CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 331:

  A local coffee shop runs a small WiFi hotspot for its customers that utilizes WPA2-PSK. The coffee shop would like to stay current with security trends and wants to implement WPA3 to make its WiFi even more secure. Which of the following technologies should the coffee shop use in place of PSK?

  A. WEP
  B. MSCHAP
  C. WPS
  D. SAE
  D. SAE

  ---

  Explanation Explanation/Reference:WPA3 - Simultaneous Authentication of Equals (SAE) replaces Pre-shared Key (PSK) in WPA2-Personal.

• Question 332:

  The facilities supervisor for a government agency is concerned about unauthorized access to environmental systems in the event the staff WiFi network is breached. Which of the blowing would BEST address this security concern?

  A. install a smart meter on the staff WiFi.
  B. Place the environmental systems in the same DHCP scope as the staff WiFi.
  C. Implement Zigbee on the staff WiFi access points.
  D. Segment the staff WiFi network from the environmental systems network.
  B. Place the environmental systems in the same DHCP scope as the staff WiFi.

• Question 333:

  A user's account is constantly being locked out. Upon further review, @ security analyst found the following in the SIEM: Which of the following describes what is occurring?

  

  A. An attacker is utilizing a password-spraying attack against the account
  B. An attacker is utilizing a dictionary attack against the account
  C. An attacker is utilizing a brute-force attack against the account
  D. An attacker is utilizing a rainbow table attack against the account
  C. An attacker is utilizing a brute-force attack against the account

  ---

  Explanation Explanation/Reference:A simple brute-force attack uses automation and scripts to guess passwords. Typical brute-force attacks make a few hundred guesses every second. Simple passwords, such as those lacking a mix of upper- and lowercase letters and those using common expressions like `123456' or `password,' can be cracked in minutes. Look at the time of attacks performed.

• Question 334:

  Which of the following types of controls is a turnstile?

  A. Physical
  B. Detective
  C. Corrective
  D. Technical
  A. Physical

  ---

  https://en.wikipedia.org/wiki/Turnstile#:~:text=A%20turnstile%20(also%20called%20a,%2C%20a%20pass%2C%20or%20similar.

• Question 335:

  After a recent vulnerability scan, a security engineer needs to harden the routers within the corporate network. Which of the following is the most appropriate to disable?

  A. Console access
  B. Routing protocols
  C. VLANs
  D. Web-based administration
  D. Web-based administration

  ---

  Web based Administration, cannot disable the rest of the options.

• Question 336:

  A business uses Wi-Fi with content filtering enabled. An employee noticed a coworker accessed a blocked site from a work computer and reported the issue. While investigating the issue, a security administrator found another device providing internet access to certain employees. Which of the following best describes the security risk?

  A. The host-based security agent is not running on all computers.
  B. A rogue access point is allowing users to bypass controls.
  C. Employees who have certain credentials are using a hidden SSID.
  D. A valid access point is being jammed to limit availability.
  B. A rogue access point is allowing users to bypass controls.

• Question 337:

  An engineer recently deployed a group of 100 web servers in a cloud environment. Per the security policy, all web-server ports except 443 should be disabled. Which of the following can be used to accomplish this task?

  A. Application allow list
  B. SWG
  C. Host-based firewall
  D. VPN
  C. Host-based firewall

  ---

  Explanation Explanation/Reference:Host-based firewall - This is a firewall on a host where you can configured rules for ports/connections allowed on that specific host. As the question specifically is asking for web-server ports to be blocked, it would make more sense to configure rules to block the ports on each web server. ======================== Other Choices: Application allow list - A list of applications and application components that are permitted to reside or perform actions on a device SWG(Secure Web Gateway) - A security product that operates between employees and the internet by filtering unsafe content from web traffic to stop cyber threats and data breaches. They also block risky or unauthorized user behavior. SWGs usually analyses the content of traffic. VPN (Virtual Private Network) - A service that establishes a secure encrypted connection between networks over the internet. Hosts connected on the network will behave logically as if they're on the same network even if they are a physically not.

• Question 338:

  Which of the following would be BEST to establish between organizations that have agreed cooperate and are engaged in early discussion to define the responsibilities of each party, but do not want to establish a contractually binding agreement?

  A. An SLA
  B. An NDA
  C. A BPA
  D. An MOU
  A. An SLA

  ---

  Explanation Explanation/Reference:Comptia exams are all about keywords and the catch here is "include monetary penalties for breaches". SLA includes penalties for not delivering services up to contract, BPA does not.

• Question 339:

  Which of the following describes a maintenance metric that measures the average time required to troubleshoot and restore failed equipment?

  A. RTO
  B. MTBF
  C. MTTR
  D. RPO
  C. MTTR

  ---

  Explanation Explanation/Reference:Mean time to repair (MTTR) is a measure of the maintainability of a repairable item, which tells the average time required to repair a specific item or component and return it to working status. It is a basic measure of the maintainability of equipment and parts. This includes the notification time, diagnosis and the time spent on actual repair as well as other activities required before the equipment can be used again. Mean time to repair is also known as mean repair time. https://www.techopedia.com/definition/2719/mean-time-to-repair-mttr

• Question 340:

  An organization recently recovered from a data breach. During the root cause analysis, the organization determined the source of the breach to be a personal cell phone that had been reported lost. Which of the following solutions should the organization implement to reduce the likelihood of future data breaches?

  A. MDM
  B. MAM
  C. VDI
  D. DLP
  A. MDM

  ---

  Explanation Explanation/Reference:D)DLP won't prevent data being recovered from a stolen/lost phone. A) MDM would have the data encrypted or the ability to have it wiped remotely.