This page was exported from Exam for engine [ http://blog.test4engine.com ]

Export date:Mon Nov 18 2:26:37 2024 / +0000 GMT

___________________________________________________


Title: Latest CompTIA SY0-601 Free Certification Exam Material with 340 Q&amp;As [Q49-Q71]

---------------------------------------------------


 Latest CompTIA SY0-601 Free Certification Exam Material with 340 Q&amp;As&nbsp;
UPDATED SY0-601 Exam Questions Certification Test Engine to PDF


QUESTION 49Which of the following would BEST identify and remediate a data-loss event in an enterprise using third-party, web-based services and file-sharing platforms?
&nbsp;SIEM
&nbsp;CASB
&nbsp;UTM
&nbsp;DLP
ExplanationA Cloud access security broker, or CASB, is cloud-hosted software or on-premises software or hardware that act as an intermediary between users and cloud service providers.QUESTION 50A security analyst is hardening a network infrastructure. The analyst is given the following requirements:&#8211; Preserve the use of public IP addresses assigned to equipment on thecore router.&#8211; Enable &#8220;in transport `encryption protection to the web server withthe strongest ciphers.Which of the following should the analyst implement to meet these requirements? (Select TWO).
&nbsp;Configure VLANs on the core router
&nbsp;Configure NAT on the core router
&nbsp;Configure BGP on the core router
&nbsp;Configure AES encryption on the web server
&nbsp;Enable 3DES encryption on the web server
&nbsp;Enable TLSv2 encryption on the web server
QUESTION 51An attacker was easily able to log in to a company&#8217;s security camera by performing a baste online search for a setup guide for that particular camera brand and model.Which of the following BEST describes the configurations the attacker exploited?
&nbsp;Weak encryption
&nbsp;Unsecure protocols
&nbsp;Default settings
&nbsp;Open permissions
QUESTION 52When selecting a technical solution for identity management, an architect chooses to go from an in-house to a third-party SaaS provider. Which of the following risk management strategies is this an example of?
&nbsp;Acceptance
&nbsp;Mitigation
&nbsp;Avoidance
&nbsp;Transference
ExplanationRisk Transference refers to the shifting of the burden of loss for a risk to another party through legislation, contract, insurance or other means. https://www.bcmpedia.org/wiki/Risk_TransferenceQUESTION 53During an incident response, a security analyst observes the following log entry on the web server.Which of the following BEST describes the type of attack the analyst is experience?
&nbsp;SQL injection
&nbsp;Cross-site scripting
&nbsp;Pass-the-hash
&nbsp;Directory traversal
QUESTION 54Per company security policy, IT staff members are required to have separate credentials to perform administrative functions using just-in-time permissions.Which of the following solutions is the company Implementing?
&nbsp;Privileged access management
&nbsp;SSO
&nbsp;RADIUS
&nbsp;Attribute-based access control
QUESTION 55A user recently entered a username and password into a recruiting application website that had been forged to look like the legitimate site Upon investigation, a security analyst the identifies the following:* The legitimate websites IP address is 10.1.1.20 and eRecruit local resolves to the IP* The forged website&#8217;s IP address appears to be 10.2.12.99. based on NetFtow records* AH three at the organization&#8217;s DNS servers show the website correctly resolves to the legitimate IP* DNS query logs show one of the three DNS servers returned a result of 10.2.12.99 (cached) at the approximate time of the suspected compromise.Which of the following MOST likely occurred?
&nbsp;A reverse proxy was used to redirect network traffic
&nbsp;An SSL strip MITM attack was performed
&nbsp;An attacker temporarily pawned a name server
&nbsp;An ARP poisoning attack was successfully executed
QUESTION 56Developers are about to release a financial application, but the number of fields on the forms that could be abused by an attacker is troubling.Which of the following techniques should be used to address this vulnerability?
&nbsp;Implement input validation
&nbsp;Encrypt data Before submission
&nbsp;Perform a manual review
&nbsp;Conduct a peer review session
QUESTION 57A security engineer is setting up passwordless authentication for the first time.INSTRUCTIONSUse the minimum set of commands to set this up and verify that it works. Commands cannot be reused.If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
QUESTION 58A cybersecurity administrator needs to allow mobile BYOD devices to access network resources.As the devices are not enrolled to the domain and do not have policies applied to them, which of the following are best practices for authentication and infrastructure security? (Select TWO).
&nbsp;Create a new network for the mobile devices and block the communication to the internal network and servers
&nbsp;Use a captive portal for user authentication.
&nbsp;Authenticate users using OAuth for more resiliency
&nbsp;Implement SSO and allow communication to the internal network
&nbsp;Use the existing network and allow communication to the internal network and servers.
&nbsp;Use a new and updated RADIUS server to maintain the best solution
QUESTION 59Which of the following environments minimizes end user disruption and is MOST likely to be used to assess the impacts of any database migrations or major system changes by using the final version of the code in an operationally representative environment?
&nbsp;Staging
&nbsp;Test
&nbsp;Production
&nbsp;Development
A staging environment is used to validate code that will be deployed. I have seen you providing answers with no context behind them and being wrong. You need to stop that.QUESTION 60While reviewing an alert that shows a malicious request on one web application, a cybersecurity analyst is alerted to a subsequent token reuse moments later on a different service using the same single sign-on method.Which of the following would BEST detect a malicious actor?
&nbsp;Utilizing SIEM correlation engines
&nbsp;Deploying Netflow at the network border
&nbsp;Disabling session tokens for all sites
&nbsp;Deploying a WAF for the web server
ExplanationThe initial compromise was a malicious request on a web server. Moments later the token created with SSO was used on another service, the question does not specify what type of service. Deploying a WAF on the web server will detect the attacker but only on that server. If the attacker issues the same malicious request to get another SSO token correlating that event with using that SSO token in other services would allows to detect the malicious activity.QUESTION 61A company&#8217;s Chief Information Security Officer (CISO) recently warned the security manager that the company&#8217;s Chief Executive Officer (CEO) is planning to publish a controversial option article in a national newspaper, which may result in new cyberattacks Which of the following would be BEST for the security manager to use in a threat mode?
&nbsp;Hacktivists
&nbsp;White-hat hackers
&nbsp;Script kiddies
&nbsp;Insider threats
Hacktivists &#8211; &#8220;a person who gains unauthorized access to computer files or networks in order to further social or political ends.&#8221;QUESTION 62A security analyst is configuring a large number of new company-issued laptops. The analyst received the following requirements:* The devices will be used internationally by staff who travel extensively.* Occasional personal use is acceptable due to the travel requirements.* Users must be able to install and configure sanctioned programs and productivity suites.* The devices must be encrypted* The devices must be capable of operating in low-bandwidth environments.Which of the following would provide the GREATEST benefit to the security posture of the devices?
&nbsp;Configuring an always-on VPN
&nbsp;Implementing application whitelisting
&nbsp;Requiring web traffic to pass through the on-premises content filter
&nbsp;Setting the antivirus DAT update schedule to weekly
Explanationhttps://docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/always-on-vpn/always-on-vpn-technQUESTION 63A security researching is tracking an adversary by noting its attack and techniques based on its capabilities, infrastructure, and victims. Which of the following is the researcher MOST likely using?
&nbsp;The Diamond Model of intrusion Analysis
&nbsp;The Cyber Kill Chain
&nbsp;The MITRE CVE database
&nbsp;The incident response process
QUESTION 64An analyst visits an internet forum looking for information about a tool. The analyst finds a threat that appears to contain relevant information. One of the posts says the following:Which of the following BEST describes the attack that was attempted against the forum readers?
&nbsp;SOU attack
&nbsp;DLL attack
&nbsp;XSS attack
&nbsp;API attack
QUESTION 65A security analyst sees the following log output while reviewing web logs:Which of the following mitigation strategies would be BEST to prevent this attack from being successful?
&nbsp;Secure cookies
&nbsp;Input validation
&nbsp;Code signing
&nbsp;Stored procedures
QUESTION 66During an investigation, a security manager receives notification from local authorities mat company proprietary data was found on a former employees home computer, The former employee&#8217;s corporate workstation has since been repurposed, and the data on the hard drive has been overwritten Which of the following would BEST provide the security manager with enough details to determine when the data was removed from the company network?
&nbsp;Properly congured hosts with security logging
&nbsp;Properly congured endpoint security tool with darting
&nbsp;Properly congured SIEM with retention policies
&nbsp;Properly congured USB blocker with encryption
QUESTION 67Acritical file server is being upgraded and the systems administrator must determine which RAID level the new server will need to achieve parity and handle two simultaneous disk failures. Which of the following RAID levels meets this requirements?
&nbsp;RAID0+1
&nbsp;RAID 2
&nbsp;RAID 5
&nbsp;RAID 6
QUESTION 68Users at organization have been installing programs from the internet on their workstations without first proper authorization. The organization maintains a portal from which users can install standardized programs. However, some users have administrative access on their workstations to enable legacy programs to function property. Which of the following should the security administrator consider implementing to address this issue?
&nbsp;Application code signing
&nbsp;Application whitellsting
&nbsp;Data loss prevention
&nbsp;Web application firewalls
Application whitelisting is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system. The goal of whitelisting is to protect computers and networks from potentially harmful applications. In general, a whitelist is an index of approved entities. In information security (infosec), whitelisting works best in centrally managed environments, where systems are subject to a consistent workload. https://searchsecurity.techtarget.com/definition/application-whitelistingQUESTION 69Which of the following should be put in place when negotiating with a new vendor about the timeliness of the response to a significant outage or incident?
&nbsp;MOU
&nbsp;MTTR
&nbsp;SLA
&nbsp;NDA
ExplanationService level agreement (SLA). An SLA is an agreement between a company and a vendor that stipulates performance expectations, such as minimum uptime and maximum downtime levels.QUESTION 70A network administrator needs to build out a new datacenter, with a focus on resiliency and uptime. Which of the following would BEST meet this objective? (Choose two.)
&nbsp;Dual power supply
&nbsp;Off-site backups
&nbsp;Automatic OS upgrades
&nbsp;NIC teaming
&nbsp;Scheduled penetration testing
&nbsp;Network-attached storage
Explanationhttps://searchdatacenter.techtarget.com/definition/resiliencyQUESTION 71A grocery store is expressing security and reliability concerns regarding the on-site backup strategy currently being performed by locally attached disks. The main concerns are the physical security of the backup media and the durability of the data stored on these devices.Which of the following is a cost-effective approach to address these concerns?
&nbsp;Enhance resiliency by adding a hardware RAID.
&nbsp;Move data to a tape library and store the tapes off site
&nbsp;Install a local network-attached storage.
&nbsp;Migrate to a cloud backup solution
&nbsp;Loading &#8230;


Exam Prerequisites
While the Security+ renders multiple benefits and helps a security specialist to have an amazing career start, it doesn't impose strict prerequisites. Officially, there are zero prerequisites. However, industry experts and candidates, who have already experienced the CompTIA SY0-601 exam, advise to take up the Network N10-007 exam first. This test imparts some basic yet vital cybersecurity-related knowledge that will make the journey of SY0-601 an easy task. 

&nbsp;

Get The Important Preparation Guide With SY0-601 Dumps: https://www.test4engine.com/SY0-601_exam-latest-braindumps.html


---------------------------------------------------


Images: https://blog.test4engine.com/wp-content/plugins/watu/loading.gif
https://blog.test4engine.com/wp-content/plugins/watu/loading.gif


---------------------------------------------------


---------------------------------------------------


Post date: 2022-11-09 13:31:17

Post date GMT: 2022-11-09 13:31:17

Post modified date: 2022-11-09 13:31:17

Post modified date GMT: 2022-11-09 13:31:17