Back

Practice Free SY0-601 Exam Online Questions

Question #121

A systems administrator set up an automated process that checks for vulnerabilities across the entire environment every morning.

Which of the following activities is the systems administrator conducting?

  • A . Scanning
  • B . Alerting
  • C . Reporting
  • D . Archiving

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

Scanning is the activity of checking for vulnerabilities across the network, systems, or applications. It can be done manually or automatically using tools such as vulnerability scanners, port scanners, or network mappers. Scanning can help identify and remediate potential security issues before they are exploited.
Question #122

Following a recent security breach, an analyst discovered that user permissions were added when joining another part of the organization but were not removed from existing groups.

Which of the following policies would help to correct these issues in the future?

  • A . Service accounts
  • B . Account audits
  • C . Password complexity
  • D . Lockout policy

Reveal Solution Hide Solution

Correct Answer: B
Question #123

Which of the following is required in order (or an IDS and a WAF to be effective on HTTPS traffic?

  • A . Hashing
  • B . DNS sinkhole
  • C . TLS inspection
  • D . Data masking

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

TLS (Transport Layer Security) is a protocol that is used to encrypt data sent over HTTPS (Hypertext Transfer Protocol Secure). In order for an intrusion detection system (IDS) and a web application firewall (WAF) to be effective on HTTPS traffic, they must be able to inspect the encrypted traffic. TLS inspection allows the IDS and WAF to decrypt and inspect the traffic, allowing them to detect any malicious activity.

Reference: [1] CompTIA Security+ Study Guide Exam SY0-601 [1], Sixth Edition, Chapter 11, "Network Security Monitoring" [2] CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide, Chapter 7, "Intrusion Detection and Prevention"
Question #124

A Chief Information Officer is concerned about employees using company-issued laptops lo steal data when accessing network shares.

Which of the following should the company Implement?

  • A . DLP
  • B . CASB
  • C . HIDS
  • D . EDR
  • E . UEFI

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

The company should implement Data Loss Prevention (DLP) to prevent employees from stealing data when accessing network shares.

Reference: CompTIA Security+ Study Guide Exam SY0-601, Chapter 8
Question #125

An annual information security assessment has revealed that several OS-level configurations are not in compliance due to outdated hardening standards the company is using.

Which of the following would be best to use to update and reconfigure the OS-level security configurations?

  • A . CIS benchmarks
  • B . GDPR guidance
  • C . Regional regulations
  • D . ISO 27001 standards

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

CIS benchmarks are best practices and standards for securing various operating systems, applications, cloud environments, etc. They are developed by a community of experts and updated regularly to reflect the latest threats and vulnerabilities. They can be used to update and reconfigure the OS-level security configurations to ensure compliance and reduce risks.
Question #126

Which of the following environments utilizes a subset of customer data and is most likely to be used to assess the impacts of major system upgrades and demonstrate system features?

  • A . Development
  • B . b Test
  • C . Production
  • D . Staging

Reveal Solution Hide Solution

Correct Answer: D
Question #127

A company wants to begin taking online orders for products but has decided to outsource payment processing to limit risk.

Which of the following best describes what the company should request from the payment processor?

  • A . ISO 27001 certification documents
  • B . Proof of PCI DSS compliance
  • C . A third-party SOC 2 Type 2 report
  • D . Audited GDPR policies

Reveal Solution Hide Solution

Correct Answer: B
Question #128

An employee recently resigned from a company. The employee was responsible for managing and supporting weekly batch jobs over the past five years. A few weeks after the employee resigned, one of the batch jobs failed and caused a major disruption.

Which of the following would work best to prevent this type of incident from reoccurring?

  • A . Job rotation
  • B . Retention
  • C . Outsourcing
  • D . Separation of duties

Reveal Solution Hide Solution

Correct Answer: D
Question #129

A user would like to install software and features that are not available with a smartphone’s default software.

Which of the following would allow the user to install unauthorized software and enable new features?

  • A . SQLi
  • B . Cross-site scripting
  • C . Jailbreaking
  • D . Side loading

Reveal Solution Hide Solution

Correct Answer: C
Question #130

A security manager is implementing UFA and patch management.

Which of the following would best describe the control Type and category? (Select two).

  • A . Physical
  • B . Managerial
  • C . Detective
  • D . Administrative
  • E . Preventative
  • F . Technical

Reveal Solution Hide Solution

Correct Answer: D, F