, and deterrent controls to reduce the risk of physical theft? (Select TWO).

A.
Mantraps
A.
Mantraps
Answers
B.
Security guards
B.
Security guards
Answers
C.
Video surveillance
C.
Video surveillance
Answers
D.
Fences
D.
Fences
Answers
E.
Bollards
E.
Bollards
Answers
F.
Antivirus
F.
Antivirus
Answers
Suggested answer: A, B

Explanation:

A - a mantrap can trap those personnal with bad intension(preventive), and kind of same as detecting, since you will know if someone is trapped there(detective), and it can deter those personnal from approaching as well(deterrent) B - security guards can sure do the same thing as above, preventing malicious personnal from entering(preventive+deterrent), and notice those personnal as well(detective)

Question 75

Report
Export
Collapse

A security assessment found that several embedded systems are running unsecure protocols. These Systems were purchased two years ago and the company that developed them is no longer in business Which of the following constraints BEST describes the reason the findings cannot be remediated?

A.
inability to authenticate
A.
inability to authenticate
Answers
B.
Implied trust
B.
Implied trust
Answers
C.
Lack of computing power
C.
Lack of computing power
Answers
D.
Unavailable patch
D.
Unavailable patch
Answers
Suggested answer: D

Explanation:

If the systems are running unsecure protocols and the company that developed them is no longer in business, it is likely that there are no patches available to remediate the issue. Reference:

CompTIA Security+ Certification Exam Objectives 1.6: Given a scenario, implement secure protocols. CompTIA Security+ Study Guide, Sixth Edition, pages 35-36

Question 76

Report
Export
Collapse

Which of the following uses six initial steps that provide basic control over system security by including hardware and software inventory, vulnerability management, and continuous monitoring to minimize risk in all network environments?

A.
ISO 27701
A.
ISO 27701
Answers
B.
The Center for Internet Security
B.
The Center for Internet Security
Answers
C.
SSAE SOC 2
C.
SSAE SOC 2
Answers
D.
NIST Risk Management Framework
D.
NIST Risk Management Framework
Answers
Suggested answer: B

Explanation:

The Center for Internet Security (CIS) uses six initial steps that provide basic control over system security, including hardware and software inventory, vulnerability management, and continuous monitoring to minimize risk in all network environments. Reference:

CompTIA Security+ Certification Exam Objectives 1.1: Compare and contrast different types of security concepts.

CompTIA Security+ Study Guide, Sixth Edition, pages 15-16

Question 77

Report
Export
Collapse

The Chief Executive Officer announced a new partnership with a strategic vendor and asked the Chief Information Security Officer to federate user digital identities using SAML-based protocols. Which of the following will this enable?

A.
SSO
A.
SSO
Answers
B.
MFA
B.
MFA
Answers
C.
PKI
C.
PKI
Answers
D.
OLP
D.
OLP
Answers
Suggested answer: A

Explanation:

Federating user digital identities using SAML-based protocols enables Single Sign-On (SSO), which allows users to log in once and access multiple applications without having to enter their credentials for each one. Reference:

CompTIA Security+ Certification Exam Objectives 1.3: Explain authentication and access controls. CompTIA Security+ Study Guide, Sixth Edition, pages 41-42

Question 78

Report
Export
Collapse

A company was compromised, and a security analyst discovered the attacker was able to get access to a service account. The following logs were discovered during the investigation:

Which of the following MOST likely would have prevented the attacker from learning the service account name?

A.
Race condition testing
A.
Race condition testing
Answers
B.
Proper error handling
B.
Proper error handling
Answers
C.
Forward web server logs to a SIEM
C.
Forward web server logs to a SIEM
Answers
D.
Input sanitization
D.
Input sanitization
Answers
Suggested answer: D

Explanation:

Input sanitization can help prevent attackers from learning the service account name by removing potentially harmful characters from user input, reducing the likelihood of successful injection attacks.

Reference:

CompTIA Security+ Certification Exam Objectives 2.2: Given a scenario, implement secure coding techniques.

CompTIA Security+ Study Guide, Sixth Edition, pages 72-73

Question 79

Report
Export
Collapse

The SIEM at an organization has detected suspicious traffic coming a workstation in its internal network. An analyst in the SOC the workstation and discovers malware that is associated with a botnet is installed on the device A review of the logs on the workstation reveals that the privileges of the local account were escalated to a local administrator. To which of the following groups should the analyst report this real-world event?

A.
The NOC team
A.
The NOC team
Answers
B.
The vulnerability management team
B.
The vulnerability management team
Answers
C.
The CIRT
C.
The CIRT
Answers
D.
The read team
D.
The read team
Answers
Suggested answer: C

Explanation:

The Computer Incident Response Team (CIRT) is responsible for handling incidents and ensuring that the incident response plan is followed. Reference: CompTIA Security+ Study Guide, Exam SY0-601, Chapter 9

Question 80

Report
Export
Collapse

A financial institution would like to store its customer data in a cloud but still allow the data to be accessed and manipulated while encrypted. Doing so would prevent the cloud service provider from being able to decipher the data due to its sensitivity. The financial institution is not concerned about computational overheads and slow speeds. Which of the following cryptographic techniques would BEST meet the requirement?

A.
Asymmetric
A.
Asymmetric
Answers
B.
Symmetric
B.
Symmetric
Answers
C.
Homomorphic
C.
Homomorphic
Answers
D.
Ephemeral
D.
Ephemeral
Answers
Suggested answer: B

Explanation:

Symmetric encryption allows data to be encrypted and decrypted using the same key. This is useful when the data needs to be accessed and manipulated while still encrypted. Reference: CompTIA Security+ Study Guide, Exam SY0-601, Chapter 6

Total 603 questions
Go to page: of 61
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms