Boost Confidence To Pass SY0-601 Exam with Updated SY0-601 Study Materials

Eleanor2024-10-14T15:14:09+00:00

By Eleanor CompTIA, CompTIA Security+

This is crucial for passing the CompTIA Security+ SY0-601 exam. All the CompTIA SY0-601 real Q&As in ITPrepare’s SY0-601 study materials for the CompTIA Security+ exam are hand-picked by experts. All the SY0-601 actual questions and answers are available for download in pdf format. The best thing is that one can easily download the CompTIA SY0-601 questions dumps where ever they want. Like it can be downloaded on your PC, laptop, MacBook, or any other device from where one can easily go through the CompTIA SY0-601 study materials without wasting time.

Come to check the SY0-601 free demo to verify the updated SY0-601 study materials:

Page 1 of 10

1. A company wants to improve end users experiences when they tog in to a trusted partner website. The company does not want the users to be issued separate credentials for the partner website.

Which of the following should be implemented to allow users to authenticate using their own credentials to log in to the trusted partner's website?

Directory service

AAA server

Federation

Multifactor authentication

2. A security analyst is working on a project to implement a solution that monitors network communications and provides alerts when abnormal behavior is detected.

Which of the following is the security analyst MOST likely implementing?

Vulnerability scans

User behavior analysis

Security orchestration, automation, and response

Threat hunting

3. A company suspects that some corporate accounts were compromised. The number of suspicious logins from locations not recognized by the users is increasing Employees who travel need their accounts protected without the nsk of blocking legitimate login requests that may be made over new sign-in properties.

Which of the following security controls can be implemented?

Enforce MFA when an account request reaches a nsk threshold

Implement geofencing to only allow access from headquarters

Enforce time-based login requests that align with business hours

Shift the access control scheme to a discretionary access control

4. Which of the following is a known security nsk associated with data archives that contain financial information?

Data can become a liability if archived longer than required by regulatory guidance

Data must be archived off-site to avoid breaches and meet business requirements

Companies are prohibited from providing archived data to e-discovery requests

Unencrypted archives should be preserved as long as possible and encrypted

5. A tax organization is working on a solution to validate the online submission of documents. The solution should be earned on a portable USB device that should be inserted on any computer that is transmitting a transaction securely.

Which of the following is the BEST certificate for these requirements?

User certificate

Self-signed certificate

Computer certificate

Root certificate

6. Which of the following is the BEST example of a cost-effective physical control to enforce a USB removable media restriction policy?

Putting security/antitamper tape over USB ports logging the port numbers and regularly inspecting the ports

Implementing a GPO that will restrict access to authorized USB removable media and regularly verifying that it is enforced

Placing systems into locked key-controlled containers with no access to the USB ports

Installing an endpoint agent to detect connectivity of USB and removable media

7. Which of the following BEST reduces the security risks introduced when running systems that have expired vendor support and lack an immediate replacement?

Implement proper network access restrictions

Initiate a bug bounty program

Classify the system as shadow I

Increase the frequency of vulnerability scans

8. A security analyst is evaluating solutions to deploy an additional layer of protection for a web application. The goal is to allow only encrypted communications without relying on network devices.

Which of the following can be implemented?

HTTP security header

DNSSEC implementation

SRTP

S/MIME

9. CORRECT TEXT

An incident has occurred in the production environment.

Analyze the command outputs and identify the type of compromise.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

10. A security engineer was assigned to implement a solution to prevent attackers from gaining access by pretending to be authorized users.

Which of the following technologies meets the requirement?

SSO

IDS

MFA

TPM

Page 2 of 10

11. After a recent security breach, a security analyst reports that several administrative usernames and passwords are being sent via cleartext across the network to access network devices over port 23.

Which of the following should be implemented so all credentials sent over the network are encrypted when remotely accessing and configuring network devices?

SSH

SNMPv3

SFTP

Telnet

FTP

12. An IT manager is estimating the mobile device budget for the upcoming year Over the last five years, the number of devices that were replaced due to loss damage or theft steadily increased by 10%.

Which of the following would BEST describe the estimated number of devices to be replaced next year?

ALE

ARO

RPO

SLE

13. Which of the following documents provides expectations at a technical level for quality, availability, and responsibilities?

EOL

SLA

MOU

EOSL

14. As part of a security compliance assessment, an auditor performs automated vulnerability scans.

In addition, which of the following should the auditor do to complete the assessment?

User behavior analysis

Packet captures

Configuration reviews

Log analysis

15. An amusement park is implementing a btomelnc system that validates customers' fingerpnnts to ensure they are not sharing tickets. The park's owner values customers above all and would prefer customers' convenience over security

For this reason which of the following features should the security team prioritize FIRST?

Low FAR

Low efficacy

Low FRR

Low CER

16. The Chief Information Security Officer (CISO) requested a report on potential areas of improvement following a security incident.

Which of the following incident response processes is the CISO requesting?

Lessons learned

Preparation

Detection

Containment

Root cause analysis

17. A Chief Security Officer (CSO) is concerned that cloud-based services are not adequately protected from advanced threats and malware. The CSO believes there is a high risk that a data breach could occur in the near future due to the lack of detective and preventive controls.

Which of the following should be implemented to BEST address the CSO's concerns? {Select TWO)

AWAF

ACASB

An NG-SWG

Segmentation

Encryption

Containerization

18. After a recent security incident, a security analyst discovered that unnecessary ports were open on a firewall policy for a web server.

Which of the following firewall policies would be MOST secure for a web server?

A)

Option A

Option B

Option C

Option D

19. A security incident has been resolved.

Which of the following BEST describes the importance of the final phase of the incident response plan?

It examines and documents how well the team responded discovers what caused the incident, and determines how the incident can be avoided in the future

It returns the affected systems back into production once systems have been fully patched, data restored and vulnerabilities addressed

It identifies the incident and the scope of the breach how it affects the production environment, and the ingress point

It contains the affected systems and disconnects them from the network, preventing further spread of the attack or breach

20. A Chief Information Security Officer has defined resiliency requirements for a new data center architecture. The requirements are as follows

• Critical fileshares will remain accessible during and after a natural disaster

• Frve percent of hard disks can fail at any given time without impacting the data.

• Systems will be forced to shut down gracefully when battery levels are below 20%.

Which of the following are required to BEST meet these objectives? (Select THREE)

Fiber switching

laC

NAS

RAID

UPS

Redundant power supplies

Geographic dispersal

Snapshots

Load balancing

Page 3 of 10

21. Which of the following statements BEST describes zero-day exploits'?

When a zero-day exploit is discovered, the system cannot be protected by any means

Zero-day exploits have their own scoring category in CVSS

A zero-day exploit is initially undetectable and no patch for it exists

Discovering zero-day exploits is always performed via bug bounty programs

22. Which of the following is assured when a user signs an email using a private key?

Non-repudiation

Confidentiality

Availably

Authentication

23. After returning from a conference, a user's laptop has been operating slower than normal and overheating, and the fans have been running constantly. During the diagnosis process, an unknown piece of hardware is found connected to the laptop's motherboard .

Which of the following attack vectors was exploited to install the hardware?

Removable media

Spear phishing

Supply chain

Direct access

24. Digital signatures use asymmetric encryption. This means the message is encrypted with:

the sender's private key and decrypted with the sender's public key

the sender's public key and decrypted with the sender's private key

the sender’s private key and decrypted with the recipient's public key.

the sender's public key and decrypted with the recipient's private key

25. Preconfigure the client for an incoming guest.

The guest AD credentials are:

User: guest01

Password: guestpass

26. During an incident response, an analyst applied rules to all inbound traffic on the border firewall and implemented ACLs on each critical server Following an investigation, the

company realizes it is still vulnerable because outbound traffic is not restricted and the adversary is able to maintain a presence in the network. In which of the following stages of the Cyber Kill Chain is the adversary currently operating?

Reconnaissance

Command and control

Actions on objective

Exploitation

27. A penetration tester was able to compromise an internal server and is now trying to pivot the current session in a network lateral movement.

Which of the following tools if available on the server, will provide the MOST useful information for the next assessment step?

Autopsy

Cuckoo

Memdump

Nmap

28. An engineer recently deployed a group of 100 web servers in a cloud environment. Per the security policy, all web-server ports except 443 should be disabled.

Which of the following can be used to accomplish this task?

Application allow list

SWG

Host-based firewall

VPN

29. Field workers in an organization are issued mobile phones on a daily basis All the work is performed within one city and the mobile phones are not used for any purpose other than work. The organization does not want these pnones used for personal purposes. The organization would like to issue the phones to workers as permanent devices so the pnones do not need to be reissued every day Qven the conditions described, which of the following technologies would BEST meet these requirements'

Geofencing

Mobile device management

Containenzation

Remote wiping

30. A company is considering transitioning to the cloud. The company employs individuals from various locations around the world. The company does not want to increase its on-premises infrastructure blueprint and only wants to pay for additional compute power required.

Which of the following solutions would BEST meet the needs of the company?

Private cloud

Hybrid environment

Managed security service provider

Hot backup site

Page 4 of 10

31. An ofgantzation has decided to purchase an insurance policy because a risk assessment determined that the cost to remediate the risk is greater than the five-year cost of the insurance policy. The organization is enabling risk

avoidance

acceptance

mitigation

transference

32. Multiple business accounts were compromised a few days after a public website had its credentials database leaked on the internet No business emails were Identified in the breach, but the security team thinks that the list of passwords exposed was later used to compromise business accounts.

Which of Ihe following would mitigate the issue?

Complexity requirements

Password history

Acceptable use policy

Shared accounts

33. Business partners are working on a Security mechanism lo validate transactions securely. The requirement is for one company to be responsible for deploying a trusted solution that will register and issue artifacts used to sign encrypt, and decrypt transaction files.

Which of the following is the BEST solution to adopt?

PKI

Blockchain

SAML

OAuth

34. An organization maintains several environments in which patches are developed and tested before deployed to an operation status.

Which of the following is the environment in which patches will be deployed just prior to being put into an operational status?

Development

Test

Production

Staging

35. A user enters a username and a password at the login screen for a web portal. A few seconds later the following message appears on the screen: Please use a combination of numbers, special characters, and letters in the password field.

Which of the following concepts does this message describe?

Password complexity

Password reuse

Password history

Password age

36. The board of doctors at a company contracted with an insurance firm to limit the organization’s liability.

Which of the following risk management practices does the BEST describe?

Transference

Avoidance

Mitigation

Acknowledgement

37. A security policy states that common words should not be used as passwords. A security auditor was able to perform a dictionary attack against corporate credentials.

Which of the following controls was being violated?

Password complexity

Password history

Password reuse

Password length

38. A technician enables full disk encryption on a laptop that will be taken on a business tnp.

Which of the following does this process BEST protect?

Data in transit

Data in processing

Data at rest

Data tokenization

39. An organization has hired a ted team to simulate attacks on its security posture.

Which of the following will the blue team do after detecting an loC?

Reimage the impacted workstations

Activate runbooks for incident response

Conduct forensics on the compromised system

Conduct passive reconnaissance to gather information

40. DDoS attacks are causing an overload on the cluster of cloud servers. A security architect is researching alternatives to make the cloud environment respond to load fluctuation in a cost-effective way.

Which of the following options BEST fulfils the architect’s requirements?

An orchestration solution that can adjust scalability of cloud assets

Use of multipath by adding more connections to cloud storage

Cloud assets replicated on geographically distributed regions

An on-site backup that is deployed and only used when the load increases

Page 5 of 10

41. Several users have opened tickets with the help desk. The help desk has reassigned the tickets to a Security analyst for further review.

The security analyst reviews the following metrics:

Which of the following is MOST likely the result of the security analyst's review?

The ISP is dropping outbound connections

The user of the Sales-PC fell for a phishing attack

Corporate PCs have been turned into a botnet

An on-path attack is taking place between PCs and the router

42. Which of the following describes the continuous delivery software development methodology?

Waterfall

Spiral

V-shaped

Agile

43. The Chief Information Security Officer directed a nsk reduction in shadow IT and created a policy requiring all unsanctioned high-risk SaaS applications to be blocked from user access.

Which of the following is the BEST security solution to reduce this risk?

CASB

VPN concentrator

MFA

VPC endpoint

44. An administrator needs to protect user passwords and has been advised to hash the passwords.

Which of the following BEST describes what the administrator is being advised to do?

Perform a mathematical operation on the passwords that will convert them into unglue stings

Add extra data to the passwords so their length is increased, making them harder to brute force

Store all passwords in the system in a rainbow table that has a centralized location

Enforce the use of one-time passwords that are changed for every login session.

45. Due to unexpected circumstances, an IT company must vacate its main office, forcing all operations to alternate, off-site locations.

Which of the following will the company MOST likely reference for guidance during this change?

The business continuity plan

The retention policy

The disaster recovery plan

The incident response plan

46. A systems administrator reports degraded performance on a virtual server. The administrator increases the virtual memory allocation which improves conditions, but performance degrades again after a few days.

The administrator runs an anarysis tool and sees the following output:

The administrator terminates the timeAttend.exe observes system performance over the next few days, and notices that the system performance does not degrade.

Which of the following issues is MOST likely occurring?

DLL injection

API attack

Buffer oveiflow

Memory leak

47. A company is auditing the manner in which its European customers' personal information is handled.

Which of the following should the company consult?

GDPR

ISO

NIST

PCI DSS

48. A security analyst was asked to evaluate a potential attack that occurred on a publicly accessible section of the company's website.

The malicious actor posted an entry in an attempt to trick users into cltckmg the following:

Which of the following was MOST likely observed?

DLL injection

Session replay

SOLI

XSS

49. Which of the following organizations sets frameworks and controls for optimal security configuration on systems?

ISO

GDPR

PCI DSS

NIST

50. DRAG DROP

An attack has occurred against a company.

INSTRUCTIONS

You have been tasked to do the following:

Identify the type of attack that is occurring on the network by clicking on the attacker’s tablet and reviewing the output. (Answer Area 1).

Identify which compensating controls should be implemented on the assets, in order to reduce the effectiveness of future attacks by dragging them to the correct server.

(Answer area 2) All objects will be used, but not all placeholders may be filled. Objects may only be used once.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Page 6 of 10

51. A company wants to restrict emailing of PHI documents. The company is implementing a DLP solution.

In order to reslnct PHI documents which of the following should be performed FIRST?

Retention

Governance

Classification

Change management

52. A business operations manager is concerned that a PC that is critical to business operations will have a costly hardware failure soon. The manager is looking for options to continue business operations without incurring large costs.

Which of the following would mitigate the manager's concerns?

Implement a full system upgrade

Perform a physical-to-virtual migration

Install uninterruptible power supplies

Purchase cybersecurity insurance

53. Which of the following is a benefit of including a risk management framework into an organization's security approach?

It defines expected service levels from participating supply chain partners to ensure system outages are remediated in a timely manner

It identifies specific vendor products that have been tested and approved for use in a secure environment.

It provides legal assurances and remedies in the event a data breach occurs

It incorporates control, development, policy, and management activities into IT operations.

54. An attacker was eavesdropping on a user who was shopping online. The attacker was able to spoof the IP address associated with the shopping site. Later, the user received an email regarding the credit card statement with unusual purchases.

Which of the following attacks took place?

On-path attack

Protocol poisoning

Domain hijacking

Bluejacking

55. CORRECT TEXT

A company recently added a DR site and is redesigning the network. Users at the DR site are having issues browsing websites.

INSTRUCTIONS

Click on each firewall to do the following:

✑ Deny cleartext web traffic.

✑ Ensure secure management protocols are used. Please Resolve issues at the DR site.

The ruleset order cannot be modified due to outside constraints.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

56. A company labeled some documents with the public sensitivity classification.

This means the documents can be accessed by:

employees of other companies and the press

all members of the department that created the documents

only the company's employees and those listed in the document

only the individuate listed in the documents

57. The Chief Information Security Officer (CISO) has requested that a third-party vendor provide supporting documents that show proper controls are in place to protect customer data.

Which of the following would be BEST for the third-party vendor to provide to the CISO?

GDPR compliance attestation

Cloud Security Alliance materials

SOC 2 Type 2 report

NIST RMF workbooks

58. Certain users are reporting their accounts are being used to send unauthorized emails and conduct suspicious activities.

After further investigation, a security analyst notices the following

• All users share workstations throughout the day

• Endpoint protection was disabled on several workstations throughout the network.

• Travel times on logins from the affected users are impossible

• Sensitive data is being uploaded to external sites

• All use account passwords were forced lo be reset and the issue continued.

Which of the following attacks is being used to compromise the user accounts?

Brute-force

Keylogger

Dictionary

Rainbow

59. During a recent incident an external attacker was able to exploit an SMB vulnerability over the internet.

Which of the following action items should a security analyst perform FIRST to prevent this from occurring again?

Check for any recent SMB CVEs

Install AV on the affected server

Block unneeded TCP 445 connections

Deploy a NIDS in the affected subnet

60. Which biometric error would allow an unauthorized user to access a system?

False acceptance

False entrance

False rejection

False denial

Page 7 of 10

61. An organization implemented a process that compares the settings currently configured on systems against secure configuration guidelines in order to identify any gaps.

Which of the following control types has the organization implemented?

Compensating

Corrective

Preventive

Detective

62. Which of the following control Types would be BEST to use in an accounting department to reduce losses from fraudulent transactions?

Recovery

Deterrent

Corrective

Detective

63. HOTSPOT

Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation.

INSTRUCTIONS

Not all attacks and remediation actions will be used.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

64. A security analyst is investigating suspicious traffic on the web server located at IP address 10.10.1.1.

A search of the WAF logs reveals the following output:

Which of the following is MOST likely occurring?

XSS attack

SQLi attack

Replay attack

XSRF attack

65. The Chief Compliance Officer from a bank has approved a background check policy for all new hires.

Which of the following is the policy MOST likely protecting against?

Preventing any current employees' siblings from working at the bank to prevent nepotism

Hiring an employee who has been convicted of theft to adhere to industry compliance

Filtering applicants who have added false information to resumes so they appear better qualified

Ensuring no new hires have worked at other banks that may be trying to steal customer information

66. An organization wants to participate in threat intelligence information sharing with peer groups.

Which of the following would MOST likely meet the organizations requirement?

Perform OSINT investigations

Subscribe to threat intelligence feeds

Submit RFCs

Implement a TAXII server

67. After gaining access to a dual-homed (i.e.. wired and wireless) multifunction device by exploiting a vulnerability in the device's firmware, a penetration tester then gains shell access on another networked asset This technique is an example of:

privilege escalation

footprinting

persistence

pivoting.

68. An organization has activated an incident response plan due to a malware outbreak on its network. The organization has brought in a forensics team that has identified an internet-facing Windows server as the likely point of initial compromise. The malware family that was detected is known to be distributed by manually logging on to servers and running the malicious code.

Which of the following actions would be BEST to prevent reinfection from the initial infection vector?

Prevent connections over TFTP from the internal network

Create a firewall rule that blocks port 22 from the internet to the server

Disable file shanng over port 445 to the server

Block port 3389 inbound from untrusted networks

69. Which of the following are common VoIP-associated vulnerabilities? (Select TWO).

SPIM

vishing

Hopping

Phishing

Credential harvesting

Tailgating

70. A company recently experienced a significant data loss when proprietary Information was leaked to a competitor. The company took special precautions by using proper labels; however, email filter logs do not have any record of the incident. An Investigation confirmed the corporate network was not breached, but documents were downloaded from an employee's COPE tablet and passed to the competitor via cloud storage.

Which of the following is the BEST mitigation strategy to prevent this from happening in the future?

User training

CASB

MDM

EDR

Page 8 of 10

71. Which of the following will increase cryptographic security?

High data entropy

Algorithms that require less computing power

Longer key longevity

Hashing

72. A user is attempting to navigate to a website from inside the company network using a desktop. When the user types in the URL. https://www.site.com, the user is presented with a certificate mismatch warning from the browser. The user does not receive a warning when visiting http://www.anothersite.com.

Which of the following describes this attack?

On-path

Domain hijacking

DNS poisoning

Evil twin

73. A security analyst receives an alert from trie company's SIEM that anomalous activity is coming from a local source IP address of 192.168.34.26. The Chief Information Security Officer asks the analyst to block the originating source Several days later, another employee opens an internal ticket stating that vulnerability scans are no longer being performed properly. The IP address the employee provides is 192 168.3426.

Which of the following describes this type of alert?

True positive

True negative

False positive

False negative

74. 1.A SOC operator is analyzing a log file that contains the following entries:

SQL injection and improper input-handling attempts

Cross-site scripting and resource exhaustion attempts

Command injection and directory traversal attempts

Error handling and privilege escalation attempts

75. An organization wants to implement a biometric system with the highest likelihood that an unauthorized user will be denied access.

Which of the following should the organization use to compare biometric solutions?

FRR

Difficulty of use

Cost

FAR

CER

76. A forensic analyst needs to prove that data has not been tampered with since it was collected.

Which of the following methods will the analyst MOST likely use?

Look for tampenng on the evidence collection bag

Encrypt the collected data using asymmetric encryption

Ensure proper procedures for chain of custody are being followed

Calculate the checksum using a hashing algorithm

77. Which of the following would be indicative of a hidden audio file found inside of a piece of source code?

Steganography

Homomotphic encryption

Cipher surte

Blockchain

78. Which of the following components can be used to consolidate and forward inbound Internet traffic to multiple cloud environments though a single firewall?

Transit gateway

Cloud hot site

Edge computing

DNS sinkhole

79. A company is implementing a DLP solution on the file server. The file server has Pll. financial information, and health information stored on it Depending on what type of data that is hosted on the file server, the company wants different DLP rules assigned to the data.

Which of the following should the company do to help accomplish this goal?

Classify the data

Mask the data

Assign an application owner

Perform a risk analysis

80. A recent audit cited a risk involving numerous low-criticality vulnerabilities created by a web application using a third-party library. The development staff state there are still customers using the application even though it is end of life and it would be a substantial burden to update the application for compatibility with more secure libraries.

Which of the following would be the MOST prudent course of action?

Accept the risk if there is a clear road map for timely decommission

Deny the risk due to the end-of-life status of the application.

Use containerization to segment the application from other applications to eliminate the risk

Outsource the application to a third-party developer group

Page 9 of 10

81. Security analysts are conducting an investigation of an attack that occurred inside the organization’s network. An attacker was able to connect network traffic between workstation throughout the network.

The analysts review the following logs:

The layer 2 address table has hundred of entries similar to the ones above.

Which of the following attacks has MOST likely occurred?

SQL injection

DNS spoofing

MAC flooding

ARP poisoning

82. A junior security analyst iss conducting an analysis after passwords were changed on multiple accounts without users' interaction.

The SIEM have multiple login entries with the following text:

Which of the following is the MOST likely attack conducted on the environment?

Malicious script

Privilege escalation

Doman hijacking

DNS poisoning

83. Which of the following is the MOST effective control against zero-day vulnerabilities?

Network segmentation

Patch management

Intrusion prevention system

Multiple vulnerability scanners

84. A customer service representative reported an unusual text message that was sent to the help desk. The message contained an unrecognized invoice number with a large balance due and a link to click for more details.

Which of the following BEST describes this technique?

Vishing

Whaling

Phishing

Smishing

85. A DBA reports that several production server hard drives were wiped over the weekend. The DBA also reports that several Linux servers were unavailable due to system files being deleted unexpectedly. A security analyst verified that software was configured to delete data deliberately from those servers. No backdoors to any servers were found.

Which of the following attacks was MOST likely used to cause the data toss?

Logic bomb

Ransomware

Fileless virus

Remote access Trojans

Rootkit

86. A security analyst is concerned about critical vulnerabilities that have been detected on some applications running inside containers.

Which of the following is the BEST remediation strategy?

Update the base container image and redeploy the environment

Include the containers in the regular patching schedule for servers

Patch each running container individually and test the application

Update the host in which the containers are running

87. An application developer accidentally uploaded a company's code-signing certificate private key to a public web server. The company is concerned about malicious use of its certificate.

Which of the following should the company do FIRST?

Delete the private key from the repository.

Verify the public key is not exposed as well.

Update the DLP solution to check for private keys.

Revoke the code-signing certificate.

88. During a recent penetration test, the tester discovers large amounts of data were exfiltrated over the course of 12 months via the internet. The penetration tester stops the test to inform the client of the findings.

Which of the following should be the client's NEXT step to mitigate the issue''

Conduct a full vulnerability scan to identify possible vulnerabilities

Perform containment on the critical servers and resources

Review the firewall and identify the source of the active connection

Disconnect the entire infrastructure from the internet

89. An organization has developed an application that needs a patch to fix a critical vulnerability.

In which of the following environments should the patch be deployed LAST?

Test

Staging

Development

Production

90. Which of the following terms describes a broad range of information that is sensitive to a specific organization?

Public

Top secret

Proprietary

Open-source

Page 10 of 10

91. Which of the following would be the BEST way to analyze diskless malware that has infected a VDI?

Shut down the VDI and copy off the event logs.

Take a memory snapshot of the running system.

Use NetFlow to identify command-and-control IPs.

Run a full on-demand scan of the root volume.

92. An organization would like to give remote workers the ability to use applications hosted inside the corporate network Users will be allowed to use their personal computers or they will be provided organization assets Either way no data or applications will be installed locally on any user systems.

Which of the following mobile solutions would accomplish these goals?

VDI

MDM

COPE

UTM

93. A database administrator wants to grant access to an application that will be reading and writing data to a database. The database is shared by other applications also used by the finance department.

Which of the following account types Is MOST appropriate for this purpose?

Service

Shared

eneric

Admin

94. Which of the following is the MOST relevant security check to be performed before embedding third-parry libraries in developed code?

Check to see if the third party has resources to create dedicated development and staging environments.

Verify the number of companies that downloaded the third-party code and the number of contributions on the code repository.

Assess existing vulnerabilities affecting the third-parry code and the remediation efficiency of the libraries' developers.

Read multiple penetration-testing reports for environments running software that reused the library.

95. Which of the following should be monitored by threat intelligence researchers who search for leaked credentials?

Common Weakness Enumeration

OSINT

Dark web

Vulnerability databases

96. An organization is migrating several SaaS applications that support SSO. The security manager wants to ensure the migration is completed securely.

Which of the following should the organization consider before implementation? (Select TWO).

The back-end directory source

The identity federation protocol

The hashing method

The encryption method

The registration authority

The certificate authority

97. An administrator is experiencing issues when trying to upload a support file to a vendor A pop-up message reveals that a payment card number was found in the file, and the file upload was Mocked.

Which of the following controls is most likely causing this issue and should be checked FIRST?

DLP

Firewall rule

Content filter

MDM

Application allow list

98. A security administrator is analyzing the corporate wireless network. The network only has two access points running on channels 1 and 11. While using airodump-ng. the administrator notices other access points are running with the same corporate ESSID on all available channels and with the same BSSID of one of the legitimate access ports.

Which of the following attacks in happening on the corporate network?

Man in the middle

Evil twin

Jamming

Rogue access point

Disassociation

99. Which of the following would BEST provide detective and corrective controls for thermal regulation?

A smoke detector

A fire alarm

An HVAC system

A fire suppression system

Guards

100. A security analyst is designing the apocopate controls to limit unauthorized access to a physical site. The analyst has a directive to utilize the lowest possible budget.

Which of the following would BEST meet the requirements?

Preventive controls

Compensating controls

Deterrent controls

Detective controls

Boost Confidence To Pass SY0-601 Exam with Updated SY0-601 Study Materials

Boost Confidence To Pass SY0-601 Exam with Updated SY0-601 Study Materials

Come to check the SY0-601 free demo to verify the updated SY0-601 study materials:

Share this post

Author

Related Posts