CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 221:

  An attacker is attempting to harvest user credentials on a client's website. A security analyst notices multiple attempts of random usernames and passwords.

  When the analyst types in a random username and password, the logon screen displays the following message:

  The username you entered does not exist.

  Which of the following should the analyst recommend be enabled?

  A. Input validation
  B. Obfuscation
  C. Error handling
  D. Username lockout
  C. Error handling

• Question 222:

  A small company that does not have security staff wants to improve its security posture. Which of the following would BEST assist the company?

  A. MSSP
  B. SOAR
  C. IaaS
  D. PaaS
  A. MSSP

  ---

  Read this article : https://doubleoctopus.com/blog/general/small-business-security-to-mssp-or-not-to-mssp/ Small businesses must afford MSSP model (or risk shutting the business off). To me , SOAR deos not make sense with (NO security staff). SOAR is a product to be procured. This leaves me with this question , Who would take the ownership of the product evalutaion, configuration, operations etc.. ? you cannot just plugandplay a SOAR

• Question 223:

  Which of the following explains why RTO is included in a BIA?

  A. It identifies the amount of allowable downtime for an application or system,
  B. It prioritizes risks so the organization can allocate resources appropriately,
  C. It monetizes the loss of an asset and determines a break-even point for risk mitigation.
  D. It informs the backup approach so that the organization can recover data to a known time.
  A. It identifies the amount of allowable downtime for an application or system,

  ---

  RTO = Recovery time objective. "The maximum tolerable length of time that a computer, system, network or application can be down after a failure or disaster occurs." The answer is A.

• Question 224:

  An application owner has requested access for an external application to upload data from the central internal website without providing credentials at any point. Which of the following authentication methods should be configured to allow this type of integration access?

  A. OAuth
  B. SSO
  C. TACACS+
  D. Kerberos
  B. SSO

• Question 225:

  Which of the following are the MOST likely vectors for the unauthorized inclusion of vulnerable code in a software company's final software releases? (Select TWO.)

  A. Unsecure protocols
  B. Use of penetration-testing utilities
  C. Weak passwords
  D. Included third-party libraries
  E. Vendors/supply chain
  F. Outdated anti-malware software
  D. Included third-party libraries
  E. Vendors/supply chain

  ---

  A. Unsecure protocols --> Could be correct. This is a vector that could be used shortly before the final release to somehow include malicious code. B. Use of penetration-testing utilities --> Makes no sense C. Weak passwords --> Is an attack vector and "unauthorized" could match that. Might be correct. D. Included third-party libraries --> unintentional would fit. But if there was something wrong with a 3rd party libary, that should have been discovered before the final release. E. Vendors/supply chain --> Depends on what these vendors do. If they are developing code that is used in the final release it could contain vulnerabilities that are included unintentionally. But that would be kind of similar to the 3rd party libraries. F. Outdated anti-malware software --> With outdated anti-malware, and attacker could gain acces to a developers machine and include vulnerable code. The developer could then commit it unintentionally.

• Question 226:

  A company recently moved sensitive videos between on-premises. Company-owned websites. The company then learned the videos had been uploaded and shared to the internet. Which of the following would MOST likely allow the company to find the cause?

  A. Checksums
  B. Watermarks
  C. Oder of volatility
  D. A log analysis
  E. A right-to-audit clause
  D. A log analysis

  ---

  If it had mentioned Cloud, it could have been E. You need to write the right to audit clause in to cloud contracts etc. At least you could make that argument it would be E. However based on the wording, the only feasible option is D. Watermarks would let you ascertain the document is yours, but it is shared on company owned websites, so watermark is a security aspect of the document etc. https://www.sumologic.com/glossary/log-analysis/ "While companies can operate private clouds, forensics in a public cloud are complicated by the right to audit permitted to you by your service level agreement (SLA) with the cloud provider."

• Question 227:

  A security analyst is working with a vendor to get a new SaaS application deployed to an enterprise. The analyst wants to ensure role-based security policies are correctly applied as users access the application. Which of the following is most likely to solve the issue?

  A. CASB
  B. AUP
  C. NG-SWG
  D. VPC endpoint
  A. CASB

• Question 228:

  Which of the following utilize a subset of real data and are MOST likely to be used to assess the features and functions of a system and how it interacts or performs from an end user's perspective against defined test cases? (Select TWO).

  A. A Production
  B. Test
  C. Research and development
  D. PoC
  E. UAT
  F. SDLC
  B. Test
  E. UAT

• Question 229:

  An organization that has a large number of mobile devices is exploring enhanced security controls to manage unauthorized access if a device is lost or stolen. Specifically, if mobile devices are more than 3mi(4.8km) from the building, the

  management team would like to have the security team alerted and server resources restricted on those devices.

  Which of the following controls should the organization implement?

  A. Geofencing
  B. Lockout
  C. Near-field communication
  D. GPS tagging
  A. Geofencing

  ---

  Explanation Explanation/Reference:https://www.npws.net/blog/attract-customers-with-beacons-geotagging-geofencing/#:~:text=Geo%2Dtagging%3A%20The%20method%20consists,for%20a%20promotion%20or%20coupon.

• Question 230:

  Which of the following statements BEST describes zero-day exploits'?

  A. When a zero-day exploit is discovered, the system cannot be protected by any means
  B. Zero-day exploits have their own scoring category in CVSS
  C. A zero-day exploit is initially undetectable and no patch for it exists
  D. Discovering zero-day exploits is always performed via bug bounty programs
  C. A zero-day exploit is initially undetectable and no patch for it exists

  ---

  Zero-day = Never seen before attack Therefore it cannot be patched or recognized in a database if it has not occurred or been documented before.