Practice Free SY0-601 Exam Online Questions
An audit report showed that a former employee saved the following files to an external USB drive before the employee’s termination date:
• annual_tax_form.pdf
• encrypted_passwords.db
• team_picture.jpg
• contactjist.db
• human_resources.txt
Which of the following could the former employee do to potentially compromise corporate credentials?
- A . Perform an offline brute-force attack.
- B . Use the files to create a rainbow table.
- C . Conduct a token replay.
- D . Release a network dictionary attack
While performing digital forensics, which of the following is considered the most volatile and should have the contents collected first?
- A . Hard drive
- B . RAM
- C . SSD
- D . Temporary files
An organization recently updated its security policy to include the following statement: Regular expressions are included in source code to remove special characters such as and from variables set by forms in a web application.
Which of the following best explains the security technique the organization adopted by making this addition to the policy?
- A . Identify embedded keys
- B . Code debugging
- C . Input validation
- D . Static code analysis
After an audit, an administrator discovers all users have access to confidential data on a file server.
Which of the following should the administrator use to restrict access to the data quickly?
- A . Group Policy
- B . Content filtering
- C . Data loss prevention
- D . Access control lists
Which of the following secure coding practices involves keeping business logic within a database?
- A . Stored procedures
- B . Normalization
- C . Obfuscation
- D . Tokenization
A security administrator is configuring fileshares. The administrator removed the default permissions and added permissions for only users who will need to access the fileshares as part of their job duties.
Which of the following best describes why the administrator performed these actions?
- A . Encryption standard compliance
- B . Data replication requirements
- C . Least privilege
- D . Access control monitoring
A security team created a document that details the order in which critical systems should be brought back online after a major outage.
Which of the following documents did the team create?
- A . Communication plan
- B . Incident response plan
- C . Data retention policy
- D . Disaster recovery plan
Which of the following threat actors is the most likely to use common hacking tools found on the internet to attempt to remotely compromise an organization’s web server?
- A . Organized crime
- B . Insider threat
- C . Unskilled attacker
- D . Nation-state
Which of the following threat actors is the most likely to use common hacking tools found on the internet to attempt to remotely compromise an organization’s web server?
- A . Organized crime
- B . Insider threat
- C . Unskilled attacker
- D . Nation-state
An organization has been experiencing outages during holiday sales and needs to ensure availability of its point-of-sales systems. The IT administrator has been asked to improve both server-data fault tolerance and site availability under high consumer load.
Which of the following are the best options to accomplish this objective? (Select two.)
- A . Load balancing
- B . Incremental backups
- C . UPS
- D . RAID
- E . Dual power supply
- F . VLAN
A, D
Explanation:
Load balancing and RAID are the best options to accomplish the objective of improving both server-data fault tolerance and site availability under high consumer load. Load balancing is a method of distributing network traffic across multiple servers to optimize performance, reliability, and scalability. Load balancing can help improve site availability by preventing server overload, ensuring high uptime, and providing redundancy and failover. RAID stands for redundant array of independent disks, which is a technology that combines multiple physical disks into a logical unit to improve data storage performance, reliability, and capacity. RAID can help improve server-data fault tolerance by providing data redundancy, backup, and recovery.
Reference:
https://www.comptia.org/certifications/security#examdetails
https://www.comptia.org/content/guides/comptia-security-sy0-601-exam-objectives
https://www.nginx.com/resources/glossary/load-balancing/ https://www.ibm.com/cloud/learn/raid