SY0-601 | Top Quality CompTIA SY0-601 Exam Prep Online
It is impossible to pass CompTIA SY0-601 exam without any help in the short term. Come to Pass4sure soon and find the most advanced, correct and guaranteed CompTIA SY0-601 practice questions. You will get a surprising result by our Leading CompTIA Security+ Exam practice guides.
CompTIA SY0-601 Free Dumps Questions Online, Read and Test Now.
NEW QUESTION 1
Which of the following disaster recovery tests is The LEAST time-consuming for the disaster recovery team?
- A. Tabletop
- B. Parallel
- C. Full interruption
- D. Simulation
NEW QUESTION 2
A workwide manufacturing company has been experiencing email account compromised. In one incident, a user logged in from the corporate office in France, but then seconds later, the same user account attempted a login from Brazil. Which of the following account policies would BEST prevent this type of attack?
- A. Network location
- B. Impossible travel time
- C. Geolocation
- D. Geofencing
NEW QUESTION 3
A security analyst has been asked to investigate a situation after the SOC started to receive alerts from the SIEM. The analyst first looks at the domain controller and finds the following events:
To better understand what is going on, the analyst runs a command and receives the following output:
Based on the analyst’s findings, which of the following attacks is being executed?
- A. Credential harvesting
- B. Keylogger
- C. Brute-force
- D. Spraying
NEW QUESTION 4
A user contacts the help desk to report the following:
Two days ago, a pop-up browser window prompted the user for a name and password after connecting to the corporate wireless SSID. This had never happened before, but the user entered the information as requested.
The user was able to access the Internet but had trouble accessing the department share until the next day.
The user is now getting notifications from the bank about unauthorized transactions. Which of the following attack vectors was MOST likely used in this scenario?
- A. Rogue access point
- B. Evil twin
- C. DNS poisoning
- D. ARP poisoning
NEW QUESTION 5
A Chief Executive Officer's (CEO) personal information was stolen in a social engineering attack. Which of the following sources would reveal if the CEO's personal information is for sale?
- A. Automated information sharing
- B. Open-source intelligence
- C. The dark web
- D. Vulnerability databases
NEW QUESTION 6
Which of the following are the MOST likely vectors for the unauthorized inclusion of vulnerable code in a software company’s final software releases? (Select TWO.)
- A. Unsecure protocols
- B. Use of penetration-testing utilities
- C. Weak passwords
- D. Included third-party libraries
- E. Vendors/supply chain
- F. Outdated anti-malware software
NEW QUESTION 7
Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?
- A. Least privilege
- B. Awareness training
- C. Separation of duties
- D. Mandatory vacation
NEW QUESTION 8
Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?
- A. An attacker is sniffing traffic to port 53, and the server is managed using unencrypted usernames and passwords.
- B. An organization is experiencing excessive traffic on port 53 and suspects an attacker is trying to DoS the domain name server.
- C. Malware trying to resolve an unregistered domain name to determine if it is running in an isolated sandbox
- D. Routing tables have been compromised, and an attacker is rerouting traffic to malicious websites
NEW QUESTION 9
Which of the following job roles would sponsor data quality and data entry initiatives that ensure business and regulatory requirements are met?
- A. The data owner
- B. The data processor
- C. The data steward
- D. The data privacy officer.
NEW QUESTION 10
A security analyst needs to be proactive in understand the types of attacks that could potentially target the company's execute. Which of the following intelligence sources should to security analyst review?
- A. Vulnerability feeds
- B. Trusted automated exchange of indicator information
- C. Structured threat information expression
- D. Industry information-sharing and collaboration groups
NEW QUESTION 11
A security analyst is reviewing a new website that will soon be made publicly available. The analyst sees the following in the URL:
The analyst then sends an internal user a link to the new website for testing purposes, and when the user clicks the link, the analyst is able to browse the website with the following URL:
http://dev-site.comptia.org/home/show.php?sessionID=98988475&loc=us Which of the following application attacks is being tested?
- A. Pass-the-hash
- B. Session replay
- C. Object deference
- D. Cross-site request forgery
NEW QUESTION 12
A security analyst is performing a forensic investigation compromised account credentials. Using the Event Viewer, the analyst able to detect the following message, ‘’Special privileges assigned to new login.’’ Several of these messages did not have a valid logon associated with the user before these privileges were assigned. Which of the following attacks is MOST likely being detected?
- A. Pass-the-hash
- B. Buffer overflow
- C. Cross-site scripting
- D. Session replay
NEW QUESTION 13
A symmetric encryption algorithm Is BEST suited for:
- A. key-exchange scalability.
- B. protecting large amounts of data.
- C. providing hashing capabilities,
- D. implementing non-repudiation.
NEW QUESTION 14
Which of the following allows for functional test data to be used in new systems for testing and training purposes to protect the read data?
- A. Data encryption
- B. Data masking
- C. Data deduplication
- D. Data minimization
NEW QUESTION 15
An analyst visits an internet forum looking for information about a tool. The analyst finds a threat that appears to contain relevant information. One of the posts says the following:
Which of the following BEST describes the attack that was attempted against the forum readers?
- A. SOU attack
- B. DLL attack
- C. XSS attack
- D. API attack
NEW QUESTION 16
A network administrator has been asked to install an IDS to improve the security posture of an organization. Which of the following control types is an IDS?
- A. Corrective
- B. Physical
- C. Detective
- D. Administrative
NEW QUESTION 17
After reading a security bulletin, a network security manager is concerned that a malicious actor may have breached the network using the same software flaw. The exploit code is publicly available and has been reported as being used against other industries in the same vertical. Which of the following should the network security manager consult FIRST to determine a priority list for forensic review?
- A. The vulnerability scan output
- B. The IDS logs
- C. The full packet capture data
- D. The SIEM alerts
NEW QUESTION 18
Which of the following types of controls is a turnstile?
- A. Physical
- B. Detective
- C. Corrective
- D. Technical
NEW QUESTION 19
A security administrator suspects there may be unnecessary services running on a server. Which of the following tools will the administrator MOST likely use to confirm the suspicions?
- A. Nmap
- B. Wireshark
- C. Autopsy
- D. DNSEnum
NEW QUESTION 20
An organization routes all of its traffic through a VPN Most users are remote and connect into a corporate datacenter that houses confidential information There is a firewall at the Internet border followed by a DIP appliance, the VPN server and the datacenter itself. Which of the following is the WEAKEST design element?
- A. The DLP appliance should be integrated into a NGFW.
- B. Split-tunnel connections can negatively impact the DLP appliance's performance
- C. Encrypted VPN traffic will not be inspected when entering or leaving the network
- D. Adding two hops in the VPN tunnel may slow down remote connections
NEW QUESTION 21
Which of the following technical controls is BEST suited for the detection and prevention of buffer overflows on hosts?
- A. DLP
- B. HIDS
- C. EDR
- D. NIPS
NEW QUESTION 22
A critical file server is being upgraded and the systems administrator must determine which RAID level the new server will need to achieve parity and handle two simultaneous disk failures. Which of the following RAID levels meets this requirements?
- A. RAID 0+1
- B. RAID 2
- C. RAID 5
- D. RAID 6
NEW QUESTION 23
A user recently attended an exposition and received some digital promotional materials The user later noticed blue boxes popping up and disappearing on the computer, and reported receiving several spam emails, which the user did not open Which of the following is MOST likely the cause of the reported issue?
- A. There was a drive-by download of malware
- B. The user installed a cryptominer
- C. The OS was corrupted
- D. There was malicious code on the USB drive
NEW QUESTION 24
A security analyst needs to generate a server certificate to be used for 802.1X and secure RDP connections. The analyst is unsure what is required to perform the task and solicits help from a senior colleague. Which of the following is the FIRST step the senior colleague will most likely tell the analyst to perform to accomplish this task?
- A. Create an OCSP
- B. Generate a CSR
- C. Create a CRL
- D. Generate a .pfx file
NEW QUESTION 25
A small company that does not have security staff wants to improve its security posture. Which of the following would BEST assist the company?
- A. MSSP
- B. SOAR
- C. IaaS
- D. PaaS
NEW QUESTION 26
Recommend!! Get the Full SY0-601 dumps in VCE and PDF From Surepassexam, Welcome to Download: https://www.surepassexam.com/SY0-601-exam-dumps.html (New 218 Q&As Version)