Practice Free SY0-601 Exam Online Questions
A company is concerned about individuals dnvmg a car into the building to gam access.
Which of the following security controls would work BEST to prevent this from happening?
- A . Bollard
- B . Camera
- C . Alarms
- D . Signage
- E . Access control vestibule
A
Explanation:
A bollard would work best to prevent individuals from driving a car into the building. A bollard is a short, vertical post that can be used to block vehicles from entering a designated area. It is specifically designed to stop cars from crashing into buildings or other structures.
Which of the following should a security operations center use to improve.
Which of the following access controls is most likely inhibiting the transfer?
- A . Attribute-based
- B . Time of day
- C . Role-based
- D . Least privilege
A systems administrator works for a local hospital and needs to ensure patient data is protected and secure.
Which of the following data classifications should be used to secure patient data?
- A . Private
- B . Critical
- C . Sensitive
- D . Public
A systems administrator works for a local hospital and needs to ensure patient data is protected and secure.
Which of the following data classifications should be used to secure patient data?
- A . Private
- B . Critical
- C . Sensitive
- D . Public
Which of the following actions could a security engineer take to ensure workstations and servers are properly monitored for unauthorized changes and software?
- A . Configure all systems to log scheduled tasks.
- B . Collect and monitor all traffic exiting the network.
- C . Block traffic based on known malicious signatures.
- D . Install endpoint management software on all systems
A penetration tester begins an engagement by performing port and service scans against the client environment according to the rules of engagement.
Which of the following reconnaissance types is the tester performing?
- A . Active
- B . Passive
- C . Defensive
- D . Offensive
Which of the following is a solution that can be used to stop a disgruntled employee from copying confidential data to a USB drive?
- A . DLP
- B . TLS
- C . AV
- D . IDS
A
Explanation:
DLP stands for data loss prevention, which is a set of tools and processes that aim to prevent unauthorized access, use, or transfer of sensitive data. DLP can help mitigate the risk of data exfiltration by disgruntled employees or external attackers by monitoring and controlling data flows across endpoints, networks, and cloud services. DLP can also detect and block attempts to copy, transfer, or upload sensitive data to a USB drive or other removable media based on predefined policies and rules.
Reference:
https://www.comptia.org/certifications/security#examdetails
https://www.comptia.org/content/guides/comptia-security-sy0-601-exam-objectives
https://www.microsoft.com/en-us/security/business/security-101/what-is-data-loss-prevention-dlp
A security team is reviewing the findings in a report that was delivered after a third party performed a penetration test. One of the findings indicated that a web application form field is vulnerable to cross-site scripting.
Which of the following application security techniques should the security analyst recommend the developer implement to prevent this vulnerability?
- A . Secure cookies
- B . Version control
- C . Input validation
- D . Code signing
A security team is engaging a third-party vendor to do a penetration test of a new proprietary application prior to its release.
Which of the following documents would the third-party vendor most likely be required to review and sign?
- A . SLA
- B . NDA
- C . MOU
- D . AUP
B
Explanation:
NDA stands for Non-Disclosure Agreement, which is a legal contract that binds the parties to keep confidential information secret and not to disclose it to unauthorized parties. A third-party vendor who is doing a penetration test of a new proprietary application would most likely be required to review and sign an NDA to protect the intellectual property and trade secrets of the security team.
A systems administrator would like to set up a system that will make it difficult or impossible to deny that someone has performed an action.
Which of the following is the administrator trying to accomplish?
- A . Non-repudiation
- B . Adaptive identity
- C . Security zones
- D . Deception and disruption