CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 581:

  A network engineer is troubleshooting wireless network connectivity issues that were reported by users. The issues are occurring only in the section of the building that is closest to the parking lot. Users are intermittently experiencing slow speeds when accessing websites and are unable to connect to network drives. The issues appear to increase when laptop users return desks after using their devices in other areas of the building. There have also been reports of users being required to enter their credentials on web pages in order to gain access to them.

  Which of the following is the MOST likely cause of this issue?

  A. An external access point is engaging in an evil-twin attack.
  B. The signal on the WAP needs to be increased in that section of the building.
  C. The certificates have expired on the devices and need to be reinstalled.
  D. The users in that section of the building are on a VLAN that is being blocked by the firewall
  A. An external access point is engaging in an evil-twin attack.

• Question 582:

  A public relations team will be taking a group of guest on a tour through the facility of a large e-commerce company. The day before the tour, the company sends out an email to employees to ensure all whiteboars are cleaned and all desks are cleared. The company is MOST likely trying to protect against.

  A. Loss of proprietary information
  B. Damage to the company's reputation
  C. Social engineering
  D. Credential exposure
  A. Loss of proprietary information

  ---

  In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information think phishing, spoofing. That is not being demonstrated in this question. The company is protecting themselves from loss of proprietary information by clearing it all out. so that if anyone in the tour is looking to take it they will be out of luck

• Question 583:

  A Chief Information Security Officer (CISO) is evaluating the dangers involved in deploying a new ERP system for the company. The CISO categorizes the system, selects the controls that apply to the system, implements the controls, and then assesses the success of the controls before authorizing the system. Which of the following is the CISO using to evaluate the environment for this new ERP system?

  A. The Diamond Model of Intrusion Analysis
  B. CIS Critical Security Controls
  C. NIST Risk Management Framework
  D. ISO 27002
  C. NIST Risk Management Framework

  ---

  The NIST Risk Management Framework (RMF) is a process for evaluating the security of a system and implementing controls to reduce potential risks associated with it. The RMF process involves categorizing the system, selecting the controls that apply to the system, implementing the controls, and then assessing the success of the controls before authorizing the system. For more information on the NIST Risk Management Framework and other security processes, refer to the CompTIA Security+ SY0-601 Official Text Book and Resources.

• Question 584:

  A user is trying to upload a tax document, which the corporate finance department requested, but a security program IS prohibiting the upload A security analyst determines the file contains Pll, Which of the following steps can the analyst take to correct this issue?

  A. Create a URL filter with an exception for the destination website.
  B. Add a firewall rule to the outbound proxy to allow file uploads
  C. Issue a new device certificate to the user's workstation.
  D. Modify the exception list on the DLP to allow the upload
  D. Modify the exception list on the DLP to allow the upload

  ---

  Data Loss Prevention (DLP) policies are used to identify and protect sensitive data, and often include a list of exceptions that allow certain types of data to be uploaded or shared. By modifying the exception list on the DLP, the security analyst can allow the tax document to be uploaded without compromising the security of the system. (Reference: CompTIA Security+ SY0-601 Official Textbook, page 479-480)

• Question 585:

  Which of the following policies establishes rules to measure third-party work tasks and ensure deliverables are provided within a specific time line?

  A. SLA
  B. MOU
  C. AUP
  D. NDA
  A. SLA

• Question 586:

  An auditor is performing an assessment of a security appliance with an embedded OS that was vulnerable during the last two assessments. Which of the following BEST explains the appliance's vulnerable state?

  A. The system was configured with weak default security settings.
  B. The device uses weak encryption ciphers.
  C. The vendor has not supplied a patch for the appliance.
  D. The appliance requires administrative credentials for the assessment
  C. The vendor has not supplied a patch for the appliance.

• Question 587:

  Which of the following disaster recovery tests is The LEAST time-consuming for the disaster recovery team?

  A. Tabletop
  B. Parallel
  C. Full interruption
  D. Simulation
  A. Tabletop

  ---

  Explanation Explanation/Reference:Its Tabletop exercise , the simulation is more time consuming.Tabletop , is the cheapest and fastets, after walktrough(from memory) and then simulation (more recources, tedious,time consuming)

• Question 588:

  A software company is analyzing a process that detects software vulnerabilities at the earliest stage possible. The goal is to scan the source looking for unsecure practices and weaknesses before the application is deployed in a runtime environment. Which of the following would BEST assist the company with this objective?

  A. Use fuzzing testing
  B. Use a web vulnerability scanner
  C. Use static code analysis
  D. Use a penetration-testing OS
  C. Use static code analysis

  ---

  Fuzzing Fuzzing or fuzz testing is an automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program. The program is then monitored for exceptions such as crashes, failing built-in code assertions, or potential memory leaks. Static program analysis Static program analysis is the analysis of computer software performed without executing any programs, in contrast with dynamic analysis, which is performed on programs during their execution. What is static code analysis? Static code analysis is a method of debugging by examining source code before a program is run. It's done by analyzing a set of code against a set (or multiple sets) of coding rules. ... This type of analysis addresses weaknesses in source code that might lead to vulnerabilities. Penetration test A penetration test, colloquially known as a pen test or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system; this is not to be confused with a vulnerability assessment.

• Question 589:

  Which of the following should a data owner require all personnel to sign to legally protect intellectual property?

  A. An NDA
  B. An AUP
  C. An ISA
  D. An MOU
  A. An NDA

• Question 590:

  A security analyst has received several reports of an issue on an internal web application. Users state they are having to provide their credentials twice to log in. The analyst checks with the application team and notes this is not an expected behavior. After looking at several logs, the analyst decides to run some commands on the gateway and obtains the following output:

  

  Which of the following BEST describes the attack the company is experiencing?

  A. MAC flooding
  B. URL redirection
  C. ARP poisoning
  D. DNS hijacking
  C. ARP poisoning

  ---

  Explanation Explanation/Reference:https://en.wikipedia.org/wiki/ARP_spoofing#Static_ARP_entries