• Home
  • Articles
  • CompTIA SY0-601 Dumps - The Sure Way To Pass Exam [Q44-Q64]

CompTIA SY0-601 Dumps - The Sure Way To Pass Exam [Q44-Q64]

Share

CompTIA SY0-601 Dumps - The Sure Way To Pass Exam

SY0-601 Exam Questions (Updated 2021) 100% Real Question Answers


How to book the CompTIA Security + (SY0-601) Certification Exam

These are the following steps for registering for the CompTIA sy0-601 exam:

  • Step 1: Visit the CompTIA website
  • Step 2: Purchase the SY0-601 exam test Voucher
  • Step 3: Log in to your account
  • Step 4: Find and select the testing location
  • Step 5: Select Date, time and Schedule your test
  • Step 6: Prepare using the SY0-601 practice dumps

 

NEW QUESTION 44
A security administrator checks the table of a network switch, which shows the following output:

Which of the following is happening to this switch?

  • A. MAC cloning
  • B. ARP poisoning
  • C. DNS poisoning
  • D. MAC Flooding

Answer: D

 

NEW QUESTION 45
A large financial services firm recently released information regarding a security bfeach within its corporate network that began several years before. During the time frame in which the breach occurred, indicators show an attacker gained administrative access to the network through a file download from a social media site and subsequently installed it without the user's knowledge. Since the compromise, the attacker was able to take command and control of the computer systems anonymously while obtaining sensitive corporate and personal employee information. Which of the following methods did the attacker MOST likely use to gam access?

  • A. A logic bomb
  • B. A bot
  • C. A RAT
  • D. A fileless virus

Answer: C

 

NEW QUESTION 46
A financial institution would like to stare is customer data a could but still allow the data ta he accessed and manipulated while encrypted. Doing se would prevent the cloud service provider from being able to decipher the data due to its sensitivity. The financial institution is not concern about computational overheads and slow speeds, Which of the following cryptographic techniques would BEST meet the requirement?

  • A. Ephemeral
  • B. Symmetric
  • C. Asymmatric
  • D. Homeomorphic

Answer: B

 

NEW QUESTION 47
A RAT that was used to compromise an organization's banking credentials was found on a user's computer. The RAT evaded antivirus detection. It was installed by a user who has local administrator rights to the system as part of a remote management tool set. Which of the following recommendations would BEST prevent this from reoccurring?

  • A. Enforce application whitelisting.
  • B. Create a new acceptable use policy.
  • C. Implement DLP at the network boundary.
  • D. Segment the network into trusted and untrusted zones.

Answer: A

 

NEW QUESTION 48
Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?

  • A. An attacker is sniffing traffic to port 53, and the server is managed using unencrypted usernames and passwords.
  • B. Malware trying to resolve an unregistered domain name to determine if it is running in an isolated sandbox
  • C. An organization is experiencing excessive traffic on port 53 and suspects an attacker is trying to DoS the domain name server.
  • D. Routing tables have been compromised, and an attacker is rerouting traffic to malicious websites

Answer: D

 

NEW QUESTION 49
A Chief Information Security Officer (CISO) is concerned about the organization's ability to continue business operation in the event of a prolonged DDoS attack on its local datacenter that consumes database resources.
Which of the following will the CISO MOST likely recommend to mitigate this risk?

  • A. Upgrade the bandwidth available into the datacenter
  • B. Implement a challenge response test on all end-user queries
  • C. Implement a hot-site failover location
  • D. Switch to a complete SaaS offering to customers

Answer: C

 

NEW QUESTION 50
An organization has implemented a policy requiring the use of conductive metal lockboxes for personal electronic devices outside of a secure research lab. Which of the following did the organization determine to be the GREATEST risk to intellectual property when creating this policy?

  • A. The theft of portable electronic devices
  • B. Bluesnarfing of mobile devices
  • C. Data exfiltration over a mobile hotspot
  • D. Geotagging in the metadata of images

Answer: C

 

NEW QUESTION 51
When planning to build a virtual environment, an administrator need to achieve the following,
*Establish polices in Limit who can create new VMs
*Allocate resources according to actual utilization'
*Require justication for requests outside of the standard requirements.
*Create standardized categories based on size and resource requirements Which of the following is the administrator MOST likely trying to do?

  • A. Avoid VM sprawl
  • B. Product against VM escape
  • C. Implement IaaS replication
  • D. Deploy a PaaS

Answer: A

 

NEW QUESTION 52
A remote user recently took a two-week vacation abroad and brought along a corporate-owned laptop.
Upon returning to work, the user has been unable to connect the laptop to the VPN. Which of the following is the MOST likely reason for the user's inability to connect the laptop to the VPN?

  • A. Due to foreign travel, the user's laptop was isolated from the network.
  • B. The user's laptop was quarantined because it missed the latest path update.
  • C. The user's account was put on a legal hold.
  • D. The VPN client was blacklisted.

Answer: A

 

NEW QUESTION 53
Which of the following would be the BEST resource for a software developer who is looking to improve secure coding practices for web applications?

  • A. OWASP
  • B. Vulnerability scan results
  • C. Third-party libraries
  • D. NIST CSF

Answer: A

 

NEW QUESTION 54
A company has drafted an insider-threat policy that prohibits the use of external storage devices. Which of the following would BEST protect the company from data exfiltration via removable media?

  • A. Developing mandatory training to educate employees about the removable media policy
  • B. Blocking removable-media devices and write capabilities using a host-based security tool
  • C. Monitoring large data transfer transactions in the firewall logs
  • D. Implementing a group policy to block user access to system files

Answer: B

 

NEW QUESTION 55
A cybersecurity administrator needs to add disk redundancy for a critical server. The solution must have a two- drive failure for better fault tolerance. Which of the following RAID levels should the administrator select?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: A

 

NEW QUESTION 56
A security engineer is setting up passwordless authentication for the first time.
INSTRUCTIONS
Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Answer:

Explanation:

 

NEW QUESTION 57
The security administrator has installed a new firewall which implements an implicit DENY policy by default.
INSTRUCTIONS:
Click on the firewall and configure it to allow ONLY the following communication.
1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.
2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port
3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.
Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.

Answer:

Explanation:

Hot Area:

 

NEW QUESTION 58
The CSIRT is reviewing the lessons learned from a recent incident. A worm was able to spread unhindered throughout the network and infect a large number of computers and servers. Which of the following recommendations would be BEST to mitigate the impacts of a similar incident in the future?

  • A. Install a NIDS device at the boundary.
  • B. Update all antivirus signatures daily.
  • C. Implement application blacklisting.
  • D. Segment the network with firewalls.

Answer: D

 

NEW QUESTION 59
A development team employs a practice of bringing all the code changes from multiple team members into the same development project through automation. A tool is utilized to validate the code and track source code through version control. Which of the following BEST describes this process?

  • A. Continuous delivery
  • B. Continuous monitoring
  • C. Continuous integration
  • D. Continuous validation

Answer: C

 

NEW QUESTION 60
A company recently experienced an attack in which a malicious actor was able to exfiltrate data by cracking stolen passwords, using a rainbow table the sensitive dat a. Which of the following should a security engineer do to prevent such an attack in the future?

  • A. Use password hashing.
  • B. Enforce password complexity.
  • C. Implement password salting.
  • D. Disable password reuse.

Answer: D

 

NEW QUESTION 61
A university with remote campuses, which all use different service providers, loses Internet connectivity across all locations. After a few minutes, Internet and VoIP services are restored, only to go offline again at random intervals, typically within four minutes of services being restored. Outages continue throughout the day, impacting all inbound and outbound connections and services. Services that are limited to the local LAN or WiFi network are not impacted, but all WAN and VoIP services are affected.
Later that day, the edge-router manufacturer releases a CVE outlining the ability of an attacker to exploit the SIP protocol handling on devices, leading to resource exhaustion and system reloads. Which of the following BEST describe this type of attack? (Choose two.)

  • A. Race condition
  • B. DoS
  • C. Memory leak
  • D. SSL stripping
  • E. Shimming
  • F. Refactoring

Answer: B,C

Explanation:
Explanation
"According to its self-reported version, the Cisco IOS software running on the remote device is affected by a denial of service vulnerability in the Session Initiation Protocol (SIP) gateway implementation due to improper handling of malformed SIP messages. An unauthenticated, remote attacker can exploit this, via crafted SIP messages, to cause memory leakage, resulting in an eventual reload of the affected device."

 

NEW QUESTION 62
An organization hired a consultant to assist with an active attack, and the consultant was able to identify the compromised accounts and computers. Which of the following is the consultant MOST likely to recommend to prepare for eradication?

  • A. Segmenting the compromised accounts and computers into a honeynet so as to not alert the attackers.
  • B. Quarantining the compromised accounts and computers, only providing them with network access
  • C. Isolating the compromised accounts and computers, cutting off all network and internet access.
  • D. Logging off and deleting the compromised accounts and computers to eliminate attacker access.

Answer: A

 

NEW QUESTION 63
An organization has hired a security analyst to perform a penetration test. The analyst captures 1Gb worth of inbound network traffic to the server and transfers the pcap back to the machine for analysis. Which of the following tools should the analyst use to further review the pcap?

  • A. Netcat
  • B. Nmap
  • C. Wireshark
  • D. cURL

Answer: C

Explanation:
Explanation/Reference:

 

NEW QUESTION 64
......


CompTIA SY0-601: Prerequisites

CompTIA Security+ is an entry-level certification, so its corresponding exam, CompTIA SY0-601, does not have any official prerequisites. However, it is recommended that the learners first pursue the Network+ certificate and have at least two years of hands-on experience in the domain of IT administration with a special focus on security. Additionally, the applicants must understand the content of the test before attempting it.

 

Pass CompTIA SY0-601 Exam Quickly With VCE4Plus: https://www.vce4plus.com/CompTIA/SY0-601-valid-vce-dumps.html

Prepare SY0-601 Question Answers - SY0-601 Exam Dumps: https://drive.google.com/open?id=15XciCT3TXLSQ5URzC9oyyZd_s_Rbf7un

Related Articles

more
CompTIA SY0-601 Certification Practice Exam