CompTIA CompTIA Certifications SY0-601 Questions & Answers

• Question 991:

  A security analyst must determine if either SSH or Telnet is being used to log in to servers. Which of the following should the analyst use?

  A. logger

  B. Metasploit

  C. tcpdump

  D. netstat

  Correct Answer: D

• Question 992:

  A security administrator needs to inspect in-transit files on the enterprise network to search for PII, credit card data, and classification words. Which of the following would be the BEST to use?

  A. IDS solution

  B. EDR solution

  C. HIPS software solution

  D. Network DLP solution

  Correct Answer: D

  DLP - blocks extraction of sensitive data such as PII, PHI, credit card numbers.

• Question 993:

  A manufacturing company has several one-off legacy information systems that cannot be migrated to a newer OS due to software compatibility issues. The OSs are still supported by the vendor, but the industrial software is no longer supported. The Chief Information Security Officer (CISO) has created a resiliency plan for these systems that will allow OS patches to be installed in a non-production environment, while also creating backups of the systems for recovery.

  Which of the following resiliency techniques will provide these capabilities?

  A. Redundancy

  B. RAID 1+5

  C. Virtual machines

  D. Full backups

  Correct Answer: C

  Redundancy doesn't make any sense for this question, while it is a resiliency technique it doesn't specify what they are making redundant. Virtual machines could be easily backed up using a snapshot so that covers full backups and could provide testing for OS patch compatibility with their EOL software. Full backups will require them to dedicate a system to actually conduct live tests on and is generally less cost efficient compared to VMs.

  Maybe if the question was clear we wouldn't have to assume what the question is asking. FYI you cannot ask questions during the test probably because the people proctoring doesn't know anything (pearson vue) and Comptia wouldn't answer questions regarding their questions because they only want to make money.

• Question 994:

  Which of the following BEST describes the MFA attribute that requires a callback on a predefined landline?

  A. Something you exchibl

  B. Something you can do

  C. Someone you krcear

  D. Somnewehere pou are

  Correct Answer: B

• Question 995:

  An engineer is setting up a VDI environment for a factory location, and the business wants to deploy a low-cost solution to enable users on the shop floor to log in the VDI environment directly. Which of the following should the engineer select to meet these requirements?

  A. Laptops

  B. Containers

  C. Thin clients

  D. Workstations

  Correct Answer: C

  Thin clients make the VDI world go round. A thin client is a slimmed-down endpoint device that doesn't do any of the computing processing on the device itself; it relies on a network connection to the data center, where the virtual desktop is hosted.

  https://www.techtarget.com/searchvirtualdesktop/essentialguide/Guide-to-choosing-and-managing-VDI-thin-clients

• Question 996:

  A security operations analyst is using the company's SIEM solution to correlate alerts. Which of the following stages of the incident response process is this an example of?

  A. Eradication

  B. Recovery

  C. Identification

  D. Preparation

  Correct Answer: C

  C: Identification

  Incident response lifecycle:

  -preparation

  -detection and analysis

  -containment, eradication, recovery

  -post-incident activity

• Question 997:

  The process of passively gathering information prior to launching a cyberattack is called:

  A. tailgating.

  B. reconnaissance.

  C. pharming

  D. prepending

  Correct Answer: B

• Question 998:

  The spread of misinformation surrounding the outbreak of a novel virus on election day led to eligible voters choosing not to take the risk of going the polls. This is an example of:

  A. prepending

  B. an influence campaign.

  C. A watering-hole attack

  D. intimidation

  E. information elicitation.

  Correct Answer: B

  From Chapter 1 Social Engineering Techniques Influence Campaigns Influence campaigns involve the use of collected information and selective publication of material to key individuals in an attempt to alter perceptions and change people's minds on a topic. One can engage in an influence campaign against a single person, but the effect is limited. Influence campaigns are even more powerful when used in conjunction with social media to spread influence through influencer propagation. Influencers are people who have large followings of people who read what they post, and in many cases act in accordance or agreement. This results in an amplifying mechanism, where single pieces of disinformation can be rapidly spread and build a following across the Internet.

• Question 999:

  An organization has implemented a two-step verification process to protect user access to data that s stored in the coud Ic scssnncsitcibin a vdiemiietanebins code to access the data. Which of the following authentication methods did the organization implement?

  A. Token key

  B. Static code

  C. Push notification

  D. HOTP

  Correct Answer: C

• Question 1000:

  Which of the following utilize a subset of real data and are MOST likely to be used to assess the features and functions of a system and how it interacts or performs from an end user's perspective against defined test cases? (Select TWO).

  A. A Production

  B. Test

  C. Research and development

  D. PoC

  E. UAT

  F. SDLC

  Correct Answer: BE