Practice Free SY0-601 Exam Online Questions
Which of the following tools can assist with detecting an employee who has accidentally emailed a file containing a customer’s Pll?
- A . SCAP
- B . NetFlow
- C . Antivirus
- D . DLP
D
Explanation:
DLP stands for Data Loss Prevention, which is a technology that can monitor, detect and prevent the unauthorized transmission of sensitive data, such as PII (Personally Identifiable Information). DLP can be implemented on endpoints, networks, servers or cloud services to protect data in motion, in use or at rest. DLP can also block or alert on data transfers that violate predefined policies or rules. DLP is the best tool to assist with detecting an employee who has accidentally emailed a file containing a customer’s PII, as it can scan the email content and attachments for any data that matches the criteria of PII and prevent the email from being sent or notify the administrator of the incident.
Verified Reference:
Data Loss Prevention Guide to Blocking Leaks – CompTIA https://www.comptia.org/content/guides/data-loss-prevention-a-step-by-step-guide-to-blocking-leaks
Data Loss Prevention C SY0-601 CompTIA Security+: 2.1 https://www.professormesser.com/security-plus/sy0-601/sy0-601-video/data-loss-prevention-4/
Data Loss Prevention C CompTIA Security+ SY0-501 C 2.1 https://www.professormesser.com/security-plus/sy0-501/data-loss-prevention-3/
• Sensitive customer data must be safeguarded.
• Documents from managed sources should not be opened in unmanaged destinations.
• Sharing of managed documents must be disabled.
• Employees should not be able to download emailed images to their devices.
• Personal photos and contact lists must be kept private.
• IT must be able to remove data from lost/stolen devices or when an employee no longer works for the company.
Which of the following are the best features to enable to meet these requirements? (Select two).
- A . Remote wipe
- B . VPN connection
- C . Biometric authentication
- D . Device location tracking
- E . Geofencing
- F . Application approve list
- G . Containerization
An administrator needs to perform server hardening before deployment.
Which of the following steps should the administrator take? (Select two).
- A . Disable default accounts.
- B . Add the server to the asset inventory.
- C . Remove unnecessary services.
- D . Document default passwords.
- E . Send server logs to the SIEM.
- F . Join the server to the corporate domain.
Which of the following is the most important security concern when using legacy systems to provide production service?
- A . Instability
- B . Lack of vendor support
- C . Loss of availability
- D . Use of insecure protocols
Which of the following best describes the situation where a successfully onboarded employee who is using a fingerprint reader is denied access at the company’s mam gate?
- A . Crossover error rate
- B . False match raw
- C . False rejection
- D . False positive
C
Explanation:
False rejection Short A false rejection occurs when a biometric system fails to recognize an authorized user and denies access. This can happen due to poor quality of the biometric sample, environmental factors, or system errors.
Reference: https://www.comptia.org/blog/what-is-biometrics
A security administrator suspects there may be unnecessary services running on a server.
Which of the following tools will the administrator most likely use to confirm the suspicions?
- A . Nmap
- B . Wireshark
- C . Autopsy
- D . DNSEnum
A
Explanation:
Nmap is a tool that is used to scan IP addresses and ports in a network and to detect installed applications. Nmap can help a security administrator determine the services running on a server by sending various packets to the target and analyzing the responses. Nmap can also perform various tasks such as OS detection, version detection, script scanning, firewall evasion, and vulnerability scanning.
Reference: https://www.comptia.org/certifications/security#examdetails https://www.comptia.org/content/guides/comptia-security-sy0-601-exam-objectives https://nmap.org/
Which of the following methods can be used to detect attackers who have successfully infiltrated a network? (Select two).
- A . Tokenization
- B . CI/CD
- C . Honeypots
- D . Threat modeling
- E . DNS sinkhole
- F . Data obfuscation
An organization is building a new headquarters and has placed fake cameras around the building in an attempt to discourage potential intruders.
Which of the following kinds of controls describes this security method?
- A . Detective
- B . Deterrent
- C . Directive
- D . Corrective
B
Explanation:
A deterrent control is a type of security control that is designed to discourage potential intruders from attempting to access or harm a system or network. A deterrent control relies on the perception or fear of negative consequences rather than the actual enforcement of those consequences. A deterrent control can also be used to influence the behavior of authorized users by reminding them of their obligations and responsibilities. An example of a deterrent control is placing fake cameras around the building, as it can create the illusion of surveillance and deter potential intruders from trying to break in. Other examples of deterrent controls are warning signs, security guards, or audit trails.
Reference:
https://www.ibm.com/topics/security-controls
https://www.f5.com/labs/learning-center/what-are-security-controls
A systems administrator receives the following alert from a file integrity monitoring tool:
The hash of the cmd.exe file has changed.
The systems administrator checks the OS logs and notices that no patches were applied in the last two months.
Which of the following most likely occurred?
- A . The end user changed the file permissions.
- B . A cryptographic collision was detected.
- C . A snapshot of the file system was taken.
- D . A rootkit was deployed.
A system^ administrator performs a quick scan of an organization’s domain controller and finds the following:
Which of the following vulnerabilities does this output represent?
- A . Unnecessary open ports
- B . Insecure protocols
- C . Misconfigured firewall
- D . Weak user permissions