CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 591:

  Task: Configure the firewall (fill out the table) to allow these four rules:

  Only allow the Accounting computer to have HTTPS access to the Administrative server.

  Only allow the HR computer to be able to communicate with the Server 2 System over SCP.

  Allow the IT computer to have access to both the Administrative Server 1 and Administrative Server 2

  

  Correct Answer. Check the explanation below
  Check the explanation below

  ---

  Explanation/Reference:

  Use the following answer for this simulation task.

  Below table has all the answers required for this question.

  

  Firewall rules act like ACLs, and they are used to dictate what traffic can pass between the firewall and the internal network. Three possible actions can be taken based on the rule's criteria: Block the connection Allow the connection Allow the connection only if it is secured TCP is responsible for providing a reliable, one-to-one, connection-oriented session. TCP establishes a connection and ensures that the other end receives any packets sent. Two hosts communicate packet results with each other. TCP also ensures that packets are decoded and sequenced properly. This connection is persistent during the session. When the session ends, the connection is torn down. UDP provides an unreliable connectionless communication method between hosts. UDP is considered a best-effort protocol, but it's considerably faster than TCP. The sessions don't establish a synchronized session like the kind used in TCP, and UDP doesn't guarantee error-free communications. The primary purpose of UDP is to send small packets of information. The application is responsible for acknowledging the correct reception of the dat a. Port 22 is used by both SSH and SCP with UDP. Port 443 is used for secure web connections? HTTPS and is a TCP port. Thus to make sure only the Accounting computer has HTTPS access to the Administrative server you should use TCP port 443 and set the rule to allow communication between 10.4.255.10/24 (Accounting) and 10.4.255.101 (Administrative server1) Thus to make sure that only the HR computer has access to Server2 over SCP you need use of TCP port 22 and set the rule to allow communication between 10.4.255.10/23 (HR) and

  10.4.255.2 (server2) Thus to make sure that the IT computer can access both the Administrative servers you need to use a port and accompanying port number and set the rule to allow communication between:

  10.4.255.10.25 (IT computer) and 10.4.255.101 (Administrative server1) 10.4.255.10.25 (IT computer) and 10.4.255.102 (Administrative server2)

• Question 592:

  Recent changes to a company's BYOD policy require all personal mobile devices to use a two-factor authentication method that is not something you know or have. Which of the following will meet this requirement?

  A. Facial recognition
  B. Six-digit PIN
  C. PKI certificate
  D. Smart card
  A. Facial recognition

  ---

  Facial recognition is a form of biometric authentication, which falls under the "something you are" factor. It uses unique facial features to authenticate a user, making it a form of authentication that is based on physical characteristics rather than something you know (like a password) or have (like a smart card).

• Question 593:

  An incident response technician collected a mobile device during an investigation. Which of the following should the technician do to maintain chain of custody?

  A. Document the collection and require a sign-off when possession changes.
  B. Lock the device in a safe or other secure location to prevent theft or alteration.
  C. Place the device in a Faraday cage to prevent corruption of the data.
  D. Record the collection in a blockchain-protected public ledger
  A. Document the collection and require a sign-off when possession changes.

• Question 594:

  The CSIRT is reviewing the lessons learned from a recent incident. A worm was able to spread unhindered throughout the network and infect a large number of computers and servers.

  Which of the following recommendations would be BEST to mitigate the impacts of a similar incident in the future?

  A. Install a NIDS device at the boundary.
  B. Segment the network with firewalls.
  C. Update all antivirus signatures daily.
  D. Implement application blacklisting
  B. Segment the network with firewalls.

  ---

  The catch is "spread unhindered throughout the network". A=>Detects B=>Correct C=>Precautions on the System D=>Blacklisting is never a good security practice (as opposed to whitelisting), because it's hard to stay on top of all factors that would need to be blacklisted.

• Question 595:

  Which of the following is MOST likely to outline the roles and responsibilities of data controllers and data processors?

  A. SSAE SOC 2
  B. PCI DSS
  C. GDPR
  D. ISO 31000
  C. GDPR

  ---

  The General Data Protection Regulation (GDPR) is most likely to outline the roles and responsibilities of data controllers and data processors. GDPR is a comprehensive data protection law that applies to organizations operating within the European Union (EU) and processing the personal data of EU residents. It sets out the rights of individuals with regard to their personal data, and establishes certain obligations for organizations that process personal data, including data controllers and data processors.

• Question 596:

  A security analyst notices several attacks are being blocked by the NIPS but does not see anything on the boundary firewall logs. The attack seems to have been thwarted Which of the following resiliency techniques was applied to the network to prevent this attack?

  A. NIC Teaming
  B. Port mirroring
  C. Defense in depth
  D. High availability
  E. Geographic dispersal
  C. Defense in depth

  ---

  Explanation Explanation/Reference:A defense-in-depth strategy, aka a security-in-depth strategy, refers to a cybersecurity approach that uses multiple layers of security for holistic protection. A layered defense helps security organizations reduce vulnerabilities, contain threats, and mitigate risk https://csrc.nist.gov/glossary/term/defense_in_depth#:~:text=Definition(s)%3A,and%20dimensions%20of%20the%20organization

• Question 597:

  Which of the following should be put in place when negotiating with a new vendor about the timeliness of the response to a significant outage or incident?

  A. MOU
  B. MTTR
  C. SLA
  D. NDA
  C. SLA

  ---

  Service level agreement is used to decide what is to be expected from both sides.

• Question 598:

  A network administrator would like to configure a site-to-site VPN utilizing iPSec. The administrator wants the tunnel to be established with data integrity encryption, authentication and anti- replay functions Which of the following should the administrator use when configuring the VPN?

  A. AH
  B. EDR
  C. ESP
  D. DNSSEC
  C. ESP

  ---

  Explanation Explanation/Reference:https://www.hypr.com/encapsulating-security-payload-esp/ Encapsulating Security Payload (ESP) is a member of the Internet Protocol Security (IPsec) set of protocols that encrypt and authenticate the packets of data between computers using a Virtual Private Network (VPN). The focus and layer on which ESP operates makes it possible for VPNs to function securely.

• Question 599:

  A security engineer is deploying a new wireless for a company. The company shares office space with multiple tenants. Which of the following should the engineer configured on the wireless network to ensure that confidential data is not exposed to unauthorized users?

  A. EAP
  B. TLS
  C. HTTPS
  D. AES
  D. AES

  ---

  AES -- The Advanced Encryption Standard (AES) encryption algorithm a widely supported encryption type for all wireless networks that contain any confidential data. AES in Wi-Fi leverages 802.1X or PSKs to generate per station keys for all devices. AES provides a high level of security like IP Security (IPsec) clients. https://www.arubanetworks.com/techdocs/Instant_41_Mobile/Advanced/Content/UG_files/Authentication/UnderstandingEncryption.htm

• Question 600:

  DRAG DROP

  A data owner has been tasked with assigning proper data classifications and destruction methods for various types of data contained within the environment.

  Select and Place:

  

  

  ---

  Explanation/Reference: