CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 831:

  A network-connected magnetic resonance imaging (MRI) scanner at a hospital is controlled and operated by an outdated and unsupported specialized Windows OS. Which of the following is most likely preventing the IT manager at the hospital from upgrading the specialized OS?

  A. The time needed for the MRI vendor to upgrade the system would negatively impact patients.
  B. The MRI vendor does not support newer versions of the OS.
  C. Changing the OS breaches a support SLA with the MRI vendor.
  D. The IT team does not have the budget required to upgrade the MRI scanner.
  B. The MRI vendor does not support newer versions of the OS.

  ---

  This option is the most likely reason for preventing the IT manager at the hospital from upgrading the specialized OS. The MRI scanner is a complex and sensitive device that requires a specific OS to control and operate it. The MRI vendor may not have developed or tested newer versions of the OS for compatibility and functionality with the scanner. Upgrading the OS without the vendor's support may cause the scanner to malfunction or stop working altogether.

• Question 832:

  In which of the following risk management strategies would cybersecurity insurance be used?

  A. Transference
  B. Avoidance
  C. Acceptance
  D. Mitigation
  A. Transference

  ---

  Anything that talks about a company needing insurance will almost always be risk Transference.

• Question 833:

  In a rush to meet an end-of-year business goal, the IT department was told to implement a new business application. The security engineer reviews the attributes of the application and decides the time needed to perform due diligence is insufficient from a cybersecurity perspective. Which of the following BEST describes the security engineer's response?

  A. Risk tolerance
  B. Risk acceptance
  C. Risk importance
  D. Risk appetite
  A. Risk tolerance

  ---

  Their assessment indicates a lower tolerance for risk in terms of cybersecurity. They recognize that the allocated time isn't adequate to ensure proper cybersecurity measures, suggesting a reluctance to proceed without sufficient assurance of security. This aligns more closely with the concept of risk tolerance, indicating their unwillingness to take on the associated risks due to time constraints.

• Question 834:

  A Chief information Officer is concerned about employees using company-issued laptops to steal dala when accessing network shares

  Which of the following should the company implement?

  A. DLP
  B. CASB
  C. HIDS
  D. EDR
  E. UEFI
  A. DLP

• Question 835:

  A systems administrator is required to enforce MFA for corporate email account access, relying on the possession factor. Which of the following authentication methods should the systems administrator choose? (Choose two.)

  A. Passphrase
  B. Time-based one-time password
  C. Facial recognition
  D. Retina scan
  E. Hardware token
  F. Fingerprints
  B. Time-based one-time password
  E. Hardware token

• Question 836:

  A desktop computer was recently stolen from a desk located in the lobby of an office building. Which of the following would be the best way to secure a replacement computer and deter future theft?

  A. Installing proximity card readers on all entryway doors
  B. Deploying motion sensor cameras in the lobby
  C. Encrypting the hard drive on the new desktop
  D. Using cable locks on the hardware
  D. Using cable locks on the hardware

  ---

  Using cable locks on the hardware can be an effective way to secure a desktop computer and deter future theft. Cable locks are physical security devices that attach to the computer case and to a nearby stationary object, such as a desk or wall. This makes it more difficult for a thief to remove the computer without damaging it or attracting attention. Installing proximity card readers on all entryway doors can enhance physical security by limiting access to authorized individuals. Deploying motion sensor cameras in the lobby can also help deter theft by capturing images of any unauthorized individuals entering the premises or attempting to steal the computer. Encrypting the hard drive on the replacement desktop can also help protect sensitive data in the event of theft, but it does not provide physical security for the device itself.

• Question 837:

  Which of the following describes the exploitation of an interactive process to gain access to restncted areas?

  A. Persistence
  B. Buffer overflow
  C. Privilege escalation
  D. Pharming
  C. Privilege escalation

  ---

  Explanation Explanation/Reference:https://en.wikipedia.org/wiki/Privilege_escalation#:~:text=Privilege%20escalation%20is%20the%20act,from%20an%20application%20or%20user

• Question 838:

  A company wants to ensure that all employees in a given department are trained on each job role to help with employee burnout and continuity of business operations in the event an employee leaves the company. Which of the following should the company implement?

  A. Separation of duties
  B. Job rotation
  C. Mandatory vacations
  D. Least privilege
  B. Job rotation

• Question 839:

  Which of the following best describes a penetration test that resembles an actual external attack?

  A. Known environment
  B. Partially known environment
  C. Bug bounty
  D. Unknown environment
  D. Unknown environment

• Question 840:

  A company must ensure sensitive data at rest is rendered unreadable. Which of the following will the company most likely use?

  A. Hashing
  B. Tokenization
  C. Encryption
  D. Segmentation
  C. Encryption

  ---

  Encryption is the process of converting plaintext data into ciphertext using an algorithm and encryption key. It ensures that sensitive data stored at rest (e.g., on hard drives, databases, or storage devices) is rendered unreadable to unauthorized users or attackers. Only those with the appropriate decryption key can transform the ciphertext back into readable plaintext.