CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 1001:

  A company recently decided to allow its employees to use their personally owned devices for tasks like checking email and messaging via mobile applications. The company would like to use MDM, but employees are concerned about the loss of personal data.

  Which of the following should the IT department implement to BEST protect the company against company data loss while still addressing the employees' concerns?

  A. Enable the remote-wiping option in the MDM software in case the phone is stolen.
  B. Configure the MDM software to enforce the use of PINs to access the phone.
  C. Configure MDM for FDE without enabling the lock screen.
  D. Perform a factory reset on the phone before installing the company's applications.
  B. Configure the MDM software to enforce the use of PINs to access the phone.

• Question 1002:

  Aconbgany uses a drone for precise perimeter and boundary monitoring. Which of the following should be MOST conceming to the company?

  A. Privacy
  B. Cloud storage of telemetry data
  C. GPS spoofing
  D. Weather events
  C. GPS spoofing

• Question 1003:

  A security engi is cor that the gy tor on endpoints ts too heavily dependent on previously defined attacks. The engineer would like a tool to monitor for changes to key Mes and network traffic on the device. Which of the following tools BEST addresses both detection and prevention?

  A. NIDS
  B. HIPS
  C. AV
  D. NGFW
  B. HIPS

  ---

  Explanation Explanation/Reference:A host-based intrusion detection and prevention system (HIPS) is a tool that monitors for changes to key files and network traffic on a device

• Question 1004:

  An attacker replaces a digitally signed document with another version that foes unnoticed. Upon reviewing the document's contents, the author notices some additional verbaige that was not originally in the document but can't validate an integrity issue. Which of the following attacks was used?

  A. Cryptomalware
  B. Prepending
  C. Collision
  D. Phising
  C. Collision

• Question 1005:

  An enterprise needs to keep cryptographic keys in a safe manner. Which of the following network appliances can achieve this goal?

  A. HSM
  B. CASB
  C. TPM
  D. DLP
  A. HSM

  ---

  "A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys"

• Question 1006:

  A data administrator is configuring authentication for a SaaS application and would like to reduce the number of credentials employees need to maintain. The company prefers to use domain credentials to access new SaaS applications. Which of the following methods would allow this functionality?

  A. SSO
  B. LEAP
  C. MFA
  D. PEAP
  A. SSO

• Question 1007:

  Which of the following describes the ability of code to target a hypervisor from inside a guest OS?

  A. Fog computing
  B. VM escape
  C. Software-defined networking
  D. Image forgery
  E. Container breakout
  B. VM escape

  ---

  VM escape, also known as virtual machine escape or hypervisor escape, refers to the ability of code running within a virtual machine (guest OS) to break out of the virtualized environment and access the underlying hypervisor or host operating system. This could potentially allow an attacker to gain unauthorized access to the host system, compromising the entire virtualization infrastructure. It is a significant security concern in virtualized environments because compromising the hypervisor can lead to the compromise of all the virtual machines running on that host, effectively bypassing the isolation and security measures provided by virtualization.

• Question 1008:

  A startup company is using multiple SaaS and IaaS platforms to stand up a corporate infrastructure and build out a customer-facing web application. Which of the following solutions would be BEST to provide security, manageability, and visibility into the platforms?

  A. SIEM
  B. DLP
  C. CASB
  D. SWG
  C. CASB

  ---

  While Secure Web Gateway (SWG) is undergoing a rapid evolution. As users conduct their day-to-day activities directly with the Internet, SWGs have evolved to become a core component to securing users. Against this backdrop, secure web gateways have evolved how they offer protection against online security threats by enforcing company security policies and filtering malicious internet traffic in real time. At a minimum, a secure web gateway offers URL filtering, application controls for web applications and the detection and filtering of malicious code. Data leak prevention features are also essential. Leading SWGs are parts of SASE platforms where they are integrated with technology like cloud access security brokers (CASBs) for consistent, comprehensive protection. https://www.bitglass.com/what-is-a-secure-web-gateway

• Question 1009:

  Which of the following BEST describes a social-engineering attack that relies on an executive at a small business visiting a fake banking website where credit card and account details are harvested?

  A. Whaling
  B. Spam
  C. Invoice scam
  D. Pharming
  D. Pharming

  ---

  Explanation Explanation/Reference:Pharming: Phishing attempt to trick a user to access a different or fake website (usually by modifying hosts file)

• Question 1010:

  Which of the following documents provides expectations at a technical level for quality, availability, and responsibilities?

  A. EOL
  B. SLA
  C. MOU
  D. EOSL
  B. SLA

  ---

  Explanation Explanation/Reference:A document that provides expectations at a technical level for quality, availability, and responsibilities is a Service Level Agreement (SLA). An SLA is a contract between a service provider and a customer that specifies the level of service that the provider will deliver. This typically includes technical details such as uptime, response times, and performance criteria. The SLA is used to ensure that the customer receives the level of service that they have agreed to and that the provider is held accountable for meeting those expectations. Options A, C, and D are not related to the technical level of service expectations. EOL refers to the end of life for a product or service, MOU is a memorandum of understanding, and EOSL is the end of service life.