Practice Free SY0-601 Exam Online Questions
The Chief Information Security Officer (CISO) asks a security analyst to install an OS update to a production VM that has a 99% uptime SLA. The CISO tells the analyst the installation must be done as quickly as possible.
Which of the following courses of action should the security analyst take first?
- A . Log in to the server and perform a health check on the VM.
- B . Install the patch immediately.
- C . Confirm that the backup service is running.
- D . Take a snapshot of the VM.
A software company has a shared codebase for multiple projects using the following strategy:
• Unused features are deactivated but still present on the code.
• New customer requirements trigger additional development work.
Which of the following will most likely occur when the company uses this strategy?
- A . Malicious code
- B . Dead code
- C . Outsourced code
- D . Code obfuscation
Which of the following holds staff accountable while escorting unauthorized personnel?
- A . Locks
- B . Badges
- C . Cameras
- D . Visitor logs
D
Explanation:
Visitor logs are records of who enters and exits a facility, when, and for what purpose. They can help hold staff accountable while escorting unauthorized personnel by providing evidence of their identity, authorization, and activities. Visitor logs can also help with auditing, incident response, and compliance.
A security analyst receives alerts about an internal system sending a large amount of unusual DNS queries to systems on the internet over short periods of time during non-business hours.
Which of the following is most likely occurring?
- A . A worm is propagating across the network.
- B . Data is being exfiltrated.
- C . A logic bomb is deleting data.
- D . Ransomware is encrypting files.
B
Explanation:
Data is being exfiltrated when an internal system is sending a large amount of unusual DNS queries to systems on the internet over short periods of time during non-business hours. Data exfiltration is the unauthorized transfer of data from a system or network to an external destination or actor. Data exfiltration can be performed by malicious insiders or external attackers who have compromised the system or network. DNS queries are requests for resolving domain names to IP addresses. DNS queries can be used as a covert channel for data exfiltration by encoding data in the domain names or subdomains and sending them to a malicious DNS server that can decode and collect the data.
Reference:
https://www.comptia.org/blog/what-is-data-exfiltration
https://www.certblaster.com/wp-content/uploads/2020/11/CompTIA-Security-SY0-601-Exam-Objectives-1.0.pdf
A security engineer is implementing FDE for all laptops in an organization.
Which of the following are the most important for the engineer to consider as part of the planning process? (Select two).
- A . Key escrow
- B . TPM presence
- C . Digital signatures
- D . Data tokenization
- E . Public key management
- F . Certificate authority linking
Cloud security engineers are planning to allow and deny access to specific features in order to in-crease data security.
Which of the following cloud features is the most appropriate to ensure ac-cess is granted properly?
- A . API integrations
- B . Auditing
- C . Resource policies
- D . Virtual networks
C
Explanation:
Resource policies are cloud features that allow and deny access to specific features in order to increase data security. Resource policies are rules or statements that define what actions can be performed on a particular resource by which entities under what conditions. Resource policies can be attached to cloud resources such as virtual machines, storage accounts, databases, or functions. Resource policies can help enforce security best practices, compliance requirements, and cost management. Resource policies can also help implement the principle of least privilege, which grants users only the minimum level of access they need to perform their tasks.
A network engineer deployed a redundant switch stack to increase system availability. However, the budget can only cover the cost of one ISP connection.
Which of the following best describes the potential risk factor?
- A . The equipment MTBF is unknown.
- B . The ISP has no SLA.
- C . An RPO has not been determined.
- D . There is a single point of failure.
Several universities are participating in a collaborative research project and need to share compute and storage resources.
Which of the following cloud deployment strategies would best meet this need?
- A . Community
- B . Private
- C . Public
- D . Hybrid
A
Explanation:
A community cloud deployment strategy would best meet the need of several universities participating in a collaborative research project and needing to share compute and storage resources. A community cloud is a type of cloud service model that provides a shared platform for multiple organizations with common interests, goals, or requirements. A community cloud can offer benefits such as cost savings, scalability, security, privacy, compliance, and collaboration.
Reference:
https://www.comptia.org/blog/cloud-service-models-saas-paas-and-iaas-explained
https://www.certblaster.com/wp-content/uploads/2020/11/CompTIA-Security-SY0-601-Exam-Objectives-1.0.pdf
A security analyst is investigating a workstation that is suspected of outbound communication to a command-and-control server. During the investigation, the analyst discovered that logs on the endpoint were deleted.
Which of the following logs would the analyst most likely look at next?
- A . IPS
- B . Firewall
- C . ACL
- D . Windows security
A retail company that is launching @ new website to showcase the company’s product line and other information for online shoppers registered the following URLs:
* www companysite com
* shop companysite com
* about-us companysite com contact-us. companysite com secure-logon company site com
Which of the following should the company use to secure its website if the company is concerned with convenience and cost?
- A . A self-signed certificate
- B . A root certificate
- C . A code-signing certificate
- D . A wildcard certificate
- E . An extended validation certificate
D
Explanation:
The company can use a wildcard certificate to secure its website if it is concerned with convenience and cost. A wildcard certificate can secure multiple subdomains, which makes it cost-effective and convenient for securing the various registered domains.
The retail company should use a wildcard certificate if it is concerned with convenience and cost12. A wildcard SSL certificate is a single SSL/TLS certificate that can provide significant time and cost savings, particularly for small businesses. The certificate includes a wildcard character (*) in the domain name field, and can secure multiple subdomains of the primary domain1