getcertified4sure.com

SY0-601 Exam

Most Recent SY0-601 Training Materials For CompTIA Security+ Exam Certification




Your success in CompTIA SY0-601 is our sole target and we develop all our SY0-601 braindumps in a way that facilitates the attainment of this target. Not only is our SY0-601 study material the best you can find, it is also the most detailed and the most updated. SY0-601 Practice Exams for CompTIA SY0-601 are written to the highest standards of technical accuracy.

Free demo questions for CompTIA SY0-601 Exam Dumps Below:

NEW QUESTION 1
A user contacts the help desk to report the following:
SY0-601 dumps exhibit Two days ago, a pop-up browser window prompted the user for a name and password after connecting to the corporate wireless SSID. This had never happened before, but the user entered the information as requested.
SY0-601 dumps exhibit The user was able to access the Internet but had trouble accessing the department share until the next day.
SY0-601 dumps exhibit The user is now getting notifications from the bank about unauthorized transactions. Which of the following attack vectors was MOST likely used in this scenario?

  • A. Rogue access point
  • B. Evil twin
  • C. DNS poisoning
  • D. ARP poisoning

Answer: A

NEW QUESTION 2
An organization routes all of its traffic through a VPN Most users are remote and connect into a corporate datacenter that houses confidential information There is a firewall at the Internet border followed by a DIP appliance, the VPN server and the datacenter itself. Which of the following is the WEAKEST design element?

  • A. The DLP appliance should be integrated into a NGFW.
  • B. Split-tunnel connections can negatively impact the DLP appliance's performance
  • C. Encrypted VPN traffic will not be inspected when entering or leaving the network
  • D. Adding two hops in the VPN tunnel may slow down remote connections

Answer: C

NEW QUESTION 3
Company engineers regularly participate in a public Internet forum with other engineers throughout the industry. Which of the following tactics would an attacker MOST likely use in this scenario?

  • A. Watering-hole attack
  • B. Credential harvesting
  • C. Hybrid warfare
  • D. Pharming

Answer: A

NEW QUESTION 4
A startup company is using multiple SaaS and IaaS platforms to stand up a corporate infrastructure and build out a customer-facing web application. Which of the following solutions would be BEST to provide security, manageability, and visibility into the platforms?

  • A. SIEM
  • B. DLP
  • C. CASB
  • D. SWG

Answer: C

NEW QUESTION 5
A company needs to centralize its logs to create a baseline and have visibility on its security events. Which of the following technologies will accomplish this objective?

  • A. Security information and event management
  • B. A web application firewall
  • C. A vulnerability scanner
  • D. A next-generation firewall

Answer: A

NEW QUESTION 6
The facilities supervisor for a government agency is concerned about unauthorized access to environmental systems in the event the staff WiFi network is breached. Which of the blowing would BEST address this security concern?

  • A. install a smart meter on the staff WiFi.
  • B. Place the environmental systems in the same DHCP scope as the staff WiFi.
  • C. Implement Zigbee on the staff WiFi access points.
  • D. Segment the staff WiFi network from the environmental systems network.

Answer: D

NEW QUESTION 7
A security analyst discovers that a company username and password database was posted on an internet forum. The username and passwords are stored in plan text. Which of the following would mitigate the damage done by this type of data exfiltration in the future?

  • A. Create DLP controls that prevent documents from leaving the network
  • B. Implement salting and hashing
  • C. Configure the web content filter to block access to the forum.
  • D. Increase password complexity requirements

Answer: A

NEW QUESTION 8
A security analyst needs to generate a server certificate to be used for 802.1X and secure RDP connections. The analyst is unsure what is required to perform the task and solicits help from a senior colleague. Which of the following is the FIRST step the senior colleague will most likely tell the analyst to perform to accomplish this task?

  • A. Create an OCSP
  • B. Generate a CSR
  • C. Create a CRL
  • D. Generate a .pfx file

Answer: B

NEW QUESTION 9
A well-known organization has been experiencing attacks from APIs. The organization is concerned that custom malware is being created and emailed into the company or installed on USB sticks that are dropped in parking lots. Which of the following is the BEST defense against this scenario?

  • A. Configuring signature-based antivirus io update every 30 minutes
  • B. Enforcing S/MIME for email and automatically encrypting USB drives upon insertion.
  • C. Implementing application execution in a sandbox for unknown software.
  • D. Fuzzing new files for vulnerabilities if they are not digitally signed

Answer: C

NEW QUESTION 10
A cybersecurity administrator needs to add disk redundancy for a critical server. The solution must have a two- drive failure for better fault tolerance. Which of the following RAID levels should the administrator select?

  • A. 1
  • B. 5
  • C. 6

Answer: B

NEW QUESTION 11
A RAT that was used to compromise an organization’s banking credentials was found on a user’s computer. The RAT evaded antivirus detection. It was installed by a user who has local administrator rights to the system as part of a remote management tool set. Which of the following recommendations would BEST prevent this from reoccurring?

  • A. Create a new acceptable use policy.
  • B. Segment the network into trusted and untrusted zones.
  • C. Enforce application whitelisting.
  • D. Implement DLP at the network boundary.

Answer: C

NEW QUESTION 12
Which of the following ISO standards is certified for privacy?

  • A. ISO 9001
  • B. ISO 27002
  • C. ISO 27701
  • D. ISO 31000

Answer: C

NEW QUESTION 13
A security modern may have occurred on the desktop PC of an organization's Chief Executive Officer (CEO) A duplicate copy of the CEO's hard drive must be stored securely to ensure appropriate forensic processes and the chain of custody are followed. Which of the following should be performed to accomplish this task?

  • A. Install a new hard drive in the CEO's PC, and then remove the old hard drive and place it in a tamper-evident bag
  • B. Connect a write blocker to the hard drive Then leveraging a forensic workstation, utilize the dd command m a live Linux environment to create a duplicate copy
  • C. Remove the CEO's hard drive from the PC, connect to the forensic workstation, and copy all the contents onto a remote fileshare while the CEO watches
  • D. Refrain from completing a forensic analysts of the CEO's hard drive until after the incident is confirmed, duplicating the hard drive at this stage could destroy evidence

Answer: D

NEW QUESTION 14
After a ransomware attack a forensics company needs to review a cryptocurrency transaction between the victim and the attacker. Which of the following will the company MOST likely review to trace this transaction?

  • A. The public ledger
  • B. The NetFlow data
  • C. A checksum
  • D. The event log

Answer: A

NEW QUESTION 15
A security engineer needs to enhance MFA access to sensitive areas in a building. A key card and fingerprint scan are already in use. Which of the following would add another factor of authentication?

  • A. Hard token
  • B. Retina scan
  • C. SMS text
  • D. Keypad PIN

Answer: B

NEW QUESTION 16
A university with remote campuses, which all use different service providers, loses Internet connectivity across all locations. After a few minutes, Internet and VoIP services are restored, only to go offline again at random intervals, typically within four minutes of services being restored. Outages continue throughout the day, impacting all inbound and outbound connections and services. Services that are limited to the local LAN or WiFi network are not impacted, but all WAN and VoIP services are affected.
Later that day, the edge-router manufacturer releases a CVE outlining the ability of an attacker to exploit the SIP protocol handling on devices, leading to resource exhaustion and system reloads. Which of the following BEST describe this type of attack? (Choose two.)

  • A. DoS
  • B. SSL stripping
  • C. Memory leak
  • D. Race condition
  • E. Shimming
  • F. Refactoring

Answer: AD

NEW QUESTION 17
A security analyst is performing a forensic investigation compromised account credentials. Using the Event Viewer, the analyst able to detect the following message, ‘’Special privileges assigned to new login.’’ Several of these messages did not have a valid logon associated with the user before these privileges were assigned. Which of the following attacks is MOST likely being detected?

  • A. Pass-the-hash
  • B. Buffer overflow
  • C. Cross-site scripting
  • D. Session replay

Answer: A

NEW QUESTION 18
A security administrator suspects an employee has been emailing proprietary information to a competitor. Company policy requires the administrator to capture an exact copy of the employee’s hard disk. Which of the following should the administrator use?

  • A. dd
  • B. chmod
  • C. dnsenum
  • D. logger

Answer: A

NEW QUESTION 19
A network technician is installing a guest wireless network at a coffee shop. When a customer purchases an Item, the password for the wireless network is printed on the recent so the customer can log in. Which of the following will the technician MOST likely configure to provide the highest level of security with the least amount of overhead?

  • A. WPA-EAP
  • B. WEP-TKIP
  • C. WPA-PSK
  • D. WPS-PIN

Answer: A

NEW QUESTION 20
After entering a username and password, and administrator must gesture on a touch screen. Which of the following demonstrates what the administrator is providing?

  • A. Multifactor authentication
  • B. Something you can do
  • C. Biometric
  • D. Two-factor authentication

Answer: D

NEW QUESTION 21
An incident response technician collected a mobile device during an investigation. Which of the following should the technician do to maintain chain of custody?

  • A. Document the collection and require a sign-off when possession changes.
  • B. Lock the device in a safe or other secure location to prevent theft or alteration.
  • C. Place the device in a Faraday cage to prevent corruption of the data.
  • D. Record the collection in a blockchain-protected public ledger.

Answer: A

NEW QUESTION 22
A website developer is working on a new e-commerce website and has asked an information security expert for the most appropriate way to store credit card numbers to create an easy reordering process. Which of the following methods would BEST accomplish this goal?

  • A. Salting the magnetic strip information
  • B. Encrypting the credit card information in transit.
  • C. Hashing the credit card numbers upon entry.
  • D. Tokenizing the credit cards in the database

Answer: C

NEW QUESTION 23
Some laptops recently went missing from a locked storage area that is protected by keyless RFID-enabled locks. There is no obvious damage to the physical space. The security manager identifies who unlocked the door, however, human resources confirms the employee was on vacation at the time of the incident. Which of the following describes what MOST likely occurred?

  • A. The employee's physical access card was cloned.
  • B. The employee is colluding with human resources
  • C. The employee's biometrics were harvested
  • D. A criminal used lock picking tools to open the door.

Answer: A

NEW QUESTION 24
......

P.S. Easily pass SY0-601 Exam with 218 Q&As Surepassexam Dumps & pdf Version, Welcome to Download the Newest Surepassexam SY0-601 Dumps: https://www.surepassexam.com/SY0-601-exam-dumps.html (218 New Questions)