• Home
  • Articles
  • Online Questions - Valid Practice To your SY0-601 Exam (Updated 470 Questions) [Q254-Q272]

Online Questions - Valid Practice To your SY0-601 Exam (Updated 470 Questions) [Q254-Q272]

Share

Online Questions - Valid Practice To your SY0-601 Exam (Updated 470 Questions)

Practice To SY0-601 - Remarkable Practice On your CompTIA Security+ Exam Exam

NEW QUESTION 254
A security engineer is setting up passwordless authentication for the first time.
INSTRUCTIONS
Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Answer:

Explanation:

 

NEW QUESTION 255
Users at organization have been installing programs from the internet on their workstations without first proper authorization. The organization maintains a portal from which users can install standardized programs. However, some users have administrative access on their workstations to enable legacy programs to function property. Which of the following should the security administrator consider implementing to address this issue?

  • A. Data loss prevention
  • B. Application code signing
  • C. Application whitellsting
  • D. Web application firewalls

Answer: C

 

NEW QUESTION 256
Leveraging the information supplied below, complete the CSR for the server to set up TLS (HTTPS)
* Hostname: ws01
* Domain: comptia.org
* IPv4: 10.1.9.50
* IPV4: 10.2.10.50
* Root: home.aspx
* DNS CNAME:homesite.
Instructions:
Drag the various data points to the correct locations within the CSR. Extension criteria belong in the let hand column and values belong in the corresponding row in the right hand column.

Answer:

Explanation:

 

NEW QUESTION 257
A company recently added a DR site and is redesigning the network. Users at the DR site are having issues browsing websites.
INSTRUCTIONS
Click on each firewall to do the following:
Deny cleartext web traffic.
Ensure secure management protocols are used.Resolve issues at the DR site.
The ruleset order cannot be modified due to outside constraints.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.


Answer:

Explanation:
Firewall 1:
DNS Rule - ANY --> ANY --> DNS --> PERMIT
HTTPS Outbound - 10.0.0.1/24 --> ANY --> HTTPS --> PERMIT
Management - ANY --> ANY --> SSH --> PERMIT
HTTPS Inbound - ANY --> ANY --> HTTPS --> PERMIT
HTTP Inbound - ANY --> ANY --> HTTP --> DENY
Firewall 2:
No changes should be made to this firewall
Firewall 3:


DNS Rule - ANY --> ANY --> DNS --> PERMIT
HTTPS Outbound - 192.168.0.1/24 --> ANY --> HTTPS --> PERMIT
Management - ANY --> ANY --> SSH --> PERMIT
HTTPS Inbound - ANY --> ANY --> HTTPS --> PERMIT
HTTP Inbound - ANY --> ANY --> HTTP --> DENY

 

NEW QUESTION 258
A forensics investigator is examining a number of unauthorized payments the were reported on the company's website. Some unusual log entries show users received an email for an unwanted mailing list and clicked on a link to attempt to unsubscribe. One of the users reported the email to the phishing team, and the forwarded email revealed the link to be:

Which of the following will the forensics investigator MOST likely determine has occurred?

  • A. XSS
  • B. CSRF
  • C. SQL injection
  • D. XSRF

Answer: B

 

NEW QUESTION 259
A security analyst is investigating an incident to determine what an attacker was able to do on a compromised laptop. The analyst reviews the following SIEM log:

Which of the following describes the method that was used to compromise the laptop?

  • A. An attacker was able to bypass application whitelisting by emailing a spreadsheet attachment with an embedded PowerShell in the file
  • B. An attacker was able to move laterally from PC1 to PC2 using a pass-the-hash attack
  • C. An attacker was able to phish user credentials successfully from an Outlook user profile
  • D. An attacker was able to install malware to the CAasdf234 folder and use it to gam administrator nights and launch Outlook

Answer: C

 

NEW QUESTION 260
A company has limited storage available and online presence that cannot for more than four hours. Which of the following backup methodologies should the company implement to allow for the FASTEST database restore time In the event of a failure, which being maindful of the limited available storage space?

  • A. Implement full backups every Sunday at 8:00 p.m and nightly differential backups at 8:00
  • B. Implement nightly full backups every Sunday at 8:00 p.m
  • C. Implement different backups every Sunday at 8:00 and nightly incremental backups at 8:00 p.m
  • D. Implement fulltape backup every Sunday at 8:00 p.m and perform nightly tape rotations.

Answer: C

 

NEW QUESTION 261
Which of the following BEST describes the MFA attribute that requires a callback on a predefined landline?

  • A. Something you exhibit
  • B. Somewhere you are
  • C. Something you can do
  • D. Someone you know

Answer: C

 

NEW QUESTION 262
A security analyst has been asked to investigate a situation after the SOC started to receive alerts from the SIEM. The analyst first looks at the domain controller and finds the following events:

To better understand what is going on, the analyst runs a command and receives the following output:

Based on the analyst's findings, which of the following attacks is being executed?

  • A. Keylogger
  • B. Credential harvesting
  • C. Brute-force
  • D. Spraying

Answer: D

 

NEW QUESTION 263
A development team employs a practice of bringing all the code changes from multiple team members into the same development project through automation. A tool is utilized to validate the code and track source code through version control. Which of the following BEST describes this process?

  • A. Continuous monitoring
  • B. Continuous delivery
  • C. Continuous validation
  • D. Continuous integration

Answer: D

 

NEW QUESTION 264
A company provides mobile devices to its users to permit access to email and enterprise applications. The company recently started allowing users to select from several different vendors and device models. When configuring the MDM, which of the following is a key security implication of this heterogeneous device approach?

  • A. All devices will need to support SCEP-based enrollment; therefore, the heterogeneity of the chosen architecture may unnecessarily expose private keys to adversaries.
  • B. Certain devices are inherently less secure than others, so compensatory controls will be needed to address the delta between device vendors.
  • C. The most common set of MDM configurations will become the effective set of enterprise mobile security controls.
  • D. MDMs typically will not support heterogeneous deployment environments, so multiple MDMs will need to be installed and configured.

Answer: B

 

NEW QUESTION 265
An organization just experienced a major cyberattack modem. The attack was well coordinated sophisticated and highly skilled. Which of the following targeted the organization?

  • A. An insider threat
  • B. A hacktivist
  • C. An advanced persistent threat
  • D. Shadow IT

Answer: C

 

NEW QUESTION 266
A malicious actor recently penetration a company's network and moved laterally to the datacenter. Upon investigation, a forensics firm wants to know was in the memory on the compromised server. Which of the following files should be given to the forensics firm?

  • A. Dump
  • B. Syslog
  • C. Security
  • D. Application

Answer: A

Explanation:
Dump files are a special type of files that store information about your computer, the software on it, and the data loaded in the memory when something bad happens. They are usually automatically generated by Windows or by the apps that crash, but you can also manually generate them https://www.digitalcitizen.life/view-contents-dump-file/

 

NEW QUESTION 267
The SIEM at an organization has detected suspicious traffic coming a workstation in its internal network. An analyst in the SOC the workstation and discovers malware that is associated with a botnet is installed on the device A review of the logs on the workstation reveals that the privileges of the local account were escalated to a local administrator. To which of the following groups should the analyst report this real-world event?

  • A. The vulnerability management team
  • B. The NOC team
  • C. The CIRT
  • D. The read team

Answer: B

 

NEW QUESTION 268
On which of the following is the live acquisition of data for forensic analysis MOST dependent? (Choose two.)

  • A. Value and volatility of data
  • B. Legal hold
  • C. Right-to-audit clauses
  • D. Cryptographic or hash algorithm
  • E. Data retention legislation
  • F. Data accessibility

Answer: A,C

 

NEW QUESTION 269
Which of the following would be BEST to establish between organizations to define the responsibilities of each party outline the key deliverables and include monetary penalties for breaches to manage third-party risk?

  • A. An MOU
  • B. A BPA
  • C. An SLA
  • D. An ARO

Answer: C

Explanation:
Explanation
Most SLA include a monetary penalty if the vendor is unable to meet the agreed-upon expectations

 

NEW QUESTION 270
A company recently added a DR site and is redesigning the network. Users at the DR site are having issues browsing websites.
INSTRUCTIONS
Click on each firewall to do the following:
Deny cleartext web traffic.
Ensure secure management protocols are used.Resolve issues at the DR site.
The ruleset order cannot be modified due to outside constraints.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.


Answer:

Explanation:
Firewall 1:
DNS Rule - ANY --> ANY --> DNS --> PERMIT
HTTPS Outbound - 10.0.0.1/24 --> ANY --> HTTPS --> PERMIT
Management - ANY --> ANY --> SSH --> PERMIT
HTTPS Inbound - ANY --> ANY --> HTTPS --> PERMIT
HTTP Inbound - ANY --> ANY --> HTTP --> DENY
Firewall 2:
Firewall 3:


DNS Rule - ANY --> ANY --> DNS --> PERMIT
HTTPS Outbound - 192.168.0.1/24 --> ANY --> HTTPS --> PERMIT
Management - ANY --> ANY --> SSH --> PERMIT
HTTPS Inbound - ANY --> ANY --> HTTPS --> PERMIT
HTTP Inbound - ANY --> ANY --> HTTP --> DENY

 

NEW QUESTION 271
A critical file server is being upgraded and the systems administrator must determine which RAID level the new server will need to achieve parity and handle two simultaneous disk failures. Which of the following RAID levels meets this requirements?

  • A. RAID 0+1
  • B. RAID 6
  • C. RAID 5
  • D. RAID 2

Answer: B

 

NEW QUESTION 272
......

True SY0-601 Exam Extraordinary Practice For the Exam: https://www.lead2passed.com/CompTIA/SY0-601-practice-exam-dumps.html

Get 100% Passing Success With True SY0-601 Exam: https://drive.google.com/open?id=189cwNcmGDMqq9ZGpWKlbCODaZZnhxbL3

Related Articles

more
CompTIA SY0-601 Certification Practice Exam