Independence Day Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 713PS592

SY0-601 CompTIA Security+ Exam 2022 Questions and Answers

Questions 4

Which of the following is an example of transference of risk?

Options:

A.

Purchasing insurance

B.

Patching vulnerable servers

C.

Retiring outdated applications

D.

Application owner risk sign-off

Buy Now
Questions 5

A company recently experienced a significant data loss when proprietary Information was leaked to a competitor. The company took special precautions by using proper labels; however, email filter logs do not have any record of the incident. An Investigation confirmed the corporate network was not breached, but documents were downloaded from an employee's COPE tablet and passed to the competitor via cloud storage. Which of the following is the BEST remediation for this data leak?

Options:

A.

User training

B.

CASB

C.

MDM

D.

DLP

Buy Now
Questions 6

Two organizations plan to collaborate on the evaluation of new SIEM solutions for their respective companies. A combined effort from both organizations' SOC teams would speed up the effort. Which of the following can be written to document this agreement?

Options:

A.

MOU

B.

ISA

C.

SLA

D.

NDA

Buy Now
Questions 7

A SOC operator is analyzing a log file that contains the following entries:

Options:

A.

SQL injection and improper input-handling attempts

B.

Cross-site scripting and resource exhaustion attempts

C.

Command injection and directory traversal attempts

D.

Error handling and privilege escalation attempts

Buy Now
Questions 8

A systems administrator needs to install a new wireless network for authenticated guest access. The wireless network should support 802. IX using the most secure encryption and protocol available.

Perform the following steps:

1. Configure the RADIUS server.

2. Configure the WiFi controller.

3. Preconfigure the client for an incoming guest. The guest AD credentials are:

User: guest01

Password: guestpass

Options:

Buy Now
Questions 9

The Chief information Security Officer wants to prevent exfilitration of sensitive information from employee cell phones when using public USB power charging stations. Which of the following would be the Best solution to implement?

Options:

A.

DLP

B.

USB data blocker

C.

USB OTG

D.

Disabling USB ports

Buy Now
Questions 10

An engineer recently deployed a group of 100 web servers in a cloud environment. Per the security policy, all web-server ports except 443 should be disabled. Which of the following can be used to accomplish this task?

Options:

A.

Application allow list

B.

SWG

C.

Host-based firewall

D.

VPN

Buy Now
Questions 11

A DBA reports that several production server hard drives were wiped over the weekend. The DBA also reports that several Linux servers were unavailable due to system files being deleted unexpectedly. A security analyst verified that software was configured to delete data deliberately from those servers. No backdoors to any servers were found. Which of the following attacks was MOST likely used to cause the data toss?

Options:

A.

Logic bomb

B.

Ransomware

C.

Fileless virus

D.

Remote access Trojans

E.

Rootkit

Buy Now
Questions 12

A security analyst is designing the appropnate controls to limit unauthorized access to a physical site The analyst has a directive to utilize the lowest possible budget Which of the following would BEST meet the requirements?

Options:

A.

Preventive controls

B.

Compensating controls

C.

Deterrent controls

D.

Detective controls

Buy Now
Questions 13

A tax organization is working on a solution to validate the online submission of documents The solution should be earned on a portable USB device that should be inserted on any computer that is transmitting a transaction securely. Which of the following is the BEST certificate for these requirements?

Options:

A.

User certificate

B.

Self-signed certificate

C.

Computer certificate

D.

Root certificate

Buy Now
Questions 14

Which of the following components can be used to consolidate and forward inbound Internet traffic to multiple cloud environments though a single firewall?

Options:

A.

Transit gateway

B.

Cloud hot site

C.

Edge computing

D.

DNS sinkhole

Buy Now
Questions 15

The Chief Compliance Officer from a bank has approved a background check policy for all new hires Which of the following is the policy MOST likely protecting against?

Options:

A.

Preventing any current employees' siblings from working at the bank to prevent nepotism

B.

Hiring an employee who has been convicted of theft to adhere to industry compliance

C.

Filtenng applicants who have added false information to resumes so they appear better qualified

D.

Ensuring no new hires have worked at other banks that may be trying to steal customer information

Buy Now
Questions 16

Data exftitration analysis indicates that an attacker managed to download system configuration notes from a web server. The web-server logs have been deleted, but analysts have determined that the system configuration notes were stored in the database administrator's folder on the web server Which of the following attacks explains what occurred? (Select TWO)

Options:

A.

Pass-th e- hash

B.

Directory traversal

C.

SQL injection

D.

Privilege escalation

E.

Cross-site scnpting

F.

Request forgery

Buy Now
Questions 17

The database administration team is requesting guidance for a secure solution that will ensure confidentiality of cardholder data at rest only in certain fields in the database schema. The requirement is to substitute a sensitive data field with a non-sensitive field that is rendered useless if a data breach occurs Which of the following is the BEST solution to meet the requirement?

Options:

A.

Tokenization

B.

Masking

C.

Full disk encryption

D.

Mirroring

Buy Now
Questions 18

A security administrator is analyzing the corporate wireless network The network only has two access points running on channels 1 and 11. While using airodump-ng. the administrator notices other access points are running with the same corporate ESSID on all available channels and with the same BSSID of one of the legitimate access ports Which of the following attacks in happening on the corporate network?

Options:

A.

Man in the middle

B.

Evil twin

C.

Jamming

D.

Rogue access point

E.

Disassociation

Buy Now
Questions 19

A company wants to improve end users experiences when they tog in to a trusted partner website The company does not want the users to be issued separate credentials for the partner website Which of the following should be implemented to allow users to authenticate using their own credentials to log in to the trusted partner's website?

Options:

A.

Directory service

B.

AAA server

C.

Federation

D.

Multifactor authentication

Buy Now
Questions 20

During an incident response, an analyst applied rules to all inbound traffic on the border firewall and implemented ACLs on each critical server Following an investigation, the company realizes it is still vulnerable because outbound traffic is not restncted and the adversary is able lo maintain a presence in the network. In which of the following stages of the Cyber Kill Chain is the adversary currently operating?

Options:

A.

Reconnaissance

B.

Command and control

C.

Actions on objective

D.

Exploitation

Buy Now
Questions 21

Which of the following would BEST provide detective and corrective controls for thermal regulation?

Options:

A.

A smoke detector

B.

A fire alarm

C.

An HVAC system

D.

A fire suppression system

E.

Guards

Buy Now
Questions 22

A security analyst is working on a project to implement a solution that monitors network communications and provides alerts when abnormal behavior is detected Which of the following is the security analyst MOST likely implementing?

Options:

A.

Vulnerability scans

B.

User behavior analysis

C.

Security orchestration, automation, and response

D.

Threat hunting

Buy Now
Questions 23

A company needs to validate its updated incident response plan using a real-world scenario that will test decision points and relevant incident response actions without interrupting daily operations. Which of the following would BEST meet the company's requirements?

Options:

A.

Red-team exercise

B.

Capture-the-flag exercise

C.

Tabletop exercise

D.

Phishing exercise

Buy Now
Questions 24

Which of the following is the BEST example of a cost-effective physical control to enforce a USB removable media restriction policy?

Options:

A.

Putting security/antitamper tape over USB ports logging the port numbers and regularly inspecting the ports

B.

Implementing a GPO that will restrict access to authorized USB removable media and regularly verifying that it is enforced

C.

Placing systems into locked key-controlled containers with no access to the USB ports

D.

Installing an endpoint agent to detect connectivity of USB and removable media

Buy Now
Exam Code: SY0-601
Exam Name: CompTIA Security+ Exam 2022
Last Update: Jul 4, 2022
Questions: 162

PDF + Testing Engine

$70.4  $175.99

Testing Engine

$52.8  $131.99
buy now SY0-601 testing engine

PDF (Q&A)

$44  $109.99
buy now SY0-601 pdf