CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 561:

  A security team will be outsourcing several key functions to a third party and will require that:

  Several of the functions will carry an audit burden. Attestations will be performed several times a year. Reports will be generated on a monthly basis.

  Which of the following BEST describes the document that is used to define these requirements and stipulate how and when they are performed by the third party?

  A. MOU
  B. AUP
  C. SLA
  D. MSA
  C. SLA

  ---

  Explanation Explanation/Reference:A service level agreement (SLA) is a contract between a service provider and a customer that outlines the services that are to be provided and the expected levels of performance. It is used to define the requirements for the service, including any attestations and reports that must be generated, and the timescales in which these must be completed. It also outlines any penalties for failing to meet these requirements. SLAs are essential for ensuring that third-party services are meeting the agreed upon performance levels. CompTIA Security+ Study Guide: SY0-601 by Emmett Dulaney, Chuck Easttom https:// www.wiley.com/en-us/CompTIA+Security%2B+Study+Guide%3A+SY0- 601-p-9781119515968 CompTIA Security+ Get Certified Get Ahead: SY0-601 Study Guide by Darril Gibson https:// www.amazon.com/CompTIA-Security-Certified-Ahead-SY0-601/dp/1260117558 Note: SLA is the best document that is used to define these requirements and stipulate how and when they are performed by the third party.

• Question 562:

  A security engineer is working to address the growing risks that shadow IT services are introducing to the organization. The organization has taken a cloud-first approach and does not have an on-premises IT infrastructure. Which of the following would best secure the organization?

  A. Upgrading to a next-generation firewall
  B. Deploying an appropriate in-line CASB solution
  C. Conducting user training on software policies
  D. Configuring double key encryption in SaaS platforms
  B. Deploying an appropriate in-line CASB solution

  ---

  Explanation Explanation/Reference:

• Question 563:

  Which of the following is a policy that provides a greater depth and breadth of knowledge across an organization?

  A. Asset management policy
  B. Separation of duties policy
  C. Acceptable use policy
  D. Job rotation policy
  D. Job rotation policy

• Question 564:

  An organization is having difficulty correlating events from its individual AV, EDR. DLP. SWG, WAF, MDM. HIPS. and CASB systems. Which of the following Is the BEST way to improve the situation?

  A. Remove expensive systems that generate few alerts,
  B. Modify the systems to alert only on critical issues.
  C. Utilize a SIEM to centralize logs and dashboards.
  D. Implement a new syslog/NetFlow appliance.
  C. Utilize a SIEM to centralize logs and dashboards.

  ---

  A SIEM is a centralized solution that aggregates and correlates log data from multiple security devices, applications, and systems in real-time. It provides a unified view of security events and alerts, making it easier for security analysts to detect and respond to security incidents. With a SIEM, the organization can create custom dashboards, perform advanced analytics, and automate incident response workflows.

• Question 565:

  An administrator identifies some locations on the third floor of the building that have a poor wireless signal Multiple users confirm the incident and report it is not an isolated event. Which of the following should the administrator use to find the areas with a poor or non-existent wireless signal?

  A. Heat map
  B. Input validation
  C. Site survey
  D. Embedded systems
  C. Site survey

  ---

  To find the areas with a poor or non-existent wireless signal, the administrator should conduct a wireless site survey. A wireless site survey is a process of planning and designing a wireless network by surveying the physical location to understand the RF (radio frequency) characteristics and signal propagation in the area. During a site survey, the administrator uses specialized tools and equipment to measure the wireless signal strength at various locations within the building. The data collected is then used to create a heat map, which visually represents the signal coverage and strength across the surveyed area. This heat map helps identify areas with poor or weak signal strength and allows the administrator to make informed decisions about the placement of wireless access points or other necessary adjustments to improve wireless coverage and performance.

• Question 566:

  A security researcher has alerted an organization that its sensitive user data was found for sale on a website. Which of the following should the organization use to inform the affected parties?

  A. A An incident response plan
  B. A communications plan
  C. A business continuity plan
  D. A disaster recovery plan
  A. A An incident response plan

• Question 567:

  An employee recently resigned from a company. The employee was responsible for managing and supporting weekly batch jobs over the past five years. A few weeks after the employee resigned, one of the batch jobs failed and caused a major disruption. Which of the following would work best to prevent this type of incident from reoccurring?

  A. Job rotation
  B. Retention
  C. Outsourcing
  D. Separation of duties
  A. Job rotation

• Question 568:

  Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?

  A. An attacker is sniffing traffic to port 53, and the server is managed using unencrypted usernames and passwords.
  B. An organization is experiencing excessive traffic on port 53 and suspects an attacker is trying to DoS the domain name server.
  C. Malware trying to resolve an unregistered domain name to determine if it is running in an isolated sandbox
  D. DNS Routing tables have been compromised, and an attacker is rerouting traffic to malicious websites
  D. DNS Routing tables have been compromised, and an attacker is rerouting traffic to malicious websites

  ---

  A DNS sinkhole, also known as a sinkhole server, Internet sinkhole, or Blackhole DNS[1] is a DNS server that gives out a false result for a domain name. A sinkhole is a DNS provider that supplies systems looking for DNS information with false results, allowing an attacker to redirect a system to a potentially malicious destination. DNS sinkholes have also historically been used for non-malicious purposes.

• Question 569:

  Two hospitals merged into a single organization. The privacy officer requested a review of all records to ensure encryption was used during record storage, in compliance with regulations. During the review, the officer discovered thai medical diagnosis codes and patient names were left unsecured. Which of the following types of data does this combination BEST represent?

  A. Personal health information
  B. Personally Identifiable Information
  C. ToKenized data
  D. Proprietary data
  A. Personal health information

  ---

  Protected health information PHI is a subset of PII, but it specifically refers to health information shared with HIPAA covered entities. Medical records, lab reports, and hospital bills are PHI, along with any information relating to an individual's past, present, or future physical or mental health.

• Question 570:

  The Chief Information Security Officer (CISO) of a bank recently updated the incident response policy. The CISO is concerned that members of the incident response team do not understand their roles. The bank wants to test the policy but with the least amount of resources or impact. Which of the following BEST meets the requirements?

  A. Warm site failover
  B. Tabletop walk-through
  C. Parallel path testing
  D. Full outage simulation
  B. Tabletop walk-through

  ---

  Tabletop Walk-through (or plain walkthroughs): Walkthroughs examine the actual steps that take place associated with a process, procedure, or event... Walkthroughs are commonly used by audit personnel to ensure proper processes are being followed. So this covers confirming the roles with minimal impact to production.