ExamGecko
Search Search Login
Home Home / CompTIA / SY0-601

CompTIA SY0-601 Practice Test - Questions Answers, Page 9

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A security analyst notices an unusual amount of traffic hitting the edge of the network. Upon examining the logs, the analyst identifies a source IP address and blocks that address from communicating with the network. Even though the analyst is blocking this address, the attack is still ongoing and coming from a large number of different source IP addresses. Which of the following describes this type of attack?
HOTSPOT You received the output of a recent vulnerability assessment. Review the assessment and scan output and determine the appropriate remedialion(s} 'or «ach dewce. Remediation options may be selected multiple times, and some devices may require more than one remediation. If at any time you would like to biing bade the initial state ot the simulation, please dick me Reset All button.
A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system Which of the following would detect this behavior?
A company is adding a clause to its AUP that states employees are not allowed to modify the operating system on mobile devices. Which of the following vulnerabilities is the organization addressing?
Which of the following threat actors is most likely to be motivated by ideology?
Which Of the following vulnerabilities is exploited an attacker Overwrite a reg-ister with a malicious address that changes the execution path?
Which Of the following will provide the best physical security countermeasures to Stop intruders? (Select two).
Which of the following would most likely include language prohibiting end users from accessing personal email from a company device?
A police department is using the cloud to share information city officials Which of the cloud models describes this scenario?
Which of the following is a solution that can be used to stop a disgruntled employee from copying confidential data to a USB drive?

Question 81

Report
Export
Collapse

A company reduced the area utilized in its datacenter by creating virtual networking through automation and by creating provisioning routes and rules through scripting. Which of the following does this example describe?

A.
laC
A.
laC
Answers
B.
MSSP
B.
MSSP
Answers
C.
Containers
C.
Containers
Answers
D.
SaaS
D.
SaaS
Answers
Suggested answer: A

Explanation:

laaS (Infrastructure as a Service) allows the creation of virtual networks, automation, and scripting to reduce the area utilized in a datacenter. Reference: CompTIA Security+ Study Guide, Exam SY0- 601, Chapter 4

Question 82

Report
Export
Collapse

A global company is experiencing unauthorized logging due to credential theft and account lockouts caused by brute-force attacks. The company is considering implementing a third-party identity provider to help mitigate these attacks. Which of the following would be the BEST control for the company to require from prospective vendors?

A.
IP restrictions
A.
IP restrictions
Answers
B.
Multifactor authentication
B.
Multifactor authentication
Answers
C.
A banned password list
C.
A banned password list
Answers
D.
A complex password policy
D.
A complex password policy
Answers
Suggested answer: B

Explanation:

Multifactor authentication (MFA) would be the best control to require from a third-party identity provider to help mitigate attacks such as credential theft and brute-force attacks. Reference:

CompTIA Security+ Study Guide, Exam SY0-601, Chapter 2

Question 83

Report
Export
Collapse

An organization wants to integrate its incident response processes into a workflow with automated decision points and actions based on predefined playbooks. Which of the following should the organization implement?

A.
SIEM
A.
SIEM
Answers
B.
SOAR
B.
SOAR
Answers
C.
EDR
C.
EDR
Answers
D.
CASB
D.
CASB
Answers
Suggested answer: B

Explanation:

Security Orchestration, Automation, and Response (SOAR) should be implemented to integrate incident response processes into a workflow with automated decision points and actions based on predefined playbooks. Reference: CompTIA Security+ Study Guide, Exam SY0-601, Chapter 9

Question 84

Report
Export
Collapse

A bad actor tries to persuade someone to provide financial information over the phone in order to gain access to funds. Which of the following types of attacks does this scenario describe?

A.
Vishing
A.
Vishing
Answers
B.
Phishing
B.
Phishing
Answers
C.
Spear phishing
C.
Spear phishing
Answers
D.
Whaling
D.
Whaling
Answers
Suggested answer: A

Explanation:

Vishing is a social engineering attack that uses phone calls or voicemail messages to trick people into divulging sensitive information, such as financial information or login credentials.

Question 85

Report
Export
Collapse

Which of the following must be in place before implementing a BCP?

A.
SLA
A.
SLA
Answers
B.
AUP
B.
AUP
Answers
C.
NDA
C.
NDA
Answers
D.
BIA
D.
BIA
Answers
Suggested answer: D

Explanation:

A Business Impact Analysis (BIA) is a critical component of a Business Continuity Plan (BCP). It identifies and prioritizes critical business functions and determines the impact of their disruption.

Reference: CompTIA Security+ Study Guide 601, Chapter 10

Question 86

Report
Export
Collapse

A developer is building a new portal to deliver single-pane-of-glass management capabilities to customers with multiple firewalls. To Improve the user experience, the developer wants to implement an authentication and authorization standard that uses security tokens that contain assertions to pass user Information between nodes. Which of the following roles should the developer configure to meet these requirements? (Select TWO).

A.
Identity processor
A.
Identity processor
Answers
B.
Service requestor
B.
Service requestor
Answers
C.
Identity provider
C.
Identity provider
Answers
D.
Service provider
D.
Service provider
Answers
E.
Tokenized resource
E.
Tokenized resource
Answers
F.
Notarized referral
F.
Notarized referral
Answers
Suggested answer: C, D

Explanation:

An identity provider (IdP) is responsible for authenticating users and generating security tokens containing user information. A service provider (SP) is responsible for accepting security tokens and granting access to resources based on the user's identity.

Question 87

Report
Export
Collapse

An organization wants seamless authentication to its applications. Which of the following should the organization employ to meet this requirement?

A.
SOAP
A.
SOAP
Answers
B.
SAML
B.
SAML
Answers
C.
SSO
C.
SSO
Answers
D.
Kerberos
D.
Kerberos
Answers
Suggested answer: C

Explanation:

Single Sign-On (SSO) is a mechanism that allows users to access multiple applications with a single set of login credentials. Reference: CompTIA Security+ Study Guide 601, Chapter 6

Question 88

Report
Export
Collapse

A security analyst is running a vulnerability scan to check for missing patches during a suspected security rodent During which of the following phases of the response process is this activity MOST likely occurring?

A.
Containment
A.
Containment
Answers
B.
Identification
B.
Identification
Answers
C.
Recovery
C.
Recovery
Answers
D.
Preparation
D.
Preparation
Answers
Suggested answer: B

Explanation:

Vulnerability scanning is a proactive security measure used to identify vulnerabilities in the network and systems. Reference: CompTIA Security+ Study Guide 601, Chapter 4

Question 89

Report
Export
Collapse

A security engineer needs to build @ solution to satisfy regulatory requirements that stale certain critical servers must be accessed using MFA However, the critical servers are older and are unable to support the addition of MFA, Which of te following will the engineer MOST likely use to achieve this objective?

A.
A forward proxy
A.
A forward proxy
Answers
B.
A stateful firewall
B.
A stateful firewall
Answers
C.
A jump server
C.
A jump server
Answers
D.
A port tap
D.
A port tap
Answers
Suggested answer: C

Explanation:

A jump server is a secure host that allows users to access other servers within a network. The jump server acts as an intermediary, and users can access other servers via the jump server after authenticating with MFA.

Question 90

Report
Export
Collapse

Which of the following environments would MOST likely be used to assess the execution of component parts of a system at both the hardware and software levels and to measure performance characteristics?

A.
Test
A.
Test
Answers
B.
Staging
B.
Staging
Answers
C.
Development
C.
Development
Answers
D.
Production
D.
Production
Answers
Suggested answer: A

Explanation:

The test environment is used to assess the execution of component parts of a system at both the hardware and software levels and to measure performance characteristics. Reference: CompTIA Security+ Study Guide 601, Chapter 2

Total 603 questions
Go to page: of 61
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms