• Home
  • Articles
  • Updated Sep-2021 Exam Engine or PDF for the CompTIA SY0-601 test to help you quickly prepare for the CompTIA exam! [Q210-Q229]

Updated Sep-2021 Exam Engine or PDF for the CompTIA SY0-601 test to help you quickly prepare for the CompTIA exam! [Q210-Q229]

Share

Updated Sep-2021 Test Engine or PDF for the CompTIA SY0-601 test to help you quickly prepare for the CompTIA exam!

Full SY0-601 Practice Test and 412 unique questions with explanations waiting just for you, get it now!

NEW QUESTION 210
A company needs to centralize its logs to create a baseline and have visibility on its security events. Which of the following technologies will accomplish this objective?

  • A. A next-generation firewall
  • B. A vulnerability scanner
  • C. Security information and event management
  • D. A web application firewall

Answer: C

 

NEW QUESTION 211
Which of the following would cause a Chief Information Security Officer (CISO) the MOST concern regarding newly installed Internet-accessible 4K surveillance cameras?

  • A. An inability to monitor 100%, of every facility could expose the company to unnecessary risk.
  • B. Physical security at the facility may not protect the cameras from theft.
  • C. Exported videos may take up excessive space on the file servers.
  • D. The cameras could be compromised if not patched in a timely manner.

Answer: A

 

NEW QUESTION 212
A security analyst needs to implement an MDM solution for BYOD users that will allow the company to retain control over company emails residing on the devices and limit data exfiltration that might occur if the devices are lost or stolen. Which of the following would BEST meet these requirements? (Select TWO).

  • A. Geofencing
  • B. Containerization
  • C. Application whitelisting
  • D. Remote control
  • E. Full-device encryption
  • F. Network usage rules

Answer: E,F

 

NEW QUESTION 213
A company recently moved sensitive videos between on-premises. Company-owned websites. The company then learned the videos had been uploaded and shared to the internet. Which of the following would MOST likely allow the company to find the cause?

  • A. Checksums
  • B. A right-to-audit clause
  • C. Watermarks
  • D. Oder of volatility
  • E. A log analysis

Answer: E

 

NEW QUESTION 214
A developer is concerned about people downloading fake malware-infected replicas of a popular game. Which of the following should the developer do to help verify legitimate versions of the game for users?

  • A. Implement TLS on the license activation server.
  • B. Digitally sign the relevant game files.
  • C. Embed a watermark using steganography.
  • D. Fuzz the application for unknown vulnerabilities.

Answer: B

 

NEW QUESTION 215
A smart switch has the ability to monitor electrical levels and shut off power to a building in the event of power surge of power surge or other fault situation. The switch was installed on a wired network in a hospital and is monitored by the facilities department via a cloud application. The security administrator isolated the switch on a separate VLAN and set up a patching routine. Which of the following steps should also be taken to harden the smart switch?

  • A. Place the switch in a Faraday cage.
  • B. Set up an air gap for the switch.
  • C. Change the default password for the switch.
  • D. Install a cable lock on the switch.

Answer: C

 

NEW QUESTION 216
A security analyst is investigation an incident that was first reported as an issue connecting to network shares and the internet, While reviewing logs and tool output, the analyst sees the following:

Which of the following attacks has occurred?

  • A. Directory traversal
  • B. ARP poisoning
  • C. IP conflict
  • D. MAC flooding
  • E. Pass-the-hash

Answer: B

 

NEW QUESTION 217
When implementing automation with loT devices, which of the following should be considered FIRST to keep the network secure?

  • A. Zigbee configuration
  • B. Communication protocols
  • C. Network range
  • D. 2-Wave compatibility

Answer: B

 

NEW QUESTION 218
An organization routes all of its traffic through a VPN Most users are remote and connect into a corporate datacenter that houses confidential information There is a firewall at the Internet border followed by a DIP appliance, the VPN server and the datacenter itself. Which of the following is the WEAKEST design element?

  • A. Split-tunnel connections can negatively impact the DLP appliance's performance
  • B. Encrypted VPN traffic will not be inspected when entering or leaving the network
  • C. Adding two hops in the VPN tunnel may slow down remote connections
  • D. The DLP appliance should be integrated into a NGFW.

Answer: B

 

NEW QUESTION 219
An attacker has successfully exfiltrated several non-salted password hashes from an online system. Given the logs below:

Which of the following BEST describes the type of password attack the attacker is performing?

  • A. Password spraying
  • B. Dictionary
  • C. Brute-force
  • D. Pass-the-hash

Answer: B

 

NEW QUESTION 220
A company's Chief Information Office (CIO) is meeting with the Chief Information Security Officer (CISO) to plan some activities to enhance the skill levels of the company's developers. Which of the following would be MOST suitable for training the developers'?

  • A. Physical security training
  • B. A capture-the-flag competition
  • C. Baste awareness training
  • D. A phishing simulation

Answer: D

 

NEW QUESTION 221
A nationwide company is experiencing unauthorized logins at all hours of the day. The logins appear to originate from countries in which the company has no employees. Which of the following controls.
should the company consider using as part of its IAM strategy? (Select TWO).

  • A. Geofencing
  • B. An impossible travel policy
  • C. Time-based logins
  • D. A complex password policy
  • E. Geolocation
  • F. Self-service password reset

Answer: D,E

 

NEW QUESTION 222
An organization has implemented a two-step verification process to protect user access to data that 6 stored in the could Each employee now uses an email address of mobile number a code to access the data. Which of the following authentication methods did the organization implement?

  • A. Push notification
  • B. HOTP
  • C. Static code
  • D. Token key

Answer: D

 

NEW QUESTION 223
A new vulnerability in the SMB protocol on the Windows systems was recently discovered, but no patches are currently available to resolve the issue. The security administrator is concerned tf servers in the company's DMZ will be vulnerable to external attack; however, the administrator cannot disable the service on the servers, as SMB is used by a number of internal systems and applications on the LAN. Which of the following TCP ports should be blocked for all external inbound connections to the DMZ as a workaround to protect the servers? (Select TWO).

  • A. 0
  • B. 1
  • C. 2
  • D. 3
  • E. 4
  • F. 5

Answer: A,B

 

NEW QUESTION 224
The SOC is reviewing processes and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. This allowed the malware to spread to additional hosts before it was contained. Which of the following would be BEST to improve the incident response process?

  • A. Implementing manual quarantining of infected hosts
  • B. Providing additional end-user training on acceptable use
  • C. Updating the playbooks with better decision points
  • D. Dividing the network into trusted and untrusted zones

Answer: C

 

NEW QUESTION 225
A remote user recently took a two-week vacation abroad and brought along a corporate-owned laptop. Upon returning to work, the user has been unable to connect the laptop to the VPN. Which of the following is the MOST likely reason for the user's inability to connect the laptop to the VPN?

  • A. Due to foreign travel, the user's laptop was isolated from the network.
  • B. The VPN client was blacklisted.
  • C. The user's account was put on a legal hold.
  • D. The user's laptop was quarantined because it missed the latest path update.

Answer: A

 

NEW QUESTION 226
A company has discovered unauthorized devices are using its WiFi network, and it wants to harden the access point to improve security. Which of the following configuration should an analyst enable to improve security?
(Select Two)

  • A. SSL
  • B. PEAP
  • C. WPS
  • D. WPA2-PSK
  • E. WEP-TKIP
  • F. RADIUS

Answer: D,E

 

NEW QUESTION 227
Which of the following will MOST likely cause machine learning and Al-enabled systems to operate with unintended consequences?

  • A. Stored procedures
  • B. Buffer overflows
  • C. Data bias
  • D. Code reuse

Answer: A

Explanation:
https://lionbridge.ai/articles/7-types-of-data-bias-in-machine-learning/

 

NEW QUESTION 228
A cybersecurity analyst reviews the log files from a web server and sees a series of files that indicates a directory-traversal attack has occurred. Which of the following is the analyst MOST likely seeing?
A)

B)

C)

D)

  • A. Option D
  • B. Option B
  • C. Option A
  • D. Option C

Answer: B

 

NEW QUESTION 229
......

Get Latest SY0-601 Dumps Exam Questions: https://drive.google.com/open?id=1tHrI1ZV1-MMQbhHNC3GDrkURrN9yiE_R

Full SY0-601 Practice Test and 412 unique questions with explanations waiting just for you, get it now: https://www.itcertmagic.com/CompTIA/real-SY0-601-exam-prep-dumps.html

Related Articles

more
CompTIA SY0-601 Certification Practice Exam