A security administrator Is managing administrative access to sensitive systems with the following requirements:
Common login accounts must not be used (or administrative duties.
Administrative accounts must be temporal in nature.
Each administrative account must be assigned to one specific user.
Accounts must have complex passwords.
Audit trails and logging must be enabled on all systems.
Which ot the following solutions should the administrator deploy to meet these requirements?
A. ABAC
B. SAML
C. PAM
D. CASB
Correct Answer: C
The best solution to meet the given requirements is to deploy a Privileged Access Management (PAM) solution. PAM solutions allow administrators to create and manage administrative accounts that are assigned to specific users and that have complex passwords. Additionally, PAM solutions provide the ability to enable audit trails and logging on all systems, as well as to set up temporal access for administrative accounts. SAML, ABAC, and CASB are not suitable for this purpose.
Question 1012:
Which of the following describes where an attacker can purchase DDoS or ransomware services?
A. Threat intelligence
B. Open-source intelligence
C. Vulnerability database
D. Dark web
Correct Answer: D
The best option to describe where an attacker can purchase DDoS or ransomware services is the dark web. The dark web is an anonymous, untraceable part of the internet where a variety of illicit activities take place, including the purchase of DDoS and ransomware services. According to the CompTIA Security+ SY0-601 Official Text Book, attackers can purchase these services anonymously and without the risk of detection or attribution. Additionally, the text book recommends that organizations monitor the dark web to detect any possible threats or malicious activity.
Question 1013:
A company owns a public-facing e-commerce website. The company outsources credit card transactions to a payment company. Which of the following BEST describes the role of the payment company?
A. Data controller
B. Data custodian
C. Data owners
D. Data processor
Correct Answer: D
A data processor is an organization that processes personal data on behalf of a data controller. In this scenario, the company that owns the e-commerce website is the data controller, as it determines the purposes and means of processing personal data (e.g. credit card information). The payment company is a data processor, as it processes personal data on behalf of the e-commerce company (i.e. it processes credit card transactions). Reference: CompTIA Security+ Study Guide (SY0-601) 7th Edition by Emmett Dulaney, Chuck Easttom
Question 1014:
The findings in a consultant's report indicate the most critical risk to the security posture from an incident response perspective is a lack of workstation and server investigation capabilities. Which of the following should be implemented to remediate this risk?
A. HIDS
B. FDE
C. NGFW
D. EDR
Correct Answer: D
EDR solutions are designed to detect and respond to malicious activity on workstations and servers, and they provide a detailed analysis of the incident, allowing organizations to quickly remediate the threat. According to the CompTIA Security+ SY0-601 Official Text Book, EDR solutions can be used to detect malicious activity on endpoints, investigate the incident, and contain the threat. EDR solutions can also provide real-time monitoring and alerting for potential security events, as well as detailed forensic analysis for security incidents. Additionally, the text book recommends that organizations also implement a host- based intrusion detection system (HIDS) to alert them to malicious activity on their workstations and servers.
Question 1015:
A network administrator needs to determine Ihe sequence of a server farm's logs. Which of the following should Ihe administrator consider? (Select TWO).
A. Chain of custody
B. Tags
C. Reports
D. Time stamps
E. Hash values
F. Time offset
Correct Answer: DF
Question 1016:
A security team will be outsourcing several key functions to a third party and will require that:
Several of the functions will carry an audit burden. Attestations will be performed several times a year. Reports will be generated on a monthly basis.
Which of the following BEST describes the document that is used to define these requirements and stipulate how and when they are performed by the third party?
A. MOU
B. AUP
C. SLA
D. MSA
Correct Answer: C
A service level agreement (SLA) is a contract between a service provider and a customer that outlines the services that are to be provided and the expected levels of performance. It is used to define the requirements for the service, including any attestations and reports that must be generated, and the timescales in which these must be completed. It also outlines any penalties for failing to meet these requirements. SLAs are essential for ensuring that third-party services are meeting the agreed upon performance levels.
Reference: CompTIA Security+ Study Guide: SY0-601 by Emmett Dulaney, Chuck Easttom https:// www.wiley.com/en-us/CompTIA+Security%2B+Study+Guide%3A+SY0- 601-p-9781119515968 CompTIA Security+ Get Certified Get Ahead: SY0-601 Study Guide by Darril Gibson https:// www.amazon.com/CompTIA-Security-Certified-Ahead-SY0-601/dp/1260117558 Note: SLA is the best document that is used to define these requirements and stipulate how and when they are performed by the third party.
Question 1017:
Which of the following biometric authentication methods is the MOST accurate?
A. Gait
B. Retina
C. Signature
D. Voice
Correct Answer: B
Retina authentication is the most accurate biometric authentication method. Retina authentication is based on recognizing the unique pattern of blood vessels and other features in the retina. This makes it virtually impossible to duplicate or bypass, making it the most secure form of biometric authentication currently available.
Question 1018:
An employee, receives an email stating he won the lottery. The email includes a link that requests a name, mobile phone number, address, and date of birth be provided to confirm employee's identity before sending him the prize. Which of the following BEST describes this type of email?
A. Spear phishing
B. Whaling
C. Phishing
D. Vishing
Correct Answer: C
Question 1019:
The technology department at a large global company is expanding its Wi-Fi network infrastructure at the headquarters building. Which of the following should be closely coordinated between the technology, cybersecurity, and physical security departments?
A. Authentication protocol
B. Encryption type
C. WAP placement
D. VPN configuration
Correct Answer: C
Question 1020:
A company is concerned about individuals driving a car into the building to gain access. Which of the following security controls would work BEST to prevent this from happening?
A. Bollard
B. Camera
C. Alarms
D. Signage
E. Access control vestibule
Correct Answer: A
Bollards are posts designed to prevent vehicles from entering an area. They are usually made of steel or concrete and are placed close together to make it difficult for vehicles to pass through. In addition to preventing vehicles from entering an area, bollards can also be used to protect buildings and pedestrians from ramming attacks. They are an effective and cost-efficient way to protect buildings and pedestrians from unauthorized access.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-601 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.