Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

CompTIA SY0-601 - CompTIA Security+ Exam 2023

CompTIA SY0-601 Premium Access     Download Demo    
Page: 11 / 16
Total 1063 questions

A company recently decided to allow employees to work remotely. The company wants to protect its data without using a VPN. Which of the following technologies should the company implement?

A.

Secure web gateway

B.

Virtual private cloud endpoint

C.

Deep packet inspection

D.

Next-generation firewall

A newly implemented wireless network is designed so that visitors can connect to the wireless network for business activities. The legal department is concerned that visitors might connect to the network and perform illicit activities. Which of the following should the security team implement to address this concern?

A.

Configure a RADIUS server to manage device authentication.

B.

Use 802.1 X on all devices connecting to wireless.

C.

Add a guest captive portal requiring visitors to accept terms and conditions.

D.

Allow for new devices to be connected via WPS.

A security administrator is reviewing reports about suspicious network activity occurring on a subnet Users on the network report that connectivity to various websites is intermittent. The administrator logs in to a workstation and reviews the following command output:

Which of the following best describes what is occurring on the network?

A.

ARP poisoning

B.

On-path attack

C.

URL redirection

D.

IP address conflicts

After a security incident, a systems administrator asks the company to buy a NAC platform. Which of the following attack surfaces is the systems administrator trying to protect?

A.

Bluetooth

B.

Wired

C.

NFC

D.

SCADA

In order to save on expenses Company A and Company B agree to host each other's compute and storage disaster recovery sites at their primary data centers The two data centers are about a mile apart, and they each have their own power source When necessary, one company will escort the other company to its data center. Which of the following is the greatest risk with this arrangement?

A.

The data center sites are not geographically dispersed

B.

A redundant power source for disaster recovery is lacking

C.

The physical security resources are shared

D.

In an emergency, escorted access may not be timely enough.

An employee recently resigned from a company. The employee was responsible for managing and supporting weekly batch jobs over the past five years. A few weeks after the employee resigned, one of the batch jobs failed and caused a major disruption. Which of the following would work best to prevent this type of incident from reoccurring?

A.

Job rotation

B.

Retention

C.

Outsourcing

D.

Separation of duties

One of a company's vendors sent an analyst a security bulletin that recommends a BIOS update. Which of the following vulnerability types is being addressed by the patch?

A.

Virtualization

B.

Firmware

C.

Application

D.

Operating system

A security analyst finds a rogue device during a monthly audit of current endpoint assets that are connected to the network. The corporate network utilizes 802.1X for access control. To be allowed on the network, a device must have a known hardware address, and a valid username and password must be entered in a captive portal. The following is the audit report:

Which of the following is the most likely way a rogue device was allowed to connect?

A.

A user performed a MAC cloning attack with a personal device.

B.

A DHCP failure caused an incorrect IP address to be distributed.

C.

An administrator bypassed the security controls for testing.

D.

DNS hijacking let an attacker intercept the captive portal traffic.

Which of the following attributes would be the most appropriate to apply when implementing MFA?

A.

Validating the user's location

B.

Requiring the user to identify images based on content

C.

Having the user agree to terms of service

D.

Enforcing the inclusion of special characters in user passwords

Which of the following would be the best way to block unknown programs from executing?

A.

Access control list

B.

Application allow list

C.

Host-based firewall

D.

DLP solution

An administrator was notified that a user logged in remotely after hours and copied large amounts of data to a personal device. Which of the following best describes the user’s activity?

A.

Penetration testing

B.

Phishing campaign

C.

External audit

D.

Insider threat

Which of the following best describes why the SMS OTP authentication method is more risky to implement than the TOTP method?

A.

The SMS OTP method requires an end user to have an active mobile telephone service and SIM card.

B.

Generally, SMS OTP codes are valid for up to 15 minutes, while the TOTP time frame is 30 to 60 seconds.

C.

The SMS OTP is more likely to be intercepted and lead to unauthorized disclosure of the code than the TOTP

method.

D.

The algorithm used to generate an SMS OTP code is weaker than the one used to generate a TOTP code.

A third-party vendor is moving a particular application to the end-of-life stage at the end of the current year. Which of the following is the most critical risk if the company chooses to continue running the application?

A.

Lack of security updates

B.

Lack of new features

C.

Lack of support

D.

Lack of source code access

Which of the following describes a social engineering technique that may include scam emails addressed directly to the Chief Financial Officer?

A.

Vishing

B.

Spear phishing

C.

Smishing

D.

Pharming

While performing digital forensics, which of the following is considered the most volatile and should have the contents collected first?

A.

Hard drive

B.

RAM

C.

SSD

D.

Temporary files

Which of the following involves an attempt to take advantage of database misconfigurations?

A.

Buffer overflow

B.

SQL injection

C.

VM escape

D.

Memory injection

The Chief Information Security Officer of an organization needs to ensure recovery from ransomware would likely occur within the organization's agreed-upon RPOs and RTOs. Which of the following backup scenarios would best ensure recovery?

A.

Hourly differential backups stored on a local SAN array

B.

Daily full backups stored on premises in magnetic offline media

C.

Daily differential backups maintained by a third-party cloud provider

D.

Weekly full backups with daily incremental stored on a NAS drive

Which of the following should a security operations center use to improve its incident response procedure?

A.

Playbooks

B.

Frameworks

C.

Baselines

D.

Benchmarks

A newly identified network access vulnerability has been found in the OS of legacy loT devices. Which of the following would best mitigate this vulnerability quickly?

A.

Insurance

B.

Patching

C.

Segmentation

D.

Replacement

An analyst observed an unexpected high number of DE authentication on requests being sent from an unidentified device on the network. Which of the following attacks was most likely executed in this scenario?

A.

Jamming

B.

Blue jacking

C.

Rogue access point

D.

Disassociation