CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 631:

  Which of the following is an algorithm performed to verify that data has not been modified?

  A. Hash
  B. Code check
  C. Encryption
  D. Checksum
  A. Hash

• Question 632:

  A security analyst is assessing a new y developed web application by testing SQL injection, CSRF, and XML injection. Which of the follow ng frameworks should the analyst consider?

  A. ISO
  B. MITRE ATTandCK
  C. OWASP
  D. NIST
  C. OWASP

• Question 633:

  The Chief Information Security Officer of an organization needs to ensure recovery from ransomware would likely occur within the organization's agreed-upon RPOs and RTOs. Which of the following backup scenarios would best ensure recovery?

  A. Hourly differential backups stored on a local SAN array
  B. Daily full backups stored on premises in magnetic offline media
  C. Daily differential backups maintained by a third-party cloud provider
  D. Weekly full backups with daily incremental stored on a NAS drive
  D. Weekly full backups with daily incremental stored on a NAS drive

• Question 634:

  Field workers in an organization are issued mobile phones on a daily basis All the work is performed within one city and the mobile phones are not used for any purpose other than work The organization does not want these pnones used for personal purposes. The organization would like to issue the phones to workers as permanent devices so the pnones do not need to be reissued every day Qven the conditions described, which of the following technologies would BEST meet these requirements'

  A. Geofencing
  B. Mobile device management
  C. Containenzation
  D. Remote wiping
  B. Mobile device management

  ---

  MDM is the best solution here, Company wants to issue a COBO device therefore no containerization < - tailored to BYOD Geofencing and remote wiping are capabilites that are provided by an MDM solution

• Question 635:

  Which of the following is an example of risk avoidance?

  A. Installing security updates directly in production to expedite vulnerability fixes
  B. Buying insurance to prepare for financial loss associated with exploits
  C. Not installing new software to prevent compatibility errors
  D. Not taking preventive measures to stop the theft of equipment
  C. Not installing new software to prevent compatibility errors

• Question 636:

  A security auditor is reviewing vulnerability scan data provided by an internal security team. Which of the following BEST indicates that valid credentials were used?

  A. The scan results show open ports, protocols, and services exposed on the target host
  B. The scan enumerated software versions of installed programs
  C. The scan produced a list of vulnerabilities on the target host
  D. The scan identified expired SSL certificates
  B. The scan enumerated software versions of installed programs

  ---

  Explanation Explanation/Reference:To get the inside information you need to login = needs credentials

• Question 637:

  A global pandemic is forcing a private organization to close some business units and reduce staffing at others. Which of the following would be BEST to help the organization's executives determine the next course of action?

  A. An incident response plan
  B. A communications plan
  C. A disaster recovery plan
  D. A business continuity plan
  D. A business continuity plan

  ---

  Business continuity may be defined as "the capability of an organization to continue the delivery of products or services at pre-defined acceptable levels following a disruptive incident",[1] and business continuity planning [2][3] (or business continuity and resiliency planning) is the process of creating systems of prevention and recovery to deal with potential threats to a company.[4] In addition to prevention, the goal is to enable ongoing operations before and during execution of disaster recovery.[5] Business continuity is the intended outcome of proper execution of both business continuity planning and disaster recovery.

• Question 638:

  After reluming from a conference, a user's laptop has been operating slower than normal and overheating and the fans have been running constantly Dunng the diagnosis process, an unknown piece of hardware is found connected to the laptop's motherboard

  Which of the following attack vectors was exploited to install the hardware?

  A. Removable media
  B. Spear phishing
  C. Supply chain
  D. Direct access
  D. Direct access

  ---

  DIRECT-ACCESS ATTACKS A direct-access attack is simply gaining physical access to the targeted computer system. This would enable the attacker to damage the hardware and software, to install keyloggers, worms, viruses and covert listening devices or to manually copy sensitive information and data from the device. https://www.interelectronix.com/computer-security.html

• Question 639:

  A vulnerability assessment report will include the CVSS score of the discovered vulnerabilities because the score allows the organization to better.

  A. validate the vulnerability exists in the organization's network through penetration testing
  B. research the appropriate mitigation techniques in a vulnerability database
  C. find the software patches that are required to mitigate a vulnerability
  D. prioritize remediation of vulnerabilities based on the possible impact.
  D. prioritize remediation of vulnerabilities based on the possible impact.

  ---

  The Common Vulnerability Scoring System (CVSS) is a free and open industry standard for assessing the severity of computer system security vulnerabilities. CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threat https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System

• Question 640:

  After installing a Windows server, a cybersecurity administrator needs to harden it, following security best practices. Which of the following will achieve the administrator's goal? (Select TWO).

  A. Disabling guest accounts
  B. Disabling service accounts
  C. Enabling network sharing
  D. Disabling NetBIOS over TCP/IP
  E. Storing LAN manager hash values
  F. Enabling NTLM
  A. Disabling guest accounts
  D. Disabling NetBIOS over TCP/IP

  ---

  Enabling NTLM is also part of the MS Checklist, but it's not part of the user account hardening but rather network security configuration.