CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 601:

  During a forensic investigation, a security analyst discovered that the following command was run on a compromised host:

  

  Which of the following attacks occurred?

  A. Buffer overflow
  B. Pass the hash
  C. SQL injection
  D. Replay attack
  B. Pass the hash

• Question 602:

  An organization has decided to host its web application and database in the cloud Which of the following BEST describes the security concerns for this decision?

  A. Access to the organization's servers could be exposed to other cloud-provider clients
  B. The cloud vendor is a new attack vector within the supply chain
  C. Outsourcing the code development adds risk to the cloud provider
  D. Vendor support will cease when the hosting platforms reach EOL.
  B. The cloud vendor is a new attack vector within the supply chain

• Question 603:

  Which of the following uses SAML for authentication?

  A. TOTP
  B. Federation
  C. Kerberos
  D. HOTP
  B. Federation

  ---

  Explanation Explanation/Reference:Federation, or identity federation, defines policies, protocols, and practices to manage identities across systems and organizations. Federation's ultimate goal is to allow users to seamlessly access data or systems across domains. Federation is enabled through the use of industry standards such as Security Assertion Markup Language (SAML).

• Question 604:

  A security administrator received an alert for a user account with the following log activity:

  

  Which of the following best describes the trigger for the alert the administrator received?

  A. Number of failed log-in attempts
  B. Geolocation
  C. Impossible travel time
  D. Time-based log-in attempt
  C. Impossible travel time

  ---

  Explanation Explanation/Reference:

• Question 605:

  Which of the following are requirements that must be configured for PCI DSS compliance? (Select TWO).

  A. Testing security systems and processes regularly
  B. Installing and maintaining a web proxy to protect cardholder data
  C. Assigning a unique ID to each person with computer access
  D. Encrypting transmission of cardholder data across private networks
  E. Benchmarking security awareness training for contractors
  F. Using vendor-supplied default passwords for system passwords
  A. Testing security systems and processes regularly
  C. Assigning a unique ID to each person with computer access

  ---

  This is straight forward, Admin please update the answer.. plz check 8 and 11 https://www.controlcase.com/what-are-the-12-requirements-of-pci-dss-compliance/ https://www.pcisecuritystandards.org/pci_security/maintaining_payment_security

• Question 606:

  A municipality implements an IoT device discovery scanner and finds a legacy controller for a critical internal utility SCADA service that is running firmware with multiple vulnerabilities. Unfortunately, the controller cannot be upgraded, and a replacement for it is not available for at least a year. Which of the following is the best action to take to mitigate the risk posed by this controller in the meantime?

  A. Isolate the controller from the rest of the network and constrain connectivity.
  B. Remove the controller from the network altogether.
  C. Quarantine the controller in a VLAN used for device patching from the internet.
  D. Configure the internet firewall to deny any internet access to or from the controller.
  A. Isolate the controller from the rest of the network and constrain connectivity.

• Question 607:

  A vendor needs to remotely and securely transfer files from one server to another using the command line. Which of the following protocols should be implemented to allow for this type of access? (Choose two.)

  A. SSH
  B. SNMP
  C. RDP
  D. S/MIME
  E. SMTP
  F. SFTP
  A. SSH
  F. SFTP

• Question 608:

  Two organizations plan to collaborate on the evaluation of new SIEM solutions for their respective companies. A combined effort from both organizations' SOC teams would speed up the effort. Which of the following can be written to document this agreement?

  A. MOU
  B. ISA
  C. SLA
  D. NDA
  A. MOU

  ---

  A document that regulates security-relevant aspects of an intended connection between an agency and an external system. It regulates the security interface between any two systems operating under two different distinct authorities. It includes a variety of descriptive, technical, procedural, and planning information. It is usually preceded by a formal MOA/MOU that defines high- level roles and responsibilities in management of a cross-domain connection. https://csrc.nist.gov/glossary/term/interconnection_security_agreement

• Question 609:

  Which of the following incident response steps involves actions to protect critical systems while maintaining business operations?

  A. Investigation
  B. Containment
  C. Recovery
  D. Lessons learned
  B. Containment

• Question 610:

  Following a prolonged datacenter outage that affected web-based sales, a company has decided to move its operations to a private cloud solution. The security team has received the following requirements:

  1.

  There must be visibility into how teams are using cloud-based services.

  2.

  The company must be able to identify when data related to payment cards is being sent to the cloud.

  3.

  Data must be available regardless of the end user's geographic location

  4.

  Administrators need a single pane-of-glass view into traffic and trends.

  Which of the following should the security analyst recommend?

  A. Create firewall rules to restrict traffic to other cloud service providers.
  B. Install a DLP solution to monitor data in transit.
  C. Implement a CASB solution.
  D. Configure a web-based content filter.
  C. Implement a CASB solution.

  ---

  All things point to CLOUD which equals CASB private cloud solution. The security team has received the following requirements: 1. how teams are using cloud-based services. 2. identify when data related to payment cards is being sent to the cloud. 3. single pane-of-glass view into traffic and trends.