CompTIA CompTIA Certifications SY0-601 Questions & Answers

• Question 791:

  A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts.

  Which of the following security practices would have addressed the issue?

  A. A non-disclosure agreement

  B. Least privilege

  C. An acceptable use policy

  D. Ofboarding

  Correct Answer: D

• Question 792:

  Which of the following would be the BEST resource for a software developer who is looking to improve secure coding practices for web applications?

  A. OWASP

  B. Vulnerability scan results

  C. NIST CSF

  D. Third-party libraries

  Correct Answer: A

• Question 793:

  A company is launching a new internet platform for its clients. The company does not want to implement its own authorization solution but instead wants to rely on the authorization provided by another platform. Which of the following is the BEST approach to implement the desired solution?

  A. OAuth

  B. TACACS+

  C. SAML

  D. RADIUS

  Correct Answer: C

  OAuth is an AUTHORIZATION protocol, not an authentication protocol. "Determines what resources a user will be able to access. Twitter/Google/Facebook login on 3rd party sites" - Prof Messer SAML is a secure authentication and authorization system that uses third parties

  SAML is authentication OAuth is authorization, not authentication SSO is the process PAP is a password-based authentication protocol

• Question 794:

  A network engineer notices the VPN concentrator overloaded and crashes on days when there are a lot of remote workers. Senior management has placed greater importance on the availability of VPN resources for the remote workers than the security of the end users' traffic.

  Which of the following would be BEST to solve this issue?

  A. iPSec

  B. Always On

  C. Split tunneling

  D. L2TP

  Correct Answer: B

• Question 795:

  A development team employs a practice of bringing all the code changes from multiple team members into the same development project through automation. A tool is utilized to validate the code and track source code through version control. Which of the following BEST describes this process?

  A. Continuous delivery

  B. Continuous integration

  C. Continuous validation

  D. Continuous monitoring

  Correct Answer: B

  continuous integration is managing all versions of a code base and integrating them.

• Question 796:

  A security analyst discovers that a company's username and password database was posted on an Internet forum. The username and passwords are stored in plain text. Which of the following would mitigate the damage done by this type of

  data exfiltration in the future?

  A. Create DLP controls that prevent documents from leaving the network

  B. Implement salting and hashing

  C. Configure the web content filter to block access to the forum.

  D. Increase password complexity requirements

  Correct Answer: B

• Question 797:

  The Chief Executive Officer (CEO) of an organization would like staff members to have the flexibility to work from home anytime during business hours, including during a pandemic or crisis. However, the CEO is concerned that some staff members may take advantage of the flexibility and work from high-risk countries while on holiday or outsource work to a third-party organization in another country. The Chief Information Officer (CIO) believes the company can implement some basic controls to mitigate the majority of the risk. Which of the following would be BEST to mitigate the CEO's concerns? (Choose two.)

  A. Geolocation

  B. Time-of-day restrictions

  C. Certificates

  D. Tokens

  E. Geotagging

  F. Role-based access controls

  Correct Answer: AB

• Question 798:

  In the middle of a cyberattack, a security engineer removes the infected devices from the network and locks down all compromised accounts. In which of the following incident response phases is the security engineer currently operating?

  A. Identification

  B. Preparation

  C. Eradiction

  D. Recovery

  E. Containment

  Correct Answer: E

  Isolation involves removing affected components from any environment the greater one. This can be anything from removing the server from the network after become the target of DoS attacks, to the point of placing applications in a VM sandbox outside the environment where the host usually runs. Whatever the situation, you'll want to make sure you don't there is another Interface between the affected component and the production network or the Internet.

• Question 799:

  Law enforcement officials sent a company a notification that states electronically stored information and paper documents cannot be destroyed. Which of the following explains this process?

  A. Data breach notification

  B. Accountability

  C. Legal hald

  D. Chain of custody

  Correct Answer: C

  A legal hold is a process in which an organization is required to preserve all relevant electronically stored information (ESI) and paper documents that may be related to a pending or anticipated legal action. It is typically initiated by law enforcement or legal authorities when there is an investigation, lawsuit, or audit involving the organization. During a legal hold, the organization is prohibited from destroying or altering any potentially relevant data or documents to ensure that evidence is preserved and available for the legal process.

• Question 800:

  An information security incident recently occurred at an organization, and the organization was required to report the incident to authorities and notify the affected parties. When the organization's customers became of aware of the incident, some reduced their orders or stopped placing orders entirely. Which of the following is the organization experiencing?

  A. Reputation damage

  B. Identity theft

  C. Anonymlzation

  D. Interrupted supply chain

  Correct Answer: A