Winter 50% Special Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 28285018

SY0-601 CompTIA Security+ Exam 2021 Questions and Answers

Questions 4

A pharmaceutical sales representative logs on to a laptop and connects to the public WiFi to check emails and update reports. Which of the following would be BEST to prevent other devices on the network from directly accessing the laptop? (Choose two.)

Options:

A.

Trusted Platform Module

B.

A host-based firewall

C.

A DLP solution

D.

Full disk encryption

E.

A VPN

F.

Antivirus software

Buy Now
Questions 5

A security engineer needs to enhance MFA access to sensitive areas in a building. A key card and fingerprint scan are already in use. Which of the following would add another factor of authentication?

Options:

A.

Hard token

B.

Retina scan

C.

SMS text

D.

Keypad PIN

Buy Now
Questions 6

A security analyst is performing a forensic investigation compromised account credentials. Using the Event Viewer, the analyst able to detect the following message, ‘’Special privileges assigned to new login.’’ Several of these messages did not have a valid logon associated with the user before these privileges were assigned. Which of the following attacks is MOST likely being detected?

Options:

A.

Pass-the-hash

B.

Buffer overflow

C.

Cross-site scripting

D.

Session replay

Buy Now
Questions 7

A host was infected with malware. During the incident response, Joe, a user, reported that he did not receive any emails with links, but he had been browsing the Internet all day. Which of the following would MOST likely show where the malware originated?

Options:

A.

The DNS logs

B.

The web server logs

C.

The SIP traffic logs

D.

The SNMP logs

Buy Now
Questions 8

Joe, a user at a company, clicked an email link led to a website that infected his workstation. Joe, was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and It has continues to evade detection. Which of the following should administrator implement to protect the environment from this malware?

Options:

A.

Install a definition-based antivirus.

B.

Implement an IDS/IPS

C.

Implement a heuristic behavior-detection solution.

D.

Implement CASB to protect the network shares.

Buy Now
Questions 9

A smart switch has the ability to monitor electrical levels and shut off power to a building in the event of power surge or other fault situation. The switch was installed on a wired network in a hospital and is monitored by the facilities department via a cloud application. The security administrator isolated the switch on a separate VLAN and set up a patch routine. Which of the following steps should also be taken to harden the smart switch?

Options:

A.

Set up an air gap for the switch.

B.

Change the default password for the switch.

C.

Place the switch In a Faraday cage.

D.

Install a cable lock on the switch

Buy Now
Questions 10

A development team employs a practice of bringing all the code changes from multiple team members into the same development project through automation. A tool is utilized to validate the code and track source code through version control. Which of the following BEST describes this process?

Options:

A.

Continuous delivery

B.

Continuous integration

C.

Continuous validation

D.

Continuous monitoring

Buy Now
Questions 11

Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?

Options:

A.

An attacker is sniffing traffic to port 53, and the server is managed using unencrypted usernames and passwords.

B.

An organization is experiencing excessive traffic on port 53 and suspects an attacker is trying to DoS the domain name server.

C.

Malware trying to resolve an unregistered domain name to determine if it is running in an isolated sandbox

D.

Routing tables have been compromised, and an attacker is rerouting traffic to malicious websites

Buy Now
Questions 12

Which of the following scenarios BEST describes a risk reduction technique?

Options:

A.

A security control objective cannot be met through a technical change, so the company purchases insurance and is no longer concerned about losses from data breaches.

B.

A security control objective cannot be met through a technical change, so the company implements a policy to train users on a more secure method of operation.

C.

A security control objective cannot be met through a technical change, so the company changes as method of operation

D.

A security control objective cannot be met through a technical change, so the Chief Information Officer (CIO) decides to sign off on the risk.

Buy Now
Questions 13

A small company that does not have security staff wants to improve its security posture. Which of the following would BEST assist the company?

Options:

A.

MSSP

B.

SOAR

C.

IaaS

D.

PaaS

Buy Now
Questions 14

A Chief Security Office's (CSO's) key priorities are to improve preparation, response, and recovery practices to minimize system downtime and enhance organizational resilience to ransomware attacks. Which of the following would BEST meet the CSO's objectives?

Options:

A.

Use email-filtering software and centralized account management, patch high-risk systems, and restrict administration privileges on fileshares.

B.

Purchase cyber insurance from a reputable provider to reduce expenses during an incident.

C.

Invest in end-user awareness training to change the long-term culture and behavior of staff and executives, reducing the organization's susceptibility to phishing attacks.

D.

Implement application whitelisting and centralized event-log management, and perform regular testing and validation of full backups.

Buy Now
Questions 15

A security analyst needs to make a recommendation for restricting access to certain segments of the network using only data-link layer security. Which of the following controls will the analyst MOST likely recommend?

A MAC

B. ACL

C. BPDU

D. ARP

Options:

Buy Now
Questions 16

To reduce costs and overhead, an organization wants to move from an on-premises email solution to a cloud-based email solution. At this time, no other services will be moving. Which of the following cloud models would BEST meet the needs of the organization?

Options:

A.

MaaS

B.

laaS

C.

SaaS

D.

PaaS

Buy Now
Questions 17

Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?

Options:

A.

Least privilege

B.

Awareness training

C.

Separation of duties

D.

Mandatory vacation

Buy Now
Questions 18

A cybersecurity department purchased o new PAM solution. The team is planning to randomize the service account credentials of the Windows server first. Which of the following would be the BEST method to increase the security on the Linux server?

Options:

A.

Randomize the shared credentials

B.

Use only guest accounts to connect.

C.

Use SSH keys and remove generic passwords

D.

Remove all user accounts.

Buy Now
Questions 19

A security analyst receives a SIEM alert that someone logged in to the appadmin test account, which is only used for the early detection of attacks. The security analyst then reviews the following application log:

Which of the following can the security analyst conclude?

Options:

A.

A replay attack is being conducted against the application.

B.

An injection attack is being conducted against a user authentication system.

C.

A service account password may have been changed, resulting in continuous failed logins within the application.

D.

A credentialed vulnerability scanner attack is testing several CVEs against the application.

Buy Now
Questions 20

An organization needs to implement more stringent controls over administrator/root credentials and service accounts. Requirements for the project include:

  • Check-in/checkout of credentials
  • The ability to use but not know the password
  • Automated password changes
  • Logging of access to credentials

Which of the following solutions would meet the requirements?

Options:

A.

OAuth 2.0

B.

Secure Enclave

C.

A privileged access management system

D.

An OpenID Connect authentication system

Buy Now
Questions 21

Which of the following provides the BEST protection for sensitive information and data stored in cloud-based services but still allows for full functionality and searchability of data within the cloud-based services?

Options:

A.

Data encryption

B.

Data masking

C.

Anonymization

D.

Tokenization

Buy Now
Questions 22

A company's Chief Information Security Officer (CISO) recently warned the security manager that the company’s Chief Executive Officer (CEO) is planning to publish a controversial option article in a national newspaper, which may result in new cyberattacks Which of the following would be BEST for the security manager to use in a threat mode?

Options:

A.

Hacktivists

B.

White-hat hackers

C.

Script kiddies

D.

Insider threats

Buy Now
Questions 23

In which of the following risk management strategies would cybersecurity insurance be used?

Options:

A.

Transference

B.

Avoidance

C.

Acceptance

D.

Mitigation

Buy Now
Questions 24

Which of the following should be put in place when negotiating with a new vendor about the timeliness of the response to a significant outage or incident?

Options:

A.

MOU

B.

MTTR

C.

SLA

D.

NDA

Buy Now
Questions 25

A security analyst needs to generate a server certificate to be used for 802.1X and secure RDP connections. The analyst is unsure what is required to perform the task and solicits help from a senior colleague. Which of the following is the FIRST step the senior colleague will most likely tell the analyst to perform to accomplish this task?

Options:

A.

Create an OCSP

B.

Generate a CSR

C.

Create a CRL

D.

Generate a .pfx file

Buy Now
Questions 26

A system administrator needs to implement an access control scheme that will allow an object’s access policy be determined by its owner. Which of the following access control schemes BEST fits the requirements?

Options:

A.

Role-based access control

B.

Discretionary access control

C.

Mandatory access control

D.

Attribute-based access control

Buy Now
Questions 27

A security analyst is reviewing information regarding recent vulnerabilities. Which of the following will the analyst MOST likely consult to validate which platforms have been affected?

Options:

A.

OSINT

B.

SIEM

C.

CVSS

D.

CVE

Buy Now
Questions 28

A network engineer needs to build a solution that will allow guests at the company’s headquarters to access the Internet via WiFi. This solution should not allow access to the internal corporate network, but it should require guests to sign off on the acceptable use policy before accessing the Internet. Which of the following should the engineer employ to meet these requirements?

Options:

A.

Implement open PSK on the APs

B.

Deploy a WAF

C.

Configure WIPS on the APs

D.

Install a captive portal

Buy Now
Questions 29

A user recently entered a username and password into a recruiting application website that had been forged to look like the legitimate site Upon investigation, a security analyst the identifies the following:

• The legitimate websites IP address is 10.1.1.20 and eRecruit local resolves to the IP

• The forged website's IP address appears to be 10.2.12.99. based on NetFtow records

• AH three at the organization's DNS servers show the website correctly resolves to the legitimate IP

• DNS query logs show one of the three DNS servers returned a result of 10.2.12.99 (cached) at the approximate time of the suspected compromise.

Which of the following MOST likely occurred?

Options:

A.

A reverse proxy was used to redirect network traffic

B.

An SSL strip MITM attack was performed

C.

An attacker temporarily pawned a name server

D.

An ARP poisoning attack was successfully executed

Buy Now
Questions 30

A network administrator is setting up wireless access points in all the conference rooms and wants to authenticate device using PKI. Which of the following should the administrator configure?

Options:

A.

A captive portal

B.

PSK

C.

802.1X

D.

WPS

Buy Now
Questions 31

Which of the following relets to applications and systems that are used within an organization without consent or approval?

Options:

A.

Shadow IT

B.

OSINT

C.

Dark web

D.

Insider threats

Buy Now
Questions 32

Which of the following refers to applications and systems that are used within an organization without consent or approval?

Options:

A.

Shadow IT

B.

OSINT

C.

Dark web

D.

Insider threats

Buy Now
Questions 33

Which of the following will MOST likely adversely impact the operations of unpatched traditional programmable-logic controllers, running a back-end LAMP server and OT systems with human-management interfaces that are accessible over the Internet via a web interface? (Choose two.)

Options:

A.

Cross-site scripting

B.

Data exfiltration

C.

Poor system logging

D.

Weak encryption

E.

SQL injection

F.

Server-side request forgery

Buy Now
Questions 34

A security analyst needs to produce a document that details how a security incident occurred, the steps that were taken for recovery, and how future incidents can be avoided. During which of the following stages of the response process will this activity take place?

Options:

A.

Recovery

B.

Identification

C.

Lessons learned

D.

Preparation

Buy Now
Exam Code: SY0-601
Exam Name: CompTIA Security+ Exam 2021
Last Update: Jan 28, 2021
Questions: 251

PDF + Testing Engine

$70  $139.99

Testing Engine

$52.5  $104.99

PDF (Q&A)

$47.5  $94.99