Practice Free SY0-601 Exam Online Questions
Which of the following should a systems administrator set up to increase the resilience of an application by splitting the traffic between two identical sites?
- A . Load balancing
- B . Geographic disruption
- C . Failover
- D . Parallel processing
A company must ensure sensitive data at rest is rendered unreadable.
Which of the following will the company most likely use?
- A . Hashing
- B . Tokenization
- C . Encryption
- D . Segmentation
Which of the following can best protect against an employee inadvertently installing malware on a company system?
- A . Host-based firewall
- B . System isolation
- C . Least privilege
- D . Application allow list
C
Explanation:
Least privilege is a security principle that states that users should only be granted the permissions they need to do their job. This helps to protect against malware infections by preventing users from installing unauthorized software.
A host-based firewall can help to protect against malware infections by blocking malicious traffic from reaching a computer. However, it cannot prevent a user from installing malware if they have the necessary permissions.
System isolation is the practice of isolating systems from each other to prevent malware from spreading. This can be done by using virtual machines or network segmentation. However, system isolation can be complex and expensive to implement.
An application allow list is a list of applications that are allowed to run on a computer. This can help to prevent malware infections by preventing users from running unauthorized applications. However, an application allow list can be difficult to maintain and can block legitimate applications.
Therefore, the best way to protect against an employee inadvertently installing malware on a company system is to use the principle of least privilege. This will help to ensure that users only have the permissions they need to do their job, which will reduce the risk of malware infections.
Here are some additional benefits of least privilege:
✑ It can help to improve security by reducing the attack surface.
✑ It can help to simplify security management by reducing the number of permissions that need to be managed.
✑ It can help to improve compliance by reducing the risk of data breaches.
Which of the following allows for the attribution of messages to individuals?
- A . Adaptive identity
- B . Non-repudiation
- C . Authentication
- D . Access logs
A company is developing a business continuity strategy and needs to determine how many staff members would be required to sustain the business in the case of a disruption.
Which of the following best describes this step?
- A . Capacity planning
- B . Redundancy
- C . Geographic dispersion
- D . Tabletop exercise
A
Explanation:
Capacity planning is the process of determining the resources needed to meet the demand for a service or product. It involves estimating the number of staff members required to sustain the business in the case of a disruption, as well as other factors such as equipment, space, and budget12. Redundancy, geographic dispersion, and tabletop exercise are not directly related to determining the staff members needed for business continuity. Redundancy is the duplication of critical components or functions to increase reliability and availability2. Geographic dispersion is the distribution of resources across different locations to reduce the impact of a localized disaster2. Tabletop exercise is a simulation of a potential scenario that tests the effectiveness of a business continuity plan
A client asked a security company to provide a document outlining the project, the cost, and the completion time frame.
Which of the following documents should the company provide to the client?
- A . MSA
- B . SLA
- C . BPA
- D . SOW
Which of the following is used to add extra complexity before using a one-way data transformation algorithm?
- A . Key stretching
- B . Data masking
- C . Steganography
- D . Salting
A sensitive piece of information in a production database is replaced with a non-sensitive value that, when compromised, provides no value to the offender.
Which of the following describes this process?
- A . Tokenization
- B . Obfuscation
- C . Masking
- D . Hashing
C
Explanation:
Masking is the process of replacing sensitive data with random characters in the same format, without a way to retrieve the original data. This is different from tokenization, which uses a token server to store the relationship between the original and token values. Obfuscation is a broader term that includes masking, but also other methods such as encryption or hashing. Hashing is a one-way function that converts data into a fixed-length output that cannot be reversed.
A network administrator needs to determine the sequence of a server farm’s logs.
Which of the following should the administrator consider? (Select two).
- A . Chain of custody
- B . Tags
- C . Reports
- D . Time stamps
- E . Hash values
- F . Time offset
DF
Explanation:
A server farm’s logs are records of events that occur on a group of servers that provide the same service or function. Logs can contain information such as date, time, source, destination, message, error code, and severity level. Logs can help administrators monitor the performance, security, and availability of the servers and troubleshoot any issues.
To determine the sequence of a server farm’s logs, the administrator should consider the following factors:
Time stamps: Time stamps are indicators of when an event occurred on a server. Time stamps can help administrators sort and correlate events across different servers based on chronological order. However, time stamps alone may not be sufficient to determine the sequence of events if the servers have different time zones or clock settings.
Time offset: Time offset is the difference between the local time of a server and a reference time, such as Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). Time offset can help administrators adjust and synchronize the time stamps of different servers to a common reference time and eliminate any discrepancies caused by time zones or clock settings.
Reference:
https://www.comptia.org/certifications/security#examdetails
https://www.comptia.org/content/guides/comptia-security-sy0-601-exam-objectives
https://docs.microsoft.com/en-us/windows-server/administration/server-manager/view-event-logs
A security analyst discovers several jpg photos from a cellular phone during a forensics investigation involving a compromised system The analyst runs a forensics tool to gather file metadata.
Which of the following would be part of the images if all the metadata is still intact?
- A . The GSS location
- B . When the file was deleted
- C . The total number of print jobs
- D . The number of copies made
A
Explanation:
The GPS location would be part of the images if all the metadata is still intact. Metadata is data that describes other data, such as file name, size, date, author, etc. Some metadata can also contain information about the device, software, or location that created or modified the data. For example, some digital cameras and smartphones can embed GPS coordinates into the metadata of photos, which can reveal the location where the photos were taken. This can be useful for forensic analysis, but also pose privacy risks.