CompTIA CompTIA Certifications SY0-601 Questions & Answers

• Question 551:

  Given the following snippet of Python code:

  

  Which of the following types of malware MOST likely contains this snippet?

  A. Logic bomb

  B. Keylogger

  C. Backdoor

  D. Ransomware

  Correct Answer: B

• Question 552:

  A security architect is designing the new outbound internet for a small company. The company would like all 50 users to share the same single Internet connection. In addition, users will not be permitted to use social media sites or external email services while at work.

  Which of the following should be included in this design to satisfy these requirements? (Select TWO).

  A. DLP

  B. MAC filtering

  C. NAT

  D. VPN

  E. Content filler

  F. WAF

  Correct Answer: CD

  NAT (Network Address Translation) is a technology that allows multiple devices to share a single IP address, allowing them to access the internet while still maintaining security and privacy. VPN (Virtual Private Network) is a technology that creates a secure, encrypted tunnel between two or more devices, allowing users to access the internet and other network resources securely and privately. Additionally, VPNs can also be used to restrict access to certain websites and services, such as social media sites and external email services.

• Question 553:

  The compliance team requires an annual recertification of privileged and non-privileged user access. However, multiple users who left the company six months ago still have access. Which of the following would have prevented this compliance violation?

  A. Account audits

  B. AUP

  C. Password reuse

  D. SSO

  Correct Answer: A

  Account audits are periodic reviews of user accounts to ensure that they are being used appropriately and that access is being granted and revoked in accordance with the organization's policies and procedures. If the compliance team had been conducting regular account audits, they would have identified the users who left the company six months ago and ensured that their access was revoked in a timely manner. This would have prevented the compliance violation caused by these users still having access to the company's systems.

  To prevent this compliance violation, the company should implement account audits. An account audit is a regular review of all user accounts to ensure that they are being used properly and that they are in compliance with the company's security policies. By conducting regular account audits, the company can identify inactive or unused accounts and remove access for those users. This will help to prevent compliance violations and ensure that only authorized users have access to the company's systems and data.

• Question 554:

  A network architect wants a server to have the ability to retain network availability even if one of the network switches it is connected to goes down.

  Which of the following should the architect implement on the server to achieve this goal?

  A. RAID

  B. UPS

  C. NIC teaming

  D. Load balancing

  Correct Answer: C

  NIC Teaming is a feature that allows a server to be connected to multiple network switches, providing redundancy and increased network availability. If one of the switches goes down, the server will still be able to send and receive data

  through one of the other switches. To configure NIC Teaming in Windows Server, see Microsoft's documentation:

  https://docs.microsoft.com/en-us/windows-server/networking/technologies/nic-teaming. For more information on NIC Teaming and other network redundancy features, refer to the CompTIA Security+ SY0- 601 Official Text Book and

  Resources.

• Question 555:

  A security architect is working on an email solution that will send sensitive data. However, funds are not currently available in the budget for building additional infrastructure. Which of the following should the architect choose?

  A. POP

  B. IPSec

  C. IMAP

  D. PGP

  Correct Answer: D

  PGP (Pretty Good Privacy) is a commonly used encryption method for email communications to secure the sensitive data being sent. It allows for the encryption of the entire message or just the sensitive parts. It would be an appropriate solution in this case as it doesn't require additional infrastructure to implement.

• Question 556:

  A security administrator Is evaluating remote access solutions for employees who are geographically dispersed. Which of the following would provide the MOST secure remote access? (Select TWO).

  A. IPSec

  B. SFTP

  C. SRTP

  D. LDAPS

  E. S/MIME

  F. SSL VPN

  Correct Answer: AF

  IPSec (Internet Protocol Security) is a technology that provides secure communication over the internet by encrypting traffic and authenticating it at both the sender and receiver. It can be used to create secure tunnels between two or more devices, allowing users to access resources securely and privately. SSL VPN (Secure Sockets Layer Virtual Private Network) is a type of VPN that uses an SSL/TLS connection to encrypt traffic between two or more devices. It is a secure and reliable solution for providing remote access, as all traffic is encrypted and authenticated. Additionally, SSL VPNs can also be used to restrict access to certain websites and services, making them a secure and robust solution for remote access.

• Question 557:

  The management team has requested that the security team implement 802.1X into the existing wireless network setup. The following requirements must be met: Minimal interruption to the end user Mutual certificate validation

  Which of the following authentication protocols would meet these requirements?

  A. EAP-FAST

  B. PSK

  C. EAP-TTLS

  D. EAP-TLS

  Correct Answer: D

  EAP-TLS (Extensible Authentication Protocol - Transport Layer Security) is an authentication protocol that uses certificates to provide mutual authentication between the client and the authentication server. It also allows for the encryption of user credentials, making EAP-TLS a secure and reliable authentication protocol. According to the CompTIA Security+ SY0-601 Official Text Book, EAP-TLS is well- suited for wireless networks due to its mutual authentication capabilities and its ability to securely store credentials. It is also the preferred authentication protocol for 802.1X wireless networks.

• Question 558:

  After entering a username and password, and administrator must draw a gesture on a touch screen. Which of the following demonstrates what the administrator is providing?

  A. Multifactor authentication

  B. Something you can do

  C. Biometric

  D. Two-factor authentication

  Correct Answer: B

  The something you can do authentication factor refers to actions you can take such as gestures on a touch screen. As an example, Microsoft Windows 10 supports picture passwords. Users first select a picture, and then they can add three gestures as their picture password. Gestures include tapping in specific places on the picture, drawing lines between items with a finger, or drawing a circle around an item such as someone's head. After registering the picture and their gestures, users repeat these gestures to log on again later.

• Question 559:

  A cybersecurity department purchased o new PAM solution. The team is planning to randomize the service account credentials of the Windows server first. Which of the following would be the BEST method to increase the security on the Linux server?

  A. Randomize the shared credentials

  B. Use only guest accounts to connect.

  C. Use SSH keys and remove generic passwords

  D. Remove all user accounts.

  Correct Answer: C

  (Use SSH keys and remove generic passwords.) seems like the better answer because it involves authentication. https://jumpcloud.com/blog/what-are-ssh-keys Using a guest account does nothing for security.

• Question 560:

  An organization that is located in a flood zone is MOST likely to document the concerns associated with the restoration of IT operation in a:

  A. business continuity plan

  B. communications plan.

  C. disaster recovery plan.

  D. continuity of operations plan

  Correct Answer: C

  A disaster recovery plan (DRP) is a documented and structured approach that outlines the processes and procedures to recover and restore IT systems and operations after a disruptive event, such as a flood or other disaster In the flood zone, a disaster recovery plan would address the specific concerns and considerations related to the restoration of IT operations after a flood. While a business continuity plan (Option A) is closely related to a disaster recovery plan, it typically has a broader scope and encompasses the overall strategies and actions to ensure the continuity of business operations in the face of various disruptions including floods. Option B focuses on establishing effective communication channels during emergencies. A continuity of operations plan (Option D) is generally associated with government agencies and outlines procedures to ensure the continuous performance of essential functions during a wide range of emergencies.