Updated CompTIA Security+ SY0-601 Exam Questions - The Most Valid Preparation Materials

Updated CompTIA Security+ SY0-601 Exam Questions – The Most Valid Preparation Materials

Regina2021-10-29T02:40:39+00:00

CompTIA Security+ SY0-601 exam questions updated by ITExamShop to provide candidates with 453 real exam questions and answers which could be the most valid preparation materials for passing. The new CompTIA SY0-601 updated exam questions that ITExamShop is offering is one of the best solutions when practicing for the CompTIA Security+ SY0-601 exam. The SY0-601 exam questions and answers of ITExamShop is very close to the original CompTIA Security+ certification exam. All the questions and answers are in pdf format, so you can easily download them on any device, and it is easy to open. Come to ITExamShop to read updated CompTIA Security+ SY0-601 exam questions to prepare well.

Try to read the SY0-601 free questions below as the demo of updated SY0-601 exam questions:

Page 1 of 4

1. The Chief Financial Officer (CFO) of an insurance company received an email from Ann, the company’s Chief Executive Officer (CEO), requesting a transfer of $10,000 to an account. The email states Ann is on vacation and has lost her purse, containing cash and credit cards.

Which of the following social-engineering techniques is the attacker using?

Phishing

Whaling

Typo squatting

Pharming

2. Several employees return to work the day after attending an industry trade show. That same day, the security manager notices several malware alerts coming from each of the employee’s workstations. The security manager investigates but finds no signs of an attack on the perimeter firewall or the NIDS.

Which of the following is MOST likely causing the malware alerts?

A worm that has propagated itself across the intranet, which was initiated by presentation media

A file less virus that is contained on a vCard that is attempting to execute an attack

A Trojan that has passed through and executed malicious code on the hosts

A USB flash drive that is trying to run malicious code but is being blocked by the host firewall

3. Joe, a user at a company, clicked an email link led to a website that infected his workstation. Joe, was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and It has continues to evade detection.

Which of the following should administrator implement to protect the environment from this malware?

Install a definition-based antivirus.

Implement an IDS/IPS

Implement a heuristic behavior-detection solution.

Implement CASB to protect the network shares.

4. A company recently moved sensitive videos between on-premises. Company-owned websites. The company then learned the videos had been uploaded and shared to the internet.

Which of the following would MOST likely allow the company to find the cause?

Checksums

Watermarks

Oder of volatility

A log analysis

A right-to-audit clause

5. Which of the following is MOST likely to outline the roles and responsibilities of data controllers and data processors?

SSAE SOC 2

PCI DSS

GDPR

ISO 31000

6. A financial organization has adopted a new secure, encrypted document-sharing application to help with its customer loan process. Some important PII needs to be shared across this new platform, but it is getting blocked by the DLP systems.

Which of the following actions will BEST allow the PII to be shared with the secure application without compromising the organization’s security posture?

Configure the DLP policies to allow all PII

Configure the firewall to allow all ports that are used by this application

Configure the antivirus software to allow the application

Configure the DLP policies to whitelist this application with the specific PII

Configure the application to encrypt the PII

7. A pharmaceutical sales representative logs on to a laptop and connects to the public WiFi to check emails and update reports.

Which of the following would be BEST to prevent other devices on the network from directly accessing the laptop? (Choose two.)

Trusted Platform Module

A host-based firewall

A DLP solution

Full disk encryption

A VPN

Antivirus software

8. A company uses wireless tor all laptops and keeps a very detailed record of its assets, along with a comprehensive list of devices that are authorized to be on the wireless network. The Chief Information Officer (CIO) is concerned about a script kiddie potentially using an unauthorized device to brute force the wireless PSK and obtain access to the internal network.

Which of the following should the company implement to BEST prevent this from occurring?

A BPDU guard

WPA-EAP

IP filtering

A WIDS

9. A user recent an SMS on a mobile phone that asked for bank delays.

Which of the following social-engineering techniques was used in this case?

SPIM

Vishing

Spear phishing

Smishing

10. A cybersecurity administrator needs to add disk redundancy for a critical server. The solution must have a two- drive failure for better fault tolerance.

Which of the following RAID levels should the administrator select?

Page 2 of 4

11. Which of the following would MOST likely support the integrity of a voting machine?

Asymmetric encryption

Blockchain

Transport Layer Security

Perfect forward secrecy

12. To secure an application after a large data breach, an e-commerce site will be resetting all users’ credentials.

Which of the following will BEST ensure the site’s users are not compromised after the reset?

A password reuse policy

Account lockout after three failed attempts

Encrypted credentials in transit

A geofencing policy based on login history

13. A RAT that was used to compromise an organization’s banking credentials was found on a user’s computer. The RAT evaded antivirus detection. It was installed by a user who has local administrator rights to the system as part of a remote management tool set.

Which of the following recommendations would BEST prevent this from reoccurring?

Create a new acceptable use policy.

Segment the network into trusted and untrusted zones.

Enforce application whitelisting.

Implement DLP at the network boundary.

14. A security analyst is performing a forensic investigation compromised account credentials. Using the Event Viewer, the analyst able to detect the following message, ‘’Special privileges assigned to new login.’’ Several of these messages did not have a valid logon associated with the user before these privileges were assigned.

Which of the following attacks is MOST likely being detected?

Pass-the-hash

Buffer overflow

Cross-site scripting

Session replay

15. Which of the following BEST explains the difference between a data owner and a data custodian?

The data owner is responsible for adhering to the rules for using the data, while the data custodian is responsible for determining the corporate governance regarding the data

The data owner is responsible for determining how the data may be used, while the data custodian is responsible for implementing the protection to the data

The data owner is responsible for controlling the data, while the data custodian is responsible for maintaining the chain of custody when handling the data

The data owner grants the technical permissions for data access, while the data custodian maintains the database access controls to the data

16. A company recently set up an e-commerce portal to sell its product online. The company wants to start accepting credit cards for payment, which requires compliance with a security standard.

Which of the following standards must the company comply with before accepting credit cards on its e-commerce platform?

PCI DSS

ISO 22301

ISO 27001

NIST CSF

17. A cybersecurity administrator has a reduced team and needs to operate an on-premises network and security infrastructure efficiently. To help with the situation, the administrator decides to hire a service provider.

Which of the following should the administrator use?

SDP

AAA

IaaS

MSSP

Microservices

18. A security administrator suspects an employee has been emailing proprietary information to a competitor. Company policy requires the administrator to capture an exact copy of the employee’s hard disk.

Which of the following should the administrator use?

chmod

dnsenum

logger

19. A software developer needs to perform code-execution testing, black-box testing, and non-functional testing on a new product before its general release.

Which of the following BEST describes the tasks the developer is conducting?

Verification

Validation

Normalization

Staging

20. HOTSPOT

Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation.

INSTRUCTIONS

Not all attacks and remediation actions will be used.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Page 3 of 4

21. Which of the following ISO standards is certified for privacy?

ISO 9001

ISO 27002

ISO 27701

ISO 31000

22. A development team employs a practice of bringing all the code changes from multiple team members into the same development project through automation. A tool is utilized to validate the code and track source code through version control.

Which of the following BEST describes this process?

Continuous delivery

Continuous integration

Continuous validation

Continuous monitoring

23. The Chief Security Officer (CSO) at a major hospital wants to implement SSO to help improve in the environment patient data, particularly at shared terminals. The Chief Risk Officer (CRO) is concerned that training and guidance have been provided to frontline staff, and a risk analysis has not been performed.

Which of the following is the MOST likely cause of the CRO’s concerns?

SSO would simplify username and password management, making it easier for hackers to pass guess accounts.

SSO would reduce password fatigue, but staff would still need to remember more complex passwords.

SSO would reduce the password complexity for frontline staff.

SSO would reduce the resilience and availability of system if the provider goes offline.

24. During an incident response, a security analyst observes the following log entry on the web server.

Which of the following BEST describes the type of attack the analyst is experience?

SQL injection

Cross-site scripting

Pass-the-hash

Directory traversal

25. 1.A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices.

Which of the following technologies would be BEST to balance the BYOD culture while also protecting the company’s data?

Containerization

Geofencing

Full-disk encryption

Remote wipe

26. A user recently entered a username and password into a recruiting application website that had been forged to look like the legitimate site Upon investigation, a security analyst the identifies the following:

• The legitimate websites IP address is 10.1.1.20 and eRecruit local resolves to the IP

• The forged website's IP address appears to be 10.2.12.99. based on NetFtow records

• AH three at the organization's DNS servers show the website correctly resolves to the legitimate IP

• DNS query logs show one of the three DNS servers returned a result of 10.2.12.99 (cached) at the approximate time of the suspected compromise.

Which of the following MOST likely occurred?

A reverse proxy was used to redirect network traffic

An SSL strip MITM attack was performed

An attacker temporarily pawned a name server

An ARP poisoning attack was successfully executed

27. A company has drafted an insider-threat policy that prohibits the use of external storage devices.

Which of the following would BEST protect the company from data exfiltration via removable media?

Monitoring large data transfer transactions in the firewall logs

Developing mandatory training to educate employees about the removable media policy

Implementing a group policy to block user access to system files

Blocking removable-media devices and write capabilities using a host-based security tool

28. Which of the following should be put in place when negotiating with a new vendor about the timeliness of the response to a significant outage or incident?

MOU

MTTR

SLA

NDA

29. A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts.

Which of the following security practices would have addressed the issue?

A non-disclosure agreement

Least privilege

An acceptable use policy

Ofboarding

30. A security assessment determines DES and 3DES at still being used on recently deployed production servers.

Which of the following did the assessment identify?

Unsecme protocols

Default settings

Open permissions

Weak encryption

Page 4 of 4

31. In which of the following common use cases would steganography be employed?

Obfuscation

Integrity

Non-repudiation

Blockchain

32. Users have been issued smart cards that provide physical access to a building. The cards also contain tokens that can be used to access information systems. Users can log m to any thin client located throughout the building and see the same desktop each time.

Which of the following technologies are being utilized to provide these capabilities? (Select TWO)

COPE

VDI

GPS

TOTP

RFID

BYOD

33. A Chief Information Security Officer (CISO) needs to create a policy set that meets international standards for data privacy and sharing.

Which of the following should the CISO read and understand before writing the policies?

PCI DSS

GDPR

NIST

ISO 31000

34. A root cause analysis reveals that a web application outage was caused by one of the company’s developers uploading a newer version of the third-party libraries that were shared among several applications.

Which of the following implementations would be BEST to prevent the issue from reoccurring?

CASB

SWG

Containerization

Automated failover

35. Which of the following refers to applications and systems that are used within an organization without consent or approval?

Shadow IT

OSINT

Dark web

Insider threats

Welcome To Choose Required IT Certification Exams Online

Updated CompTIA Security+ SY0-601 Exam Questions – The Most Valid Preparation Materials

Try to read the SY0-601 free questions below as the demo of updated SY0-601 exam questions:

Author

Leave a Reply Cancel reply