CompTIA CompTIA Certifications SY0-601 Questions & Answers

• Question 641:

  An organization is concerned that is hosted web servers are not running the most updated version of the software. Which of the following would work BEST to help identify potential vulnerabilities?

  A. Hping3 -s comptia, org - 80

  B. Nc -1 -v comptia, org -p 80

  C. nmp comptia, org -p 80 -aV

  D. nslookup -port=80 comtia.org

  Correct Answer: C

  is used to discover hosts and services on a computer network by sending packets and analyzing the responses. Nmap provides a number of features for probing computer networks, including host discovery and service and operating system detection.

• Question 642:

  A company provides mobile devices to its users to permit access to email and enterprise applications. The company recently started allowing users to select from several different vendors and device models. When configuring the MDM, which of the following is a key security implication of this heterogeneous device approach?

  A. The most common set of MDM configurations will become the effective set of enterprise mobile security controls.

  B. All devices will need to support SCEP-based enrollment; therefore, the heterogeneity of the chosen architecture may unnecessarily expose private keys to adversaries.

  C. Certain devices are inherently less secure than others, so compensatory controls will be needed to address the delta between device vendors.

  D. MDMs typically will not support heterogeneous deployment environments, so multiple MDMs will need to be installed and configured.

  Correct Answer: C

  A. incorrect, there cannot be a "common" configuration profile applied to different vendor devices, each device vendor will need a different profile configured for it. B. incorrect, SCEP-based is the most common type of enrollment, if this were true, all MDM certificates would unnecessarily be exposed.

  C. correct, the compensating control would be a baseline mdm profile for each vendor (IOS, Android, Samsung, etc.)

  D. incorrect, MDMs do in fact support heterogeneous deployments, minimum most MDM's will support IOS and Android.

  Device enrollment with Intune https://docs.microsoft.com/en-us/mem/intune/user-help/use-managed-devices-to-get-work-done

  SCEP Information https://docs.microsoft.com/en-us/mem/intune/protect/certificates-configure

• Question 643:

  Which of the following is used to ensure that evidence is admissible in legal proceedings when it is collected and provided to the authorities?

  A. Chain of custody

  B. Legal hold

  C. Event log

  D. Artifacts

  Correct Answer: A

  A chain of custody is a chronological paper trail documenting when, how, and by whom individual items of physical or electronic evidence--such as cell phone logs--were collected, handled, analyzed, or otherwise controlled during an investigation.

• Question 644:

  A security analyst has been tasked with finding the maximum amount of data loss that can occur before ongoing business operations would be impacted. Which of the following terms BEST defines this metric?

  A. MTTR

  B. RTO

  C. RPO

  D. MTBF

  Correct Answer: C

• Question 645:

  Which of the following is the FIRST environment in which proper, secure coding should be practiced?

  A. Stage

  B. Development

  C. Production

  D. Test

  Correct Answer: B

  The developer has to start writing secure code from beginning itself. Which will then be tested, staged and finally production

• Question 646:

  A user reports falling for a phishing email to an analyst. Which of the following system logs would the analyst check FIRST?

  A. DNS

  B. Message gateway

  C. Network

  D. Authentication

  Correct Answer: A

• Question 647:

  A security analyst is reviewing web-application logs and finds the following log:

  

  Which of the following attacks is being observed?

  A. Directory traversal

  B. XSS

  C. CSRF

  D. On-path attack

  Correct Answer: A

• Question 648:

  The Chief information Security Officer wants to prevent exfilitration of sensitive information from employee cell phones when using public USB power charging stations. Which of the following would be the Best solution to implement?

  A. DLP

  B. USB data blocker

  C. USB OTG

  D. Disabling USB ports

  Correct Answer: B

  A USB data blocker prevents attackers from infecting a device with malware or stealing data.

  When charging your phone in locations such as airports, or other unknown power sources, the use of a USB data blocker protects the phone but allows it to charge

• Question 649:

  Which of the following is a risk that is specifically associated with hosting applications in the public cloud?

  A. Unsecured root accounts

  B. Zero--day

  C. Shared tenancy

  D. Insider threat

  Correct Answer: C

  A risk that is specifically associated with hosting applications in the public cloud is shared tenancy. Shared tenancy refers to the practice of multiple customers sharing the same physical infrastructure in a cloud environment. This can create security risks, as the actions of one customer can potentially impact the security and performance of other customers on the same infrastructure. Options A, B, and D are not specifically associated with hosting applications in the public cloud, although they can be potential risks in any computing environment.

• Question 650:

  Which of the following concepts BEST describes tracking and documenting changes to software and managing access to files and systems?

  A. Version control

  B. Continuous monitoring

  C. Stored procedures

  D. Automation

  Correct Answer: A

  Version control, also known as source control, is the process of tracking and managing changes to files over time. VCS -- version control systems -- are software tools designed to help teams work in parallel. https://www.perforce.com/blog/vcs/what-is-version-control