CompTIA CompTIA Certifications SY0-601 Questions & Answers

• Question 541:

  Which of the following Gieuster recovery tests ie the LEAST time coneuntng for tie easier recovery tearm?

  A. Tabletop

  B. Parallel

  C. Full interruption

  D. Simulation

  Correct Answer: A

• Question 542:

  A security researcher has aferted an organization that is sensitive user data was found for sale on a website. Which of the following should the organization use to inform the affected partes?

  A. An incident response plan

  B. A communications plan

  C. A business continuity plan

  D. A disaster recovery plan

  Correct Answer: A

• Question 543:

  A company is concerned about individuals dnvmg a car into the building to gam access. Which of the following security controls would work BEST to prevent this from happening?

  A. Bollard

  B. Camera

  C. Alarms

  D. Signage

  E. Access control vestibule

  Correct Answer: A

  A bollard would work best to prevent individuals from driving a car into the building. A bollard is a short, vertical post that can be used to block vehicles from entering a designated area. It is specifically designed to stop cars from crashing into buildings or other structures.

• Question 544:

  A security team suspects that the cause of recent power consumption overloads is the unauthorized use of empty power outlets in the network rack. Which of the following options will mitigate this issue without compromising the number of outlets available?

  A. Adding a new UPS dedicated to the rack

  B. Installing a managed PDU

  C. Using only a dual power supplies unit

  D. Increasing power generator capacity

  Correct Answer: B

  A managed Power Distribution Unit (PDU) allows you to monitor and control power outlets on the rack. This will allow the security team to identify which devices are drawing power and from which outlets, which can help to identify any unauthorized devices. Moreover, with a managed PDU, you can also control the power to outlets, turn off outlets that are not in use, and set up alerts if an outlet is overloaded. This will help to mitigate the issue of power consumption overloads without compromising the number of outlets available. Reference: CompTIA Security+ Study Guide (SY0-601) 7th Edition by Emmett Dulaney, Chuck Easttom

• Question 545:

  A company recently decided to allow its employees to use their personally owned devices for tasks like checking email and messaging via mobile applications. The company would like to use MDM, but employees are concerned about the loss of personal data.

  Which of the following should the IT department implement to BEST protect the company against company data loss while still addressing the employees' concerns?

  A. Enable the remote-wiping option in the MDM software in case the phone is stolen.

  B. Configure the MDM software to enforce the use of PINs to access the phone.

  C. Configure MDM for FDE without enabling the lock screen.

  D. Perform a factory reset on the phone before installing the company's applications.

  Correct Answer: B

• Question 546:

  An organization wants to enable built-in FDE on all laptops.

  Which of the following should the organization ensure is Installed on all laptops?

  A. TPM

  B. CA

  C. SAML

  D. CRL

  Correct Answer: A

  The organization should ensure that a Trusted Platform Module (TPM) is installed on all laptops in order to enable built-in Full Disk Encryption (FDE). TPM is a hardware-based security chip that stores encryption keys and helps to protect data from malicious attacks. It is important to ensure that the TPM is properly configured and enabled in order to get the most out of FDE.

• Question 547:

  A security engineer is reviewing the logs from a SAML application that is configured to use MFA, during this review the engineer notices a high volume of successful logins that did not require MFA from users who were traveling

  internationally. The application, which can be accessed without a VPB, has a policy that allows time-based tokens to be generated. Users who changed locations should be required to reauthenticate but have been.

  Which of the following statements BEST explains the issue?

  A. OpenID is mandatory to make the MFA requirements work

  B. An incorrect browser has been detected by the SAML application

  C. The access device has a trusted certificate installed that is overwriting the session token

  D. The user's IP address is changing between logins, bur the application is not invalidating the token

  Correct Answer: D

• Question 548:

  A security researcher is using an adversary's infrastructure and TTPs and creating a named group to track those targeted.

  Which of the following is the researcher MOST likely using?

  A. The Cyber Kill Chain

  B. The incident response process

  C. The Diamond Model of Intrusion Analysis

  D. MITRE ATTandCK

  Correct Answer: C

• Question 549:

  A company recenty experienced an attack during which its main website was Girected to the attacker's web server, allowing the attacker to harvest credentials trom unsuspecting customers.

  Which of the following should the company implement lo prevent this type of attack from occurring In the future?

  A. PSec

  B. SSL/TLS

  C. ONSSEC

  D. SMIME

  Correct Answer: B

• Question 550:

  Which of the following is a cryptographic concept that operates on a fixed length of bits?

  A. Block cipher

  B. Hashing

  C. Key stretching

  D. Salting

  Correct Answer: A

  Single-key or symmetric-key encryption algorithms create a fixed length of bits known as a block cipher with a secret key that the creator/sender uses to encipher data (encryption) and the receiver uses to decipher it.