CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 1081:

  A security architect is implementing a new email architecture for a company. Due to security concerns, the Chief Information Security Officer would like the new architecture to support email encryption, as well as provide for digital signatures. Which of the following should the architect implement?

  A. TOP
  B. IMAP
  C. HTTPS D. S/MIME
  D

• Question 1082:

  Audit logs indicate an administrative account that belongs to a security engineer has been locked out multiple times during the day. The security engineer has been on vacation (or a few days). Which of the following attacks can the account lockout be attributed to?

  A. Backdoor
  B. Brute-force
  C. Rootkit
  D. Trojan
  B. Brute-force

  ---

  The account lockout can be attributed to a brute-force attack. A brute-force attack is a type of attack where an attacker attempts to guess a user's password by continually trying different combinations of characters. In this case, it is likely that the security engineer's account was locked out due to an attacker attempting to guess their password. Backdoor, rootkit, and Trojan attacks are not relevant in this scenario.

• Question 1083:

  Local guidelines require that all information systems meet a minimum-security baseline to be compliant.

  Which of the following can security administrators use to assess their system configurations against the baseline?

  A. SOAR playbook
  B. Security control matrix
  C. Risk management framework
  D. Benchmarks
  D. Benchmarks

  ---

  Security administrators can use benchmarks to assess their system configurations against a minimum security baseline required for compliance. Benchmarks are documents that provide guidance and best practices for configuring and securing various types of systems and software. These benchmarks are often created by trusted organizations, such as the Center for Internet Security (CIS) or the National Institute of Standards and Technology (NIST). Security control matrices and risk management frameworks are important tools for managing and assessing security controls and risks within an organization, but they are not typically used to directly assess system configurations against a specific security baseline. SOAR (Security Orchestration, Automation, and Response) playbooks are used for automating incident response and security processes and are not specifically designed for assessing system configurations against security baselines.

• Question 1084:

  A Chief Information Security Officer has defined resiliency requirements for a new data center architecture The requirements are as follows

  1.

  Critical fileshares will remain accessible during and after a natural disaster

  2.

  Frve percent of hard disks can fail at any given time without impacting the data.

  3.

  Systems will be forced to shut down gracefully when battery levels are below 20%

  Which of the following are required to BEST meet these objectives? (Select THREE)

  A. Fiber switching
  B. laC
  C. NAS
  D. RAID
  E. UPS
  F. Redundant power supplies
  G. Geographic dispersal
  H. Snapshots
  I. Load balancing
  D. RAID
  E. UPS
  G. Geographic dispersal

  ---

  Explanation Explanation/Reference:To BEST meet the objectives described in the question, the following solutions are required: D. RAID: Using RAID (Redundant Array of Independent Disks) technology allows for data to be distributed across multiple disks, providing protection against disk failures. E. UPS: Using an uninterruptible power supply (UPS) will ensure that systems can shut down gracefully when battery levels are low, protecting against data loss due to sudden power outages. G. Geographic dispersal: Spreading critical data across multiple data centers in different geographic locations will ensure that it remains accessible even if one data center is affected by a natural disaster.

• Question 1085:

  A security architect is designing the new outbound internet for a small company. The company would like all 50 users to share the same single Internet connection. In addition, users will not be permitted to use social media sites or external email services while at work.

  Which of the following should be included in this design to satisfy these requirements? (Select TWO).

  A. DLP
  B. MAC filtering
  C. NAT
  D. VPN
  E. Content filler
  F. WAF
  C. NAT
  D. VPN

  ---

  NAT (Network Address Translation) is a technology that allows multiple devices to share a single IP address, allowing them to access the internet while still maintaining security and privacy. VPN (Virtual Private Network) is a technology that creates a secure, encrypted tunnel between two or more devices, allowing users to access the internet and other network resources securely and privately. Additionally, VPNs can also be used to restrict access to certain websites and services, such as social media sites and external email services.

• Question 1086:

  A security administrator, who is working for a government organization, would like to utilize classification and granular planning to secure top secret data and grant access on a need-to-know basis. Which of the following access control schemas should the administrator consider?

  A. Mandatory
  B. Rule-based
  C. Discretionary
  D. Role-based
  A. Mandatory

• Question 1087:

  A security manager has tasked the security operations center with locating all web servers that respond to an unsecure protocol. Which of the following commands could an analyst run to find requested servers?

  A. nslookup 10.10.10.0
  B. nmap -p 80 10.10.10.0/24
  C. pathping 10.10.10.0 -p 80
  D. no -1 -p 80
  B. nmap -p 80 10.10.10.0/24

  ---

  nmap -p 80 10.10.10.0/24 - Nmap or network mapper is a network discovery and security auditing tool mainly used to find services, hosts, and open ports on a network. In this case, nmap will check for the HTTP port 80. ==================================== Other Choices Nslookup - This command queries DNS servers to obtain DNS records Pathping - This command provides information about network latency and packet loss at hops between a source and destination. Used for troubleshooting network issues.

• Question 1088:

  Which of the following is best to use when determining the severity of a vulnerability?

  A. CVE
  B. OSINT
  C. SOAR
  D. CVSS
  D. CVSS

• Question 1089:

  A security analyst needs an overview of vulnerabilities for a host on the network. Which of the following is the BEST type of scan for the analyst to run to discover which vulnerable services are running?

  A. Non-credentialed
  B. Web application
  C. Privileged
  D. Internal
  B. Web application

• Question 1090:

  An employee fell for a phishing scam, which allowed an attacker to gain access to a company PC. The attacker scraped the PC's memory to find other credentials. Without cracking these credentials, the attacker used them to move laterally through the corporate network. Which of the following describes this type of attack?

  A. Privilege escalation
  B. Buffer overflow
  C. SQL injection
  D. Pass-the-hash
  D. Pass-the-hash

  ---

  Unlike other credential theft attacks, a pass the hash attack does not require the attacker to know or crack the password to gain access to the system. Rather, it uses a stored version of the password to initiate a new session.