CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 711:

  A company is launching a new internet platform for its clients. The company does not want to implement its own authorization solution but instead wants to rely on the authorization provided by another platform. Which of the following is the BEST approach to implement the desired solution?

  A. OAuth
  B. TACACS+
  C. SAML
  D. RADIUS
  C. SAML

  ---

  OAuth is an AUTHORIZATION protocol, not an authentication protocol. "Determines what resources a user will be able to access. Twitter/Google/Facebook login on 3rd party sites" - Prof Messer SAML is a secure authentication and authorization system that uses third parties SAML is authentication OAuth is authorization, not authentication SSO is the process PAP is a password-based authentication protocol

• Question 712:

  Which of tre following would BEST identity and remediate a catatoss event in an enterprise using third-pany, web-based services and file-sharing platanmns?

  A. SIEM
  B. CASE
  C. UTM
  D. EDR
  B. CASE

• Question 713:

  An attacker is targeting a company. The attacker notices that the company's employees frequently access a particular website. The attacker decides to infect the website with malware and hopes the employees' devices will also become infected. Which of the following techniques is the attacker using?

  A. Watering-hole attack
  B. Pretexting
  C. Typosquatting
  D. Impersonation
  A. Watering-hole attack

  ---

  a watering hole attack is a form of cyberattack that targets a specific group of users by infecting websites that they commonly visit123. The attacker seeks to compromise the user's computer and gain access to the network at the user's workplace or personal data123. The attacker observes the websites often visited by the victim or the group and infects those sites with malware14 . The attacker may also lure the user to a malicious site 4. A watering hole attack is difficult to diagnose and poses a significant threat to websites and users2 .

• Question 714:

  A security team created a document that details the order in which critical systems should be brought back online after a major outage. Which of the following documents did the team create?

  A. Communication plan
  B. Incident response plan
  C. Data retention policy
  D. Disaster recovery plan
  D. Disaster recovery plan

  ---

  Explanation Explanation/Reference:

• Question 715:

  A technician is setting up a new firewall on a network segment to allow web traffic to the internet while hardening the network. After the firewall is configured, users receive errors stating the website could not be located. Which of the following would best correct the issue?

  A. Setting an explicit deny to all traffic using port 80 instead of 443
  B. Moving the implicit deny from the bottom of the rule set to the top
  C. Configuring the first line in the rule set to allow all traffic
  D. Ensuring that port 53 has been explicitly allowed in the rule set
  D. Ensuring that port 53 has been explicitly allowed in the rule set

• Question 716:

  Which of the following typically uses a combination of human and artificial intelligence to analyze event data and take action without intervention?

  A. TTP
  B. OSINT
  C. SOAR
  D. SIEM
  C. SOAR

  ---

  Explanation Explanation/Reference:What is SOAR? SOAR collects data and alerts security teams using a centralized platform similar to SIEM, but SIEM only sends alerts to security analysts. SOAR security, on the other hand, takes it a step further by automating the responses. It uses artificial intelligence (AI) to learn pattern behaviors, which enable it to predict similar threats before they happen. This makes it easier for IT security staff to detect and address threats. https://www.fortinet.com/resources/cyberglossary/what-is-soar

• Question 717:

  A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices. Which of the following technologies would be BEST to balance the BYOD culture while also protecting the company's data?

  A. Containerization
  B. Geofencing
  C. Full-disk encryption
  D. Remote wipe
  A. Containerization

• Question 718:

  A network engineer created two subnets that will be used for production and development servers. Per security policy, production and development servers must each have a dedicated network that cannot communicate with one another directly.

  Which of the following should be deployed so that server administrators can access these devices?

  A. VLANS
  B. Internet proxy servers
  C. NIDS
  D. Jump servers
  D. Jump servers

  ---

  Explanation Explanation/Reference:A jump server, jump host or jump box is a system on a network used to access and manage devices in a separate security zone. A jump server is a hardened and monitored device that spans two dissimilar security zones and provides a controlled means of access between them

• Question 719:

  A network engineer at a company with a web server is building a new web environment with the following requirements:

  1.

  Only one web server at a time can service requests.

  2.

  If the primary web server fails, a failover needs to occur to ensure the secondary web server becomes the primary.

  Which of the following load-balancing options BEST fits the requirements?

  A. Cookie-based
  B. Active-passive
  C. Persistence
  D. Round robin
  A. Cookie-based

• Question 720:

  Given the following snippet of Python code:

  

  Which of the following types of malware MOST likely contains this snippet?

  A. Logic bomb
  B. Keylogger
  C. Backdoor
  D. Ransomware
  B. Keylogger