• Home
  • Articles
  • Pass CompTIA SY0-601 Actual Free Exam Q&As Updated Dump Jan 18, 2024 [Q58-Q75]

Pass CompTIA SY0-601 Actual Free Exam Q&As Updated Dump Jan 18, 2024 [Q58-Q75]

Share

Pass CompTIA SY0-601 Actual Free Exam Q&As Updated Dump Jan 18, 2024

Latest SY0-601 Actual Free Exam Updated 603 Questions

NEW QUESTION # 58
Which of the following is the MOST secure but LEAST expensive data destruction method for data that is stored on hard drives?

  • A. Degaussing
  • B. Shredding
  • C. Incinerating
  • D. Pulverizing

Answer: B

Explanation:
Explanation
Shredding may be the most secure and cost-effective way to destroy electronic data in any media that contain hard drives or solid-state drives and have reached their end-of-life1. Shredding reduces electronic devices to pieces no larger than 2 millimeters2. Therefore, shredding is the most secure but least expensive data destruction method for data that is stored on hard drives.


NEW QUESTION # 59
A security analyst is reviewing logs on a server and observes the following output:

Which of the following is the security analyst observing?

  • A. A rainbow table attack
  • B. A password-spraying attack
  • C. A keylogger attack
  • D. A dictionary attack

Answer: D


NEW QUESTION # 60
A security assessment found that several embedded systems are running unsecure protocols. These Systems were purchased two years ago and the company that developed them is no longer in business Which of the following constraints BEST describes the reason the findings cannot be remediated?

  • A. Implied trust
  • B. Lack of computing power
  • C. inability to authenticate
  • D. Unavailable patch

Answer: D

Explanation:
Explanation
If the systems are running unsecure protocols and the company that developed them is no longer in business, it is likely that there are no patches available to remediate the issue. References:
* CompTIA Security+ Certification Exam Objectives 1.6: Given a scenario, implement secure protocols.
* CompTIA Security+ Study Guide, Sixth Edition, pages 35-36


NEW QUESTION # 61
A security analyst has been asked to investigate a situation after the SOC started to receive alerts from the SIEM. The analyst first looks at the domain controller and finds the following events:
To better understand what is going on, the analyst runs a command and receives the following output:

Based on the analyst's findings, which of the following attacks is being executed?

  • A. Spraying
  • B. Keylogger
  • C. Credential harvesting
  • D. Brute-force

Answer: A

Explanation:
If a user tries to authenticate with a wrong password, the domain controller who handles the authentication request will increment an attribute called badPwdCount. As you can see in the image, the badpwdcount attribute for the user states that many passwords were used to try to log in without success. Password spraying is an attack that attempts to access a large number of accounts (usernames) with a few commonly used passwords. https://www.coalfire.com/the-coalfire-blog/march-2019/password-spraying-what-to-do-and-how-to-avoid-it
https://doubleoctopus.com/security-wiki/threats-and-tools/password-spraying/


NEW QUESTION # 62
Which of the following are requirements that must be configured for PCI DSS compliance? (Select TWO).

  • A. Using vendor-supplied default passwords for system passwords
  • B. Benchmarking security awareness training for contractors
  • C. Assigning a unique ID to each person with computer access
  • D. Encrypting transmission of cardholder data across private networks
  • E. Testing security systems and processes regularly
  • F. Installing and maintaining a web proxy to protect cardholder data

Answer: C,E

Explanation:
https://www.pcisecuritystandards.org/pci_security/maintaining_payment_security


NEW QUESTION # 63
A security analyst sees the following log output while reviewing web logs:

Which of the following mitigation strategies would be BEST to prevent this attack from being successful?

  • A. Secure cookies
  • B. Input validation
  • C. Code signing
  • D. Stored procedures

Answer: B


NEW QUESTION # 64
Which of the following is assured when a user signs an email using a private key?

  • A. Confidentiality
  • B. Authentication
  • C. Availably
  • D. Non-repudiation

Answer: D


NEW QUESTION # 65
The spread of misinformation surrounding the outbreak of a novel virus on election day led to eligible voters choosing not to take the risk of going the polls. This is an example of:

  • A. prepending.
  • B. a watering-hole attack.
  • C. an influence campaign.
  • D. intimidation.
  • E. information elicitation.

Answer: C

Explanation:
This scenario describes an influence campaign, where false information is spread to influence or manipulate people's beliefs or actions. In this case, the misinformation led eligible voters to avoid polling places, which influenced the outcome of the election.


NEW QUESTION # 66
A security administrator received an alert for a user account with the following log activity:

Which of the following best describes the trigger for the alert the administrator received?

  • A. Geolocation
  • B. Number of failed log-in attempts
  • C. Time-based log-in attempt
  • D. Impossible travel time

Answer: D

Explanation:
Explanation
Impossible travel time is an anomaly detection that indicates a possible compromise of a user account. It occurs when the same user connects from two different countries and the time between those connections is shorter than the time it would take to travel from the first location to the second by conventional means. This suggests that a different user is using the same credentials or that a proxy or VPN is being used to mask the true location. The log activity shows that the user connected from two different IP addresses in different countries (US and Brazil) within a span of 37 minutes, which is impossible to achieve by normal travel. References: Detecting and Remediating Impossible Travel - Microsoft Community Hub; Anomaly detection policies - Microsoft Defender for Cloud Apps; Understanding Microsoft 365 Impossible Travel Rules | Blumira


NEW QUESTION # 67
The new Chief Executive Officer (CEO) of a large company has announced a partnership with a vendor that will provide multiple collaboration applications t make remote work easier. The company has a geographically dispersed staff located in numerous remote offices in different countries. The company's IT administrators are concerned about network traffic and load if all users simultaneously download the application. Which of the following would work BEST to allow each geographic region to download the software without negatively impacting the corporate network?

  • A. Deploy all applications simultaneously.
  • B. Modify the corporate firewall rules.
  • C. Update the host IDS rules.
  • D. Enable application whitelisting.

Answer: D


NEW QUESTION # 68
A SOC is currently being outsourced. Which of the following is being used?

  • A. SaaS
  • B. Microservice
  • C. PaaS
  • D. MSSP

Answer: D


NEW QUESTION # 69
An organization wants to integrate its incident response processes into a workflow with automated decision points and actions based on predefined playbooks. Which of the following should the organization implement?

  • A. EDR
  • B. SOAR
  • C. CASB
  • D. SIEM

Answer: B

Explanation:
Why is SOAR used? To synchronize tools, accelerate response times, reduce alert fatigue, and compensate for the skill shortage gap. To collaborate with other analysts during investigations. To analyze workload, organize an analyst's tasks, and allow teams to respond using their own processes.
EDR
The Endpoint Detection and Response Solutions (EDR) market is defined as solutions that record and store endpoint-system-level behaviors, use various data analytics techniques to detect suspicious system behavior, provide contextual information, block malicious activity, and provide remediation suggestions to restore ...


NEW QUESTION # 70
Which of the following BEST describes the method a security analyst would use to confirm a file that is downloaded from a trusted security website is not altered in transit or corrupted using a verified checksum?

  • A. Integrity
  • B. Digital signature
  • C. Hashing
  • D. Salting

Answer: C


NEW QUESTION # 71
An organization just experienced a major cyberattack modem. The attack was well coordinated sophisticated and highly skilled. Which of the following targeted the organization?

  • A. A hacktivist
  • B. An advanced persistent threat
  • C. Shadow IT
  • D. An insider threat

Answer: B

Explanation:
Explanation
https://www.imperva.com/learn/application-security/apt-advanced-persistent-threat/
https://csrc.nist.gov/glossary/term/advanced_persistent_threat


NEW QUESTION # 72
The Chief Information Secunty Officer (CISO) requested a report on potential areas of improvement following a security incident. Which of the following incident response processes is the CISO requesting?

  • A. Lessons learned
  • B. Detection
  • C. Root cause analysis
  • D. Containment
  • E. Preparation

Answer: A


NEW QUESTION # 73
An organization hired a consultant to assist with an active attack, and the consultant was able to identify the compromised accounts and computers. Which of the following is the consultant MOST likely to recommend to prepare for eradication?

  • A. Isolating the compromised accounts and computers, cutting off all network and internet access.
  • B. Segmenting the compromised accounts and computers into a honeynet so as to not alert the attackers.
  • C. Logging off and deleting the compromised accounts and computers to eliminate attacker access.
  • D. Quarantining the compromised accounts and computers, only providing them with network access

Answer: B


NEW QUESTION # 74
A systems administrator needs to install a new wireless network for authenticated guest access. The wireless network should support 802. IX using the most secure encryption and protocol available.
Perform the following steps:
1. Configure the RADIUS server.
2. Configure the WiFi controller.
3. Preconfigure the client for an
incoming guest. The guest AD
credentials are:
User: guest01
Password: guestpass

Answer:

Explanation:
See the explanation below for the solution.
Explanation
Wifi Controller
SSID: CORPGUEST
SHARED KEY: Secret
AAA server IP: 192.168.1.20
PSK: Blank
Authentication type: WPA2-EAP-PEAP-MSCHAPv2
Controller IP: 192.168.1.10
Radius Server
Shared Key: Secret
Client IP: 192.168.1.10
Authentication Type: Active Directory
Server IP: 192.168.1.20
Wireless Client
SSID: CORPGUEST
Username: guest01
Userpassword: guestpass
PSK: Blank
Authentication type: WPA2-Enterprise


NEW QUESTION # 75
......

Online Questions - Valid Practice SY0-601 Exam Dumps Test Questions: https://www.pass4sures.top/CompTIA-Security/SY0-601-testking-braindumps.html

100% Real SY0-601 dumps  - Brilliant SY0-601 Exam Questions PDF: https://drive.google.com/open?id=15kvsbLZX1FsnpaaynhQEwPu7iDczN2Kk

Related Articles

more
CompTIA SY0-601 Certification Practice Exam