CompTIA CompTIA Certifications SY0-601 Questions & Answers

• Question 761:

  The IT department's on-site developer has been with the team for many years. Each time an application is released, the security team is able to identify multiple vulnerabilities. Which of the following would BEST help the team ensure the application is ready to be released to production?

  A. Limit the use of third-party libraries.

  B. Prevent data exposure queries.

  C. Obfuscate the source code.

  D. Submit the application to QA before releasing it.

  Correct Answer: D

• Question 762:

  An end user reports a computer has been acting slower than normal for a few weeks. During an investigation, an analyst determines the system is sending the user's email address and a ten-digit number to an IP address once a day. The only recent log entry regarding the user's computer is the following:

  

  Which of the following is the MOST likely cause of the issue?

  A. The end user purchased and installed a PUP from a web browser

  B. A bot on the computer is brute forcing passwords against a website

  C. A hacker is attempting to exfiltrate sensitive data

  D. Ransomware is communicating with a command-and-control server

  Correct Answer: A

• Question 763:

  A company has determined that if its computer-based manufacturing is not functioning for 12 consecutive hours, it will lose more money that it costs to maintain the equipment. Which of the following must be less than 12 hours to maintain a positive total cost of ownership?

  A. MTBF

  B. RPO

  C. RTO

  D. MTTR

  Correct Answer: D

  RTO- What company expects to be the max time = 12 hours MTTR - Actual time to repair it - less than 12 hours . What is the question - Which of the following must be less than 12 hours = MTTR

• Question 764:

  Which of the following would BEST identify and remediate a data-loss event in an enterprise using third-party, web-based services and file-sharing platforms?

  A. SIEM

  B. CASB

  C. UTM

  D. DLP

  Correct Answer: B

  Microsoft has a straightforward definition and it includes DLP. "is a security policy enforcement point positioned between enterprise users and cloud service providers" https://www.microsoft.com/en-us/security/business/security-101/what-is-acloud-access- security-broker-casb A cloud access security broker (CASB) works by securing data flowing to and from in- house IT architectures and cloud vendor environments using an organization's security policies. CASBs protect enterprise systems against cyberattacks through malware prevention and provide data security through encryption, making data streams unreadable to outside parties. CASBs were created with one thing in mind: protecting proprietary data stored in external, third-party media. CASBs deliver capabilities not generally available in traditional controls such as secure web gateways (SWGs) and enterprise firewalls. CASBs provide policy and governance concurrently across multiple cloud services and provide granular visibility into and control over user activities. https://www.forcepoint.com/cyber- edu/casb-cloud-access-security-broker

• Question 765:

  An organization has decided to host its web application and database in the cloud Which of the following BEST describes the security concerns for this decision?

  A. Access to the organization's servers could be exposed to other cloud-provider clients

  B. The cloud vendor is a new attack vector within the supply chain

  C. Outsourcing the code development adds risk to the cloud provider

  D. Vendor support will cease when the hosting platforms reach EOL.

  Correct Answer: B

• Question 766:

  An organization Chief information Security Officer a position that will be responsibles for implementing technical controls to protect data, include ensuring backups are properly maintained. Which of the following roles would MOST likely include these responsibilities?

  A. Data protection officer

  B. Data owner

  C. Backup administrator

  D. Data custodian

  E. Internal auditor

  Correct Answer: D

  Data Custodians The primary responsibilities of a data custodian are: Maintain physical and system security including physical security of servers and data user security as determined appropriate by the Data Trustees or Data Stewards. Ensure adequate system backups and disaster recovery plans.

  https://www.belmont.edu/oair/data-governance/role-data-custodians.html#:~:text=Data%20Custodiansandtext=The%20primary%20responsibilities%20of%20a,backups%20and%20disaster%20recovery%20plans.

• Question 767:

  A security analyst is looking for a solution to help communicate to the leadership team the seventy levels of the organization's vulnerabilities. Which of the following would BEST meet this need?

  A. CVE

  B. SIEM

  C. SOAR

  D. CVSS

  Correct Answer: D

  The Common Vulnerability Scoring System (CVSS) is a system widely used in vulnerability management programs. CVSS indicates the severity of an information security vulnerability, and is an integral component of many vulnerability scanning tools.

• Question 768:

  Recent changes to a company's BYOD policy require all personal mobile devices to use a two-factor authentication method that is not something you know or have. Which of the following will meet this requirement?

  A. Facial recognition

  B. Six-digit PIN

  C. PKI certificate

  D. Smart card

  Correct Answer: A

  Facial recognition is a form of biometric authentication, which falls under the "something you are" factor. It uses unique facial features to authenticate a user, making it a form of authentication that is based on physical characteristics rather than something you know (like a password) or have (like a smart card).

• Question 769:

  Which of the following organizational policies are MOST likely to detect fraud that is being conducted by existing employees? (Select TWO).

  A. Offboarding

  B. Mandatory vacation

  C. Job rotation

  D. Background checks

  E. Separation of duties

  F. Acceptable use

  Correct Answer: BC

• Question 770:

  A critical file server is being upgraded and the systems administrator must determine which RAID level the new server will need to achieve parity and handle two simultaneous disk failures. Which of the following RAID levels meets this requirements?

  A. RAID 0+1

  B. RAID 2

  C. RAID 5

  D. RAID 6

  Correct Answer: D

  RAID 6 is a fault-tolerant RAID level that provides dual parity, which means it can withstand the failure of two disks simultaneously without data loss. It is achieved by distributing two sets of parity information across the disks. This level of fault tolerance makes RAID 6 suitable for critical systems where data integrity and high availability are crucial.