CompTIA CompTIA Certifications SY0-601 Questions & Answers

• Question 1131:

  A Chief Information Officer is concerned about employees using company-issued laptops to steal data when accessing network shares. Which of the following should the company implement?

  A. DLP

  B. CASB

  C. HIDS

  D. EDR

  E. UEFI

  Correct Answer: A

• Question 1132:

  A security engineer is hardening existing solutions to reduce application vulnerabilities. Which of the following solutions should the engineer implement FIRST? (Select TWO)

  A. Auto-update

  B. HTTP headers

  C. Secure cookies

  D. Third-party updates

  E. Full disk encryption

  F. Sandboxing

  G. Hardware encryption

  Correct Answer: AG

  In a general context where the goal is to reduce application vulnerabilities, it's reasonable to prioritize measures that address common software vulnerabilities and protect against potential threats. Sandboxing often takes priority because it directly mitigates application-related vulnerabilities and helps prevent malicious code or actions within an application from affecting the broader system. Full disk encryption, while important for data security, primarily addresses data-at-rest protection.While valuable, it doesn't directly reduce application vulnerabilities

• Question 1133:

  A security analyst reviews a company's authentication logs and notices multiple authentication failures. The authentication failures are from different usernames that share the same source IP address. Which of the password attacks is MOST likely happening?

  A. Dictionary

  B. Rainbow table

  C. Spraying

  D. Brute-force

  Correct Answer: D

• Question 1134:

  Which of the following involves the inclusion of code in the main codebase as soon as it is written?

  A. Continuous monitoring

  B. Continuous deployment

  C. Continuous Validation

  D. Continuous integration

  Correct Answer: D

• Question 1135:

  Which of the following BEST describes a technique that compensates researchers for finding vulnerabilities?

  A. Penetration testing

  B. Code review

  C. Wardriving

  D. Bug bounty

  Correct Answer: D

• Question 1136:

  Hackers recently attacked a company's network and obtained several unfavorable pictures from the Chief Executive Officer's workstation. The hackers are threatening to send the images to the press if a ransom is not paid. Which of the following is impacted the MOST?

  A. Identify theft

  B. Data loss

  C. Data exfiltration

  D. Reputation

  Correct Answer: C

  Data exfiltration occurs when malware and/or a malicious actor carries out an unauthorized data transfer from a computer. It is also commonly called data extrusion or data exportation. Data exfiltration is also considered a form of data theft.

• Question 1137:

  During a security assessment, a security finds a file with overly permissive permissions. Which of the following tools will allow the analyst to reduce the permission for the existing users and groups and remove the set-user-ID from the file?

  A. 1s

  B. chflags

  C. chmod

  D. lsof

  E. setuid

  Correct Answer: C

  Chmod removes the setuido permission, that is, it removes the S bit. Setuido is the specific permission, but it is removed with Chmod. https://www.cbtnuggets.com/blog/technology/system-admin/linux-file-permissions-understanding-setuid-setgid-and-the-sticky-bit

• Question 1138:

  An organization maintains several environments in which patches are developed and tested before being deployed to an operational status. Which of the following is the environment in which patches will be deployed just prior to being put into an operational status?

  A. Development

  B. Staging

  C. Production

  D. Test

  Correct Answer: B

  The staging environment is where patches are deployed just prior to being put into an operational status. It is a test environment that closely resembles the production environment, and it is used to ensure that patches are working correctly before they are deployed to the production environment.

  The development environment is where new patches are developed and tested before they are ready to be deployed to a test environment. The test environment is where patches are tested to ensure that they are working correctly before they are deployed to the staging environment. The production environment is the live operational environment where patches are deployed once they have been tested and approved.

• Question 1139:

  A dynamic application vulnerability scan identified code injection could be performed using a web form. Which of the following will be BEST remediation to prevent this vulnerability?

  A. Implement input validations

  B. Deploy MFA

  C. Utilize a WAF

  D. Configure HIPS

  Correct Answer: A

• Question 1140:

  Which of the following BEST describes data streams that are compiled through artificial intelligence that provides insight on current cyberintrusions, phishing, and other malicious cyberactivity?

  A. Intelligence fusion

  B. Review reports

  C. Log reviews

  D. Threat feeds

  Correct Answer: D