Practice Free SY0-601 Exam Online Questions
Which of the following would most likely include language prohibiting end users from accessing personal email from a company device?
- A . SLA
- B . BPA
- C . NDA
- D . AUP
D
Explanation:
AUP or Acceptable Use Policy is a document that defines the rules and guidelines for using a company’s IT resources, such as devices, networks, internet, email, etc. It usually includes language prohibiting end users from accessing personal email from a company device, as well as other activities that may compromise security or productivity1. https://www.thesecuritybuddy.com/governance-risk-and-compliance/what-are-sla-mou-bpa-and-nda/ 3: https://www.professormesser.com/security-plus/sy0-501/agreement-types/ 1: https://www.techopedia.com/definition/2471/acceptable-use-policy-aup
A security analyst wants to fingerprint a web server.
Which of the following tools will the security analyst MOST likely use to accomplish this task?
- A . nmap -pl-65535 192.168.0.10
- B . dig 192.168.0.10
- C . curl ―head http://192.168-0.10
- D . ping 192.168.0.10
A software development manager wants to ensure the authenticity of the code created by the company.
Which of the following options is the most appropriate?
- A . Testing input validation on the user input fields
- B . Performing code signing on company-developed software
- C . Performing static code analysis on the software
- D . Ensuring secure cookies are used
B
Explanation:
Code signing is a cryptographic process that allows software developers to digitally sign their code. This ensures that the code has not been tampered with since it was signed and that it came from a trusted source.
Testing input validation on the user input fields is important for preventing malicious code from being entered into a system. However, it does not address the authenticity of the code itself. Performing static code analysis on the software can help to identify security vulnerabilities. However, it cannot guarantee that the code has not been tampered with.
Ensuring secure cookies are used is important for preventing unauthorized access to user data.
However, it does not address the authenticity of the code itself.
Therefore, the most appropriate option to ensure the authenticity of the code created by the company is to perform code signing on the software. Here are some additional benefits of code signing:
✑ It can help to prevent malware from being installed on users’ computers.
✑ It can help to protect intellectual property.
✑ It can help to improve user trust.
A Chief Information Security Officer (CISO) is evaluating (he dangers involved in deploying a new ERP system tor the company. The CISO categorizes the system, selects the controls mat apply to the system, implements the controls, and then assesses the success of the controls before authorizing the system.
Which of the following is the CISO using to evaluate Hie environment for this new ERP system?
- A . The Diamond Model of Intrusion Analysis
- B . CIS Critical Security Controls
- C . NIST Risk Management Framevtoik
- D . ISO 27002
C
Explanation:
The CISO is using the NIST Risk Management Framework (RMF) to evaluate the environment for the new ERP system. The RMF is a structured process for managing risks that involves categorizing the system, selecting controls, implementing controls, assessing controls, and authorizing the system.
Reference: CompTIA Security+ Study Guide, Exam SY0-601, 4th Edition, Chapter 4: Risk Management, pp. 188-191.
Users are reporting performance issues from a specific application server. A security administrator are administrator is originating from.
Which of the following types of log files should be used to capture this information?
- A . Session traffic
- B . Syslog data
- C . Security events
- D . DNS responses
- E . Authentication
A security administrator is working to secure company data on corporate laptops in case the laptops are stolen.
Which of the following solutions should the administrator consider?
- A . Disk encryption
- B . Data loss prevention
- C . Operating system hardening
- D . Boot security
A spoofed identity was detected for a digital certificate.
Which of the following are the type of unidentified key and the certificate that could be in use on the company domain?
- A . Private key and root certificate
- B . Public key and expired certificate
- C . Private key and self-signed certificate
- D . Public key and wildcard certificate
A security analyst needs to implement an MDM solution for BYOD users that will allow the company to retain control over company emails residing on the devices and limit data exfiltration that might occur if the devices are lost or stolen.
Which of the following would BEST meet these requirements? (Select TWO).
- A . Full-device encryption
- B . Network usage rules
- C . Geofencing
- D . Containerization
- E . Application whitelisting
- F . Remote control
DE
Explanation:
MDM solutions emerged to solve problems created by BYOD. With MDM, IT teams can remotely wipe devices clean if they are lost or stolen. MDM also makes the life of an IT administrator a lot easier as it allows them to enforce corporate policies, apply software updates, and even ensure that password protection is used on each device. Containerization and application whitelisting are two features of MDM that can help retain control over company emails residing on the devices and limit data exfiltration that might occur if the devices are lost or stolen.
Containerization is a technique that creates a separate and secure space on the device for work-related data and applications. This way, personal and corporate data are isolated from each other, and IT admins can manage only the work container without affecting the user’s privacy. Containerization also allows IT admins to remotely wipe only the work container if needed, leaving the personal data intact.
Application whitelisting is a technique that allows only authorized applications to run on the device.
This way, IT admins can prevent users from installing or using malicious or unapproved applications that might compromise the security of corporate data. Application whitelisting also allows IT admins to control which applications can access corporate resources, such as email servers or cloud storage.
Reference:
https://www.comptia.org/certifications/security#examdetails
https://www.comptia.org/content/guides/comptia-security-sy0-601-exam-objectives
https://www.office1.com/blog/byod-vs-mdm
An organization wants to minimize the recovery time from backups in case of a disaster. Backups must be retained for one month, while minimizing the storage space used for backups.
Which of the following is the best approach for a backup strategy?
- A . Full monthly, incremental daily, and differential weekly
- B . Full weekly and incremental daily
- C . Full weekly and differential daily
- D . Full daily
While preparing a software inventory report, a security analyst discovers an unauthorized program installed on most of the company’s servers. The program utilizes the same code signing certificate as an application deployed to only the accounting team.
After removing the unauthorized program, which of the following mitigations should the analyst implement to BEST secure the server environment?
- A . Revoke the code signing certificate used by both programs.
- B . Block all unapproved file hashes from installation.
- C . Add the accounting application file hash to the allowed list.
- D . Update the code signing certificate for the approved application.