CompTIA CompTIA Certifications SY0-601 Questions & Answers

• Question 721:

  A security analyst discovers several .jpg photos from a cellular phone during a forensics investigation involving a compromised system. The analyst runs a forensics tool to gather file metadata. Which of the following would be part of the images if all the metadata is still intact?

  A. The GPS location

  B. When the file was deleted

  C. The total number of print jobs

  D. The number of copies made

  Correct Answer: A

  A security analyst discovers several .jpg photos from a cellular phone during a forensics investigation involving a compromised system. The analyst runs a forensics tool to gather file metadata.

• Question 722:

  To reduce costs and overhead, an organization wants to move from an on-premises email solution to a cloud-based email solution. At this time, no other services will be moving. Which of the following cloud models would BEST meet the needs of the organization?

  A. MaaS

  B. laaS

  C. SaaS

  D. PaaS

  Correct Answer: C

  The key here (At this time, no other services will be moving.) means this organization is not fully adopting cloud infrastructure , there's no need to host servers as IaaS or Platfroms as PaaS etc .. they just want one application to be a cloud service, for example (Salesforce.com) which is a SaaS solution and that's it..

• Question 723:

  A company wants to deploy PKI on its Internet-facing website. The applications that are currently deployed are:

  1.

  www.company.com (main website)

  2.

  contactus.company.com (for locating a nearby location)

  3.

  quotes.company.com (for requesting a price quote)

  The company wants to purchase one SSL certificate that will work for all the existing applications and any future applications that follow the same naming conventions, such as store.company.com.

  Which of the following certificate types would BEST meet the requirements?

  A. SAN

  B. Wildcard

  C. Extended validation

  D. Self-signed

  Correct Answer: B

  Wildcard certificate would best meet the requirements.

  A wildcard certificate allows you to secure multiple subdomains with a single certificate. For example, a wildcard certificate for *.company.com could be used to secure www.company.com, contactus.company.com, quotes.company.com, and any other subdomains that follow the same naming conventions, such as store.company.com.

  A Subject Alternative Name (SAN) certificate is a type of certificate that allows you to secure multiple domain names with a single certificate. However, it does not allow you to secure subdomains in the same way that a wildcard certificate does. An extended validation (EV) certificate is a type of certificate that requires the issuing certificate authority (CA) to verify the identity of the organization before issuing the certificate. It is typically used to provide an additional level of trust to users visiting the website. A self-signed certificate is a certificate that is signed by the website owner instead of a trusted CA. It is not recommended for use on internet-facing websites because it lacks the credibility and trust associated with certificates issued by trusted CAs.

• Question 724:

  A security administrator suspects there may be unnecessary services running on a server. Which of the following tools will the administrator MOST likely use to confirm the suspicions?

  A. Nmap

  B. Wireshark

  C. Autopsy

  D. DNSEnum

  Correct Answer: A

• Question 725:

  Several employees have noticed other bystanders can clearly observe a terminal where passcodes are being entered, Which of the following can be eliminated with the use of a privacy screen?

  A. Shoulder surfing

  B. Spear phishing

  C. Impersonation attack

  D. Card cloning

  Correct Answer: A

  Shoulder surfing is when people see what you are doing, Eg inserting a pin into a terminal, by setting up a privacy screen, this is eliminated.

• Question 726:

  A security analyst sees the following log output while reviewing web logs:

  

  Which of the following mitigation strategies would be BEST to prevent this attack from being successful?

  A. Secure cookies

  B. Input validation

  C. Code signing

  D. Stored procedures

  Correct Answer: B

• Question 727:

  A public relations team will be taking a group of guests on a tour through the facility of a large e-commerce company. The day before the tour, the company sends out an email to employees to ensure all whiteboards are cleaned and all desks are cleared. The company is MOST likely trying to protect against:

  A. Loss of proprietary information

  B. Damage to the company's reputation

  C. Social engineering

  D. Credential exposure

  Correct Answer: A

• Question 728:

  A forensics examiner is attempting to dump password cached in the physical memory of a live system but keeps receiving an error message. Which of the following BEST describes the cause of the error?

  A. The examiner does not have administrative privileges to the system

  B. The system must be taken offline before a snapshot can be created

  C. Checksum mismatches are invalidating the disk image

  D. The swap file needs to be unlocked before it can be accessed

  Correct Answer: A

  A. The examiner does not have administrative privileges to the system - correct answer This is about RAM. If you want to examine pagefile you pull power plug out of the wall so the pagefile contents are not erased

• Question 729:

  An employee has been charged with fraud and is suspected of using corporate assets. As authorities collect evidence, and to preserve the admissibility of the evidence, which of the following forensic techniques should be used?

  A. Order of volatility

  B. Data recovery

  C. Chain of custody

  D. Non-repudiation

  Correct Answer: C

• Question 730:

  Under GDPR, which of the following is MOST responsible for the protection of privacy and website user rights?

  A. The data protection officer

  B. The data processor

  C. The data owner

  D. The data controller

  Correct Answer: D

  Data Owner and Data Controller are very similar concepts, but Data Controller is a GDPR term, and Data Owner isn't. The question specifically asks for a GDPR term.