CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 811:

  Which of the following BEST describes data streams that are compiled through artificial intelligence that provides insight on current cyberintrusions, phishing, and other malicious cyberactivity?

  A. Intelligence fusion
  B. Review reports
  C. Log reviews
  D. Threat feeds
  D. Threat feeds

• Question 812:

  A nationwide company is experiencing unauthorized logins at all hours of the day. The logins appear to originate from countries in which the company has no employees. Which of the following controls should the company consider using as part of its IAM strategy? (Select TWO).

  A. A complex password policy
  B. Geolocation
  C. An impossible travel policy
  D. Self-service password reset
  E. Geofencing
  F. Time-based logins
  A. A complex password policy
  B. Geolocation

• Question 813:

  A security administrator is seeking a solution to prevent unauthorized access to the internal network. Which of the following security solutions should the administrator choose?

  A. MAC filtering
  B. Anti-malware
  C. Translation gateway
  D. VPN
  D. VPN

  ---

  A VPN (virtual private network) is a secure tunnel used to encrypt traffic and prevent unauthorized access to the internal network. It is a secure way to extend a private network across public networks, such as the Internet, and can be used to allow remote users to securely access resources on the internal network. Additionally, a VPN can be used to prevent malicious traffic from entering the internal network.

• Question 814:

  A recent audit cited a risk involving numerous low-criticality vulnerabilities created by a web application using a third-party library. The development staff state there are still customers using the application even though it is end of life and it would be a substantial burden to update the application for compatibility with more secure libraries. Which of the following would be the MOST prudent course of action?

  A. Accept the risk if there is a clear road map for timely decommission
  B. Deny the risk due to the end-of-life status of the application.
  C. Use containerization to segment the application from other applications to eliminate the risk
  D. Outsource the application to a third-party developer group
  A. Accept the risk if there is a clear road map for timely decommission

  ---

  Explanation Explanation/Reference:Accept the risk if there is a clear road map for timely decommission. The audit found low-criticality vulnerabilities so, from the organization's perspective, it's not an issue that requires immediate attention. If the organization's understands the level of severity of the vulnerabilities and plans to decommission the application when they see fit, then that would be the most prudent(practical) action for them. There are still users that are using the application, so there should be time given to notify the users when it is time to decommission the application to minimize disruption.

• Question 815:

  Which of the following is a known security risk associated with data archives that contain financial information?

  A. Data can become a liability if archived longer than required by regulatory guidance
  B. Data must be archived off-site to avoid breaches and meet business requirements
  C. Companies are prohibited from providing archived data to e-discovery requests
  D. Unencrypted archives should be preserved as long as possible and encrypted
  A. Data can become a liability if archived longer than required by regulatory guidance

  ---

  Explanation Explanation/Reference:Data minimization has to be done to decrease liability

• Question 816:

  Which of the following is a risk that is specifically associated with hosting applications in the public cloud?

  A. Unsecured root accounts
  B. Zero day
  C. Shared tenancy
  D. Insider threat
  C. Shared tenancy

  ---

  A risk that is specifically associated with hosting applications in the public cloud is shared tenancy. Shared tenancy refers to the practice of multiple customers sharing the same physical infrastructure in a cloud environment. This can create security risks, as the actions of one customer can potentially impact the security and performance of other customers on the same infrastructure. Options A, B, and D are not specifically associated with hosting applications in the public cloud, although they can be potential risks in any computing environment.

• Question 817:

  A software company adopted the following processes before releasing software to production;

  1.

  Peer review

  2.

  Static code scanning

  3.

  Signing

  A considerable number of vulnerabilities are still being detected when code is executed on production Which of the following security tools can improve vulnerability detection on this environment?

  A. File integrity monitoring for the source code
  B. Dynamic code analysis tool
  C. Encrypted code repository
  D. Endpoint detection and response solution
  B. Dynamic code analysis tool

• Question 818:

  A company is receiving emails with links to phishing sites that look very similar to the company's own website address and content. Which of the following is the BEST way for the company to mitigate this attack?

  A. Create a honeynet to trap attackers who access the VPN with credentials obtained by phishing.
  B. Generate a list of domains similar to the company's own and implement a DNS sinkhole for each.
  C. Disable POP and IMAP on all Internet-facing email servers and implement SMTPS.
  D. Use an automated tool to flood the phishing websites with fake usernames and passwords.
  B. Generate a list of domains similar to the company's own and implement a DNS sinkhole for each.

  ---

  The best way for the company to mitigate this attack would be to implement a DNS sinkhole for domains similar to the company's own. A DNS sinkhole is a security measure that redirects traffic from known malicious or fraudulent websites to a safe location. By generating a list of domains similar to the company's own and setting up a DNS sinkhole for each, the company can prevent employees from accidentally accessing phishing websites that mimic the company's own domain. Other solutions such as disabling POP and IMAP on email servers, implementing SMTPS, or using an automated tool to flood phishing websites with fake credentials may also be effective, but a DNS sinkhole would be the most direct and effective way to prevent employees from accessing the phishing sites. Creating a honeynet would not be relevant in this scenario.

• Question 819:

  A network administrator has been alerted that web pages are experiencing long load times. After determining it is not a routing or DNS issue, the administrator logs in to the router, runs a command, and receives the following output:

  

  Which of the following is the router experiencing?

  A. DDoS attack
  B. Memory leak
  C. Buffer overflow
  D. Resource exhaustion
  D. Resource exhaustion

• Question 820:

  Which of the following is the MOST effective way to detect security flaws present on third- party libraries embedded on software before it is released into production?

  A. Employ different techniques for server- and client-side validations.
  B. Use a different version control system for third-party libraries.
  C. Implement a vulnerability scan to assess dependencies earlier on SDLC.
  D. Increase the number of penetration tests before software release.
  C. Implement a vulnerability scan to assess dependencies earlier on SDLC.

  ---

  The most effective way to detect security flaws present on third-party libraries embedded on software before it is released into production is to implement a vulnerability scan to assess dependencies earlier on the SDLC, or software development life cycle. A vulnerability scan is a type of security assessment that involves identifying and analyzing potential vulnerabilities in a system or application. By conducting a vulnerability scan earlier on in the SDLC, the development team can identify any security flaws in the third-party libraries before the software is released into production. This can help prevent security issues from being introduced into the production environment and ensure that the software is secure and compliant. Employing different techniques for server- and client-side validations, using a different version control system for third-party libraries, and increasing the number of penetration tests are not directly related to detecting security flaws in third-party libraries.