CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 1121:

  A network architect wants a server to have the ability to retain network availability even if one of the network switches it is connected to goes down.

  Which of the following should the architect implement on the server to achieve this goal?

  A. RAID
  B. UPS
  C. NIC teaming
  D. Load balancing
  C. NIC teaming

  ---

  NIC Teaming is a feature that allows a server to be connected to multiple network switches, providing redundancy and increased network availability. If one of the switches goes down, the server will still be able to send and receive data through one of the other switches. To configure NIC Teaming in Windows Server, see Microsoft's documentation: https://docs.microsoft.com/en-us/windows-server/networking/technologies/nic-teaming. For more information on NIC Teaming and other network redundancy features, refer to the CompTIA Security+ SY0- 601 Official Text Book and Resources.

• Question 1122:

  Which of the following cloud models provides clients with servers, storage, and networks but nothing else?

  A. SaaS
  B. PaaS
  C. IaaS
  D. DaaS
  C. IaaS

  ---

  IaaS provides clients with virtualized infrastructure resources over the internet. It includes servers, storage, and networking components, allowing clients to have more control over the infrastructure without having to manage the physical hardware. Clients can deploy and run their own applications, as well as manage operating systems and applications. However, the management of the underlying infrastructure, such as data centers and virtualization, is the responsibility of the cloud service provider.

• Question 1123:

  A customer has reported that an organization's website displayed an image of a smiley (ace rather than the expected web page for a short time two days earlier. A security analyst reviews log tries and sees the following around the lime of the incident:

  

  Which of the following is MOST likely occurring?

  A. Invalid trust chain
  B. Domain hijacking
  C. DNS poisoning
  D. URL redirection
  C. DNS poisoning

• Question 1124:

  An enterprise needs to keep cryptographic keys in a safe manner. Which of the following network appliances can achieve this goal?

  A. HSM
  B. CASB
  C. TPM
  D. DLP
  A. HSM

  ---

  "A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys" https://www.techtarget.com/searchsecurity/definition/hardware-security-module-HSM

• Question 1125:

  A grocery store is expressing security and reliability concerns regarding the on-site backup strategy currently being performed by locally attached disks. The main concerns are the physical security of the backup media and the durability of the data stored on these devices

  Which of the following is a cost-effective approach to address these concerns?

  A. Enhance resiliency by adding a hardware RAID.
  B. Move data to a tape library and store the tapes off-site
  C. Install a local network-attached storage.
  D. Migrate to a cloud backup solution
  D. Migrate to a cloud backup solution

  ---

  The best approach to address these concerns is to migrate to a cloud backup solution. This approach will address the physical security of the backup media and the durability of the data stored on these devices. Cloud backup solutions are cost-effective and provide a secure and reliable way to store data off-site. This approach will also provide the grocery store with an automated backup process that is easy to manage and monitor. Hardware RAID is not a cost-effective solution for addressing these concerns as it does not address the physical security of the backup media or the durability of the data stored on these devices. Moving data to a tape library and storing tapes off-site is a good approach but it is not cost-effective as it requires additional hardware and storage space. Installing a local network-attached storage is not a good approach as it does not address the physical security of the backup media or the durability of the data stored on these devices. It also requires additional hardware and storage space which can be expensive.

• Question 1126:

  During a recent company safety stand-down, the cyber-awareness team gave a presentation on the importance of cyber hygiene. One topic the team covered was best practices for printing centers. Which of the following describes an attack method that relates to printing centers?

  A. Whaling
  B. Credential harvesting
  C. Prepending
  D. Dumpster diving
  D. Dumpster diving

• Question 1127:

  A startup company is using multiple SaaS and IaaS platform to stand up a corporate infrastructure and build out a customer-facing web application. Which of the following solutions would be BEST to provide security, manageability, and visibility into the platforms?

  A. SIEM
  B. DLP
  C. CASB
  D. SWG
  C. CASB

  ---

  A cloud access security broker is on-premises or cloud based software that sits between cloud service users and cloud applications, and monitors all activity and enforces security policies A CASB has a separate, and more distinctive role. Differing from the use case for SWG, which focuses on the broader filtering and protection against inbound threats and filtering illegitimate web traffic, a CASB is more deeply integrated and has control over your cloud application usage. It can be tied into an applications API to scan data at rest or can be used with a proxy based deployment to enforce inline policies for more real time protection.

• Question 1128:

  A security analyst has been tasked with finding the maximum amount of data loss that can occur before ongoing business operations would be impacted. Which of the following terms BEST defines this metric?

  A. MTTR
  B. RTO
  C. RPO
  D. MTBF
  C. RPO

• Question 1129:

  Which of the following would a security analyst use to determine if other companies in the same sector have seen similar malicious activity against their systems?

  A. Vulnerability scanner
  B. Open-source intelligence
  C. Packet capture
  D. Threat feeds
  D. Threat feeds

  ---

  Threat feeds, also known as threat intelligence feeds, are a source of information about current and emerging threats, vulnerabilities, and malicious activities targeting organizations. Security analysts use threat feeds to gather information about attacks and threats targeting their industry or sector. These feeds are typically provided by security companies, research organizations, or industry-specific groups. By using threat feeds, analysts can identify trends, patterns, and potential threats that may target their own organization, allowing them to take proactive steps to protect their systems. References: 1. CompTIA Security+ Certification Exam Objectives (SY0-601): https://www.comptia.jp/pdf/Security%2B%20SY0-601%20Exam%20Objectives.pdf 2. SANS Institute: Threat Intelligence: What It Is, and How to Use It Effectively: https://www.sans.org-room/whitepapers/analyst/threat-intelligence-is-effectively-36367

• Question 1130:

  A web server has been compromised due to a ransomware attack. Further investigation reveals the ransomware has been in the server for the past 72 hours. The systems administrator needs to get the services back up as soon as possible. Which of the following should the administrator use to restore services to a secure state?

  A. The last incremental backup that was conducted 72 hours ago Most Voted
  B. The last known-good configuration Most Voted
  C. The last full backup that was conducted seven days ago
  D. The baseline OS configuration
  C. The last full backup that was conducted seven days ago

  ---

  A -No - The last incremental backup that was conducted 72 hours ago - If we can say the infection happened 72 hours ago then a backup from 72 hours ago does us no good. B - No - The last known-good configuration - This would reverse all non-security-related changes made to the Registry during the last session.. Thus the system may still be infected C - Yes! -The last full backup that was conducted seven days ago D - No - The baseline OS configuration - Would remove the possibility of the system being infected but would not be the quickest method