CompTIA CompTIA Certifications SY0-601 Questions & Answers

• Question 441:

  Which of the following are the BEST ways to implement remote home access to a company's intranet systems if establishing an always-on VPN is not an option? (Select Two)

  A. Install VPN concentrations at home offices

  B. Create NAT on the firewall for intranet systems

  C. Establish SSH access to a jump server

  D. Implement a SSO solution

  E. Enable MFA for intranet systems

  F. Configure SNMPv3 server and clients.

  Correct Answer: AE

• Question 442:

  A systems analyst is responsible for generating a new digital forensics chain-of-custody form. Which of the following should the analyst include in this documentation? (Select TWO).

  A. The order of volatility

  B. A CRC32 checksum

  C. The provenance of the artifacts

  D. The vendor's name

  E. The date time

  F. A warning banner

  Correct Answer: CE

  Date and time of collection Location of collection Name of investigator(s) Name or owner of the media or computer Reason for collection Matter name or case number Type of media Serial number of media if available Make and model of hard drive or other media Storage capacity of device or hard drive Method of capture (tools used) Physical description of computer and whether it was on or off Name of the image file or resulting files that were collected Hash value(s) of source hard drive or files Hash value(s) of resulting image files for verification Any comments or issues encountered Signature(s) of persons giving and taking possession of evidence

• Question 443:

  During a recent security assessment, a vulnerability was found in a common OS, The OS vendor was unaware of the issue and promised to release a patch within next quarter, Which of the following BEST describes this type of vulnerability?

  A. Legacy operating system

  B. Weak configuration

  C. Zero day

  D. Supply chain

  Correct Answer: C

  A zero-day vulnerability is a previously unknown vulnerability in software or hardware that is exploited by attackers before the vendor becomes aware of the issue and releases a patch. In this case, the OS vendor was unaware of the vulnerability and promised to release a patch within the next quarter, indicating that it is a zero-day vulnerability.

• Question 444:

  Which of the following prevents an employee from seeing a colleague who is visiting an inappropriate website?

  A. Job rotation policy

  B. NDA

  C. AUP

  D. Separation Of duties policy

  Correct Answer: C

  "Which of the following prevents an employee from visiting an inappropriate website"

  .....which would somewhat make more sense. An acceptable use policy (AUP) is a document that outlines the rules and restrictions employees must follow in regard to the company's network, software, internet connection and devices. The employee shouldn't access the inappropriate website as it would go against proper use of the company network.

  ================ Helpful Info I Guess

  NDA (Non-disclosure agreement) - a binding contract between two or more parties that prevents sensitive information from being shared with others.

  Separation of Duty - refers to the principle that no user should be given enough privileges to misuse the system on their own.

  Job rotation - A concept that has employees rotate through different jobs to learn the procedures and processes in each. From a security perspective, job rotation helps to prevent or expose dangerous shortcuts or even fraudulent activity.

• Question 445:

  Which of the following documents provides guidance regarding the recommended deployment of network security systems from the manufacturer?

  A. Cloud control matrix

  B. Reference architecture

  C. NIST RMF

  D. CIS Top 20

  Correct Answer: B

  A reference architecture is a document or set of documents that provides recommended structures and integrations of IT products and services to form a solution.

• Question 446:

  A security engineer is building a file transfer solution to send files to a business partner. The users would like to drop off the files in a specific directory and have the server send to the business partner. The connection to the business partner is over the internet and needs to be secure. Which of the following can be used?

  A. S/MIME

  B. LDAPS

  C. SSH

  D. SRTP

  Correct Answer: C

  SSH - SSH or (Secure Shell) is a protocol that enables two computers to communicate securely by encrypting the connection. Since the question is looking to transfer files over the internet to a specific directory, the FTP protocol can be used

  for the file transfer itself. As SSH can be used with the FTP protocol, this allows for secure(SSH) file transfer(FTP) over the internet.

  ========================

  Other Choices:

  S/MIME (Secure/Multipurpose internet Mail Extensions) - Digitally signs and encrypts the contents of email messages.

  LDAPS(Lightweight Directory Access Protocol) - Provides authentication for directory-based traffic

  SRTP (Secure Real-time Transport Protocol) - Provides authentication/encryption for transmitted audio and video traffic.

• Question 447:

  After a recent external audit, the compliance team provided a list of several non-compliant, in-scope hosts that were not encrypting cardholder data at rest, Which of the following compliance frameworks would address the compliance team's GREATEST concern?

  A. PCI DSS

  B. GDPR

  C. ISO 27001

  D. NIST CSF

  Correct Answer: A

• Question 448:

  A company is moving its retail website to a public cloud provider. The company wants to tokenize credit card data but not allow the cloud provider to see the stored credit card information. Which of the following would BEST meet these objectives?

  A. WAF

  B. CASB

  C. VPN

  D. TLS

  Correct Answer: B

• Question 449:

  A Chief Security Officer is looking for a solution that can provide increased scalability and flexibility for back-end infrastructure, allowing it to be updated and modified without disruption to services. The security architect would like the solution selected to reduce the back-end server resources and has highlighted that session persistence is not important for the applications running on the back-end servers. Which of the following would BEST meet the requirements?

  A. Reverse proxy

  B. Automated patch management

  C. Snapshots

  D. NIC teaming

  Correct Answer: A

  A reverse proxy would be the best solution for increased scalability and flexibility for back- end infrastructure.

• Question 450:

  A forensics investigator is examining a number of unauthorized payments the were reported on the company's website. Some unusual log entries show users received an email for an unwanted mailing list and clicked on a link to attempt to unsubscribe. One of the users reported the email to the phishing team, and the forwarded email revealed the link to be:

  Click here to unsubscribe

  Which of the following will the forensics investigator MOST likely determine has occurred?

  A. SQL injection

  B. CSRF

  C. XSS

  D. XSRF

  Correct Answer: D