CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 891:

  A Chief Information Officer is concerned about employees using company-issued laptops lo steal data when accessing network shares. Which of the following should the company Implement?

  A. DLP
  B. CASB
  C. HIDS
  D. EDR
  E. UEFI
  A. DLP

  ---

  Chmod removes the setuido permission, that is, it removes the S bit. Setuido is the specific permission, but it is removed with Chmod. https://www.cbtnuggets.com/blog/technology/system-admin/linux-file-permissions-understanding-setuid-setgid-and-the-sticky-bit

• Question 892:

  An engineer wants to access sensitive data from a corporate-owned mobile device. Personal data is not allowed on the device. Which of the following MDM configurations must be considered when the engineer travels for business?

  A. Screen locks
  B. Application management
  C. Geofencing
  D. Containerization
  A. Screen locks

  ---

  Explanation Explanation/Reference:" access sensitive data from a corporate-owned mobile device" screen locks is MORE important that geofencing in this case..

• Question 893:

  A security administrator Installed a new web server. The administrator did this to increase the capacity (or an application due to resource exhaustion on another server. Which of the following algorithms should the administrator use to split the number of the connections on each server In half?

  A. Weighted response
  B. Round-robin
  C. Least connection
  D. Weighted least connection
  B. Round-robin

  ---

  The administrator should use a round-robin algorithm to split the number of connections on each server in half. Round-robin is a load-balancing algorithm that distributes incoming requests to the available servers one by one in a cyclical order. This helps to evenly distribute the load across all of the servers, ensuring that no single server is overloaded.

• Question 894:

  A business operations manager is concerned that a PC that is critical to business operations will have a costly hardware failure soon. The manager is looking for options to continue business operations without incurring large costs.

  Which of the following would mitigate the manager's concerns?

  A. Implement a full system upgrade
  B. Perform a physical-to-virtual migration
  C. Install uninterruptible power supplies
  D. Purchase cybersecurity insurance
  B. Perform a physical-to-virtual migration

  ---

  A Physical to virtual migration (P2V), is the migration of physical machines to virtual machines. Converting the PC to a VM temporarily will allow the PC to continue to its operations on a different host. The other options would require that PC be turned off so the organization would not have access to its function.

• Question 895:

  A government organization is developing an advanced Al defense system. Developers are using information collected from third-party providers. Analysts are noticing inconsistencies in the expected progress of the Al learning and attribute the outcome to a recent attack on one of the suppliers. Which of the following is the most likely reason for the inaccuracy of the system?

  A. Improper algorithms security
  B. Tainted training data
  C. Fileless virus
  D. Cryptomalware
  B. Tainted training data

  ---

  Tainted training data refers to the situation where the data used to train the AI system is corrupted or influenced by malicious actors. In this case, the third-party providers might have provided data that was compromised or manipulated by attackers, leading to inconsistencies in the expected progress of the AI learning. If the training data contains incorrect or malicious information, the AI system's ability to accurately detect and defend against threats can be compromised. This is a common challenge in AI development, and ensuring the integrity and security of the training data is crucial to building effective AI defense systems.

• Question 896:

  A Chief Information Officer receives an email stating a database will be encrypted within 24 hours unless a payment of $20,000 is credited to the account mentioned In the email. This BEST describes a scenario related to:

  A. whaling.
  B. smishing.
  C. spear phishing
  D. vishing
  C. spear phishing

• Question 897:

  Which of the following Gieuster recovery tests ie the LEAST time coneuntng for tie easier recovery tearm?

  A. Tabletop
  B. Parallel
  C. Full interruption
  D. Simulation
  A. Tabletop

• Question 898:

  A security analyst needs to implement security features across smartphones, laptops, and tablets. Which of the following would be the MOST effective across heterogeneous platforms?

  A. Enforcing encryption
  B. Deploying GPOs
  C. Removing administrative permissions
  D. Applying MDM software
  D. Applying MDM software

  ---

  MDM stands for Mobile Device Management, is software that assists in the implementation of the process of managing, monitoring, and securing several mobile devices such as tablets, smartphones, and laptops used in the organization to access the corporate information.

• Question 899:

  A company recently enhanced mobile device configuration by implementing a set of security controls: biometrics, context-aware authentication, and full device encryption. Even with these settings in place, an unattended phone was used by a malicious actor to access corporate data.

  Which of the following additional controls should be put in place first?

  A. GPS tagging
  B. Remote wipe
  C. Screen lock timer
  D. SEAndroid
  B. Remote wipe

• Question 900:

  Which of the following types of data are most likely to be subject to regulations and laws? (Choose two.)

  A. PHI
  B. Trade secrets
  C. Proprietary
  D. OSINT
  E. PII
  F. Public
  A. PHI
  E. PII