Practice Free SY0-601 Exam Online Questions
A company has hired an assessment team to test the security of the corporate network and employee vigilance. Only the Chief Executive Officer and Chief Operating Officer are aware of this exercise, and very little information has been provided to the assessors.
Which of the following is taking place?
- A . A red-team test
- B . A white-team test
- C . A purple-team test
- D . A blue-team test
A
Explanation:
A red-team test is a type of security assessment that simulates a real-world attack on an organization’s network, systems, applications, and people. The goal of a red-team test is to evaluate the organization’s security posture, identify vulnerabilities and gaps, and test the effectiveness of its detection and response capabilities. A red-team test is usually performed by a group of highly skilled security professionals who act as adversaries and use various tools and techniques to breach the organization’s defenses. A red-team test is often conducted without the knowledge or consent of most of the organization’s staff, except for a few senior executives who authorize and oversee the exercise.
Reference:
https://www.comptia.org/certifications/security#examdetails
https://www.comptia.org/content/guides/comptia-security-sy0-601-exam-objectives
https://cybersecurity.att.com/blogs/security-essentials/what-is-red-teaming
An organization wants to reduce the likelihood that a data breach could result in reputational. financial, or regulatory consequences. The organization needs an enterprise-wide solution that does not require new technology or specialized roles.
Which of the following describes the best way to achieve these goals?
- A . Developing a process where sensitive data is converted to non-sensitive values such as a token
- B . Masking identifiable information so the data cannot be traced back to a specific user
- C . Incorporating the principle of data minimization throughout business processes
- D . Requiring users and customers to consent to the processing of their information
Which of the following best describes an environment where a business owns the application and operating system but requires the resources to host them in the cloud?
- A . laaS
- B . XaaS
- C . PaaS
- D . SaaS
An organization is moving away from the use of client-side and server-side certificates for EAR The company would like for the new EAP solution to have the ability to detect rogue access points.
Which of the following would accomplish these requirements?
- A . PEAP
- B . EAP-FAST
- C . EAP-TLS
- D . EAP-TTLS
B
Explanation:
EAP-FAST (Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling) supports mutual authentication and is designed to simplify the deployment of strong, password-based authentication. EAP-FAST includes a mechanism for detecting rogue access points.
Reference: CompTIA Security+ Study Guide Exam SY0-601, Chapter 4
A security team discovered a large number of company-issued devices with non-work-related software installed.
Which of the following policies would most likely contain language that would prohibit this activity?
- A . NDA
- B . BPA
- C . AUP
- D . SLA
C
Explanation:
AUP stands for acceptable use policy, which is a document that defines the rules and guidelines for using an organization’s network, systems, devices, and resources. An AUP typically covers topics such as authorized and unauthorized activities, security requirements, data protection, user responsibilities, and consequences for violations. An AUP can help prevent non-work-related software installation on company-issued devices by clearly stating what types of software are allowed or prohibited, and what actions will be taken if users do not comply with the policy.
Reference: https://www.comptia.org/certifications/security#examdetails https://www.comptia.org/content/guides/comptia-security-sy0-601-exam-objectives https://www.techopedia.com/definition/2471/acceptable-use-policy-aup
Which of the following would be best suited for constantly changing environments?
- A . RTOS
- B . Containers
- C . Embedded systems
- D . SCADA
An organization with high security needs is concerned about unauthorized exfiltration of data via Wi-Fi from within a secure facility.
Which of the following security controls should the company implement?
- A . Air-gapped network
- B . Faraday cage
- C . Screened subnet
- D . 802.1X certificates
A cybersecurity incident response team at a large company receives notification that malware is present on several corporate desktops. No known indicators of compromise have been found on the network.
Which of the following should the team do first to secure the environment?
- A . Contain the impacted hosts.
- B . Add the malware to the application blocklist.
- C . Segment the core database server.
- D . Implement firewall rules to block outbound beaconing.
A web application for a bank displays the following output when showing details about a customer’s bank account:
Which of the following techniques is most likely implemented in this web application?
- A . Data minimization
- B . Data scrambling
- C . Data masking
- D . Anonymization
Which of the technologies is used to actively monitor for specific file types being transmitted on the network?
- A . File integrity monitoring
- B . Honeynets
- C . Tcpreplay
- D . Data loss prevention
D
Explanation:
Data loss prevention (DLP) is a technology used to actively monitor for specific file types being transmitted on the network. DLP solutions can prevent the unauthorized transfer of sensitive information, such as credit card numbers and social security numbers, by monitoring data in motion.
Reference: CompTIA Security+ Study Guide, Exam SY0-601, 4th Edition, Chapter 2: Technologies and Tools, pp. 99-102.