Proper study guides for Latest CompTIA CompTIA Security+ Exam certified begins with CompTIA SY0-601 preparation products which designed to deliver the 100% Correct SY0-601 questions by making you pass the SY0-601 test at your first time. Try the free SY0-601 demo right now.
Online SY0-601 free questions and answers of New Version:
NEW QUESTION 1
A security analyst is reviewing information regarding recent vulnerabilities. Which of the following will the analyst MOST likely consult to validate which platforms have been affected?
- A. OSINT
- B. SIEM
- C. CVSS
- D. CVE
NEW QUESTION 2
Which of the following is the purpose of a risk register?
- A. To define the level or risk using probability and likelihood
- B. To register the risk with the required regulatory agencies
- C. To identify the risk, the risk owner, and the risk measures
- D. To formally log the type of risk mitigation strategy the organization is using
NEW QUESTION 3
A security analyst needs to be proactive in understand the types of attacks that could potentially target the company's execute. Which of the following intelligence sources should to security analyst review?
- A. Vulnerability feeds
- B. Trusted automated exchange of indicator information
- C. Structured threat information expression
- D. Industry information-sharing and collaboration groups
NEW QUESTION 4
An incident response technician collected a mobile device during an investigation. Which of the following should the technician do to maintain chain of custody?
- A. Document the collection and require a sign-off when possession changes.
- B. Lock the device in a safe or other secure location to prevent theft or alteration.
- C. Place the device in a Faraday cage to prevent corruption of the data.
- D. Record the collection in a blockchain-protected public ledger.
NEW QUESTION 5
A network administrator would like to configure a site-to-site VPN utilizing iPSec. The administrator wants the tunnel to be established with data integrity encryption, authentication and anti- replay functions Which of the following should the administrator use when configuring the VPN?
- A. AH
- B. EDR
- C. ESP
- D. DNSSEC
NEW QUESTION 6
The Chief Financial Officer (CFO) of an insurance company received an email from Ann, the company’s Chief Executive Officer (CEO), requesting a transfer of $10,000 to an account. The email states Ann is on vacation and has lost her purse, containing cash and credit cards. Which of the following social-engineering techniques is the attacker using?
- A. Phishing
- B. Whaling
- C. Typo squatting
- D. Pharming
NEW QUESTION 7
Which of the following refers to applications and systems that are used within an organization without consent or approval?
- A. Shadow IT
- B. OSINT
- C. Dark web
- D. Insider threats
NEW QUESTION 8
A security analyst needs to determine how an attacker was able to use User3 to gain a foothold within a company's network. The company's lockout policy requires that an account be locked out for a minimum of 15 minutes after three unsuccessful attempts. While reviewing the log files, the analyst discovers the following:
Which of the following attacks MOST likely occurred?
- A. Dictionary
- B. Credential-stuffing
- C. Password-spraying
- D. Brute-force
NEW QUESTION 9
An organization is concerned that is hosted web servers are not running the most updated version of the software. Which of the following would work BEST to help identify potential vulnerabilities?
- A. Hping3 –s comptia, org –p 80
- B. Nc -1 –v comptia, org –p 80
- C. nmp comptia, org –p 80 –aV
- D. nslookup –port=80 comtia.org
NEW QUESTION 10
A Chief Information Security Officer (CISO) needs to create a policy set that meets international standards for data privacy and sharing. Which of the following should the CISO read and understand before writing the policies?
- A. PCI DSS
- B. GDPR
- C. NIST
- D. ISO 31000
NEW QUESTION 11
Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?
- A. An attacker is sniffing traffic to port 53, and the server is managed using unencrypted usernames and passwords.
- B. An organization is experiencing excessive traffic on port 53 and suspects an attacker is trying to DoS the domain name server.
- C. Malware trying to resolve an unregistered domain name to determine if it is running in an isolated sandbox
- D. Routing tables have been compromised, and an attacker is rerouting traffic to malicious websites
NEW QUESTION 12
A security analyst needs to make a recommendation for restricting access to certain segments of the network using only data-link layer security. Which of the following controls will the analyst MOST likely recommend?
- A. MAC
- B. ACL
- C. BPDU
- D. ARP
NEW QUESTION 13
A security analyst discovers several .jpg photos from a cellular phone during a forensics investigation involving a compromised system. The analyst runs a forensics tool to gather file metadata. Which of the following would be part of the images if all the metadata is still intact?
- A. The GPS location
- B. When the file was deleted
- C. The total number of print jobs
- D. The number of copies made
NEW QUESTION 14
A security analyst reviews the datacenter access logs for a fingerprint scanner and notices an abundance of errors that correlate with users' reports of issues accessing the facility. Which of the following MOST likely the cause of the cause of the access issues?
- A. False rejection
- B. Cross-over error rate
- C. Efficacy rale
- D. Attestation
NEW QUESTION 15
A company recently experienced a data breach and the source was determined to be an executive who was charging a phone in a public area. Which of the following would MOST likely have prevented this breach?
- A. A firewall
- B. A device pin
- C. A USB data blocker
- D. Biometrics
NEW QUESTION 16
A security analyst needs to complete an assessment. The analyst is logged into a server and must use native tools to map services running on it to the server's listening ports. Which of the following tools can BEST accomplish this talk?
- A. Netcat
- B. Netstat
- C. Nmap
- D. Nessus
NEW QUESTION 17
Which of the following provides the BEST protection for sensitive information and data stored in cloud-based services but still allows for full functionality and searchability of data within the cloud-based services?
- A. Data encryption
- B. Data masking
- C. Anonymization
- D. Tokenization
NEW QUESTION 18
A company’s bank has reported that multiple corporate credit cards have been stolen over the past several weeks. The bank has provided the names of the affected cardholders to the company’s forensics team to assist in the cyber-incident investigation.
An incident responder learns the following information:
The timeline of stolen card numbers corresponds closely with affected users making Internet-based purchases from diverse websites via enterprise desktop PCs.
All purchase connections were encrypted, and the company uses an SSL inspection proxy for the inspection of encrypted traffic of the hardwired network.
Purchases made with corporate cards over the corporate guest WiFi network, where no SSL inspection occurs, were unaffected.
Which of the following is the MOST likely root cause?
- A. HTTPS sessions are being downgraded to insecure cipher suites
- B. The SSL inspection proxy is feeding events to a compromised SIEM
- C. The payment providers are insecurely processing credit card charges
- D. The adversary has not yet established a presence on the guest WiFi network
NEW QUESTION 19
A system administrator needs to implement an access control scheme that will allow an object’s access policy be determined by its owner. Which of the following access control schemes BEST fits the requirements?
- A. Role-based access control
- B. Discretionary access control
- C. Mandatory access control
- D. Attribute-based access control
NEW QUESTION 20
A recent audit uncovered a key finding regarding the use of a specific encryption standard in a web application that is used to communicate with business customers. Due to the technical limitations of its customers the company is unable to upgrade the encryption standard. Which of the following types of controls should be used to reduce the risk created by this scenario?
- A. Physical
- B. Detective
- C. Preventive
- D. Compensating
NEW QUESTION 21
A symmetric encryption algorithm Is BEST suited for:
- A. key-exchange scalability.
- B. protecting large amounts of data.
- C. providing hashing capabilities,
- D. implementing non-repudiation.
NEW QUESTION 22
A website developer is working on a new e-commerce website and has asked an information security expert for the most appropriate way to store credit card numbers to create an easy reordering process. Which of the following methods would BEST accomplish this goal?
- A. Salting the magnetic strip information
- B. Encrypting the credit card information in transit.
- C. Hashing the credit card numbers upon entry.
- D. Tokenizing the credit cards in the database
NEW QUESTION 23
A malicious actor recently penetration a company’s network and moved laterally to the datacenter. Upon investigation, a forensics firm wants to know was in the memory on the compromised server. Which of the following files should be given to the forensics firm?
- A. Security
- B. Application
- C. Dump
- D. Syslog
NEW QUESTION 24
An organization hired a consultant to assist with an active attack, and the consultant was able to identify the compromised accounts and computers. Which of the following is the consultant MOST likely to recommend to prepare for eradication?
- A. Quarantining the compromised accounts and computers, only providing them with network access
- B. Segmenting the compromised accounts and computers into a honeynet so as to not alert the attackers.
- C. Isolating the compromised accounts and computers, cutting off all network and internet access.
- D. Logging off and deleting the compromised accounts and computers to eliminate attacker access.
NEW QUESTION 25
Which of the following scenarios BEST describes a risk reduction technique?
- A. A security control objective cannot be met through a technical change, so the company purchases insurance and is no longer concerned about losses from data breaches.
- B. A security control objective cannot be met through a technical change, so the company implements a policy to train users on a more secure method of operation.
- C. A security control objective cannot be met through a technical change, so the company changes as method of operation
- D. A security control objective cannot be met through a technical change, so the Chief Information Officer (CIO) decides to sign off on the risk.
NEW QUESTION 26
Recommend!! Get the Full SY0-601 dumps in VCE and PDF From Certleader, Welcome to Download: https://www.certleader.com/SY0-601-dumps.html (New 218 Q&As Version)