CompTIA SY0-601 Free Practice Questions

NEW QUESTION 1
An organization has a growing workforce that is mostly driven by additions to the sales department. Each newly hired salesperson relies on a mobile device to conduct business. The Chief Information Officer (CIO) is wondering it the organization may need to scale down just as quickly as it scaled up. The ClO is also concerned about the organization's security and customer privacy. Which of the following would be BEST to address the ClO’s concerns?

• A. Disallow new hires from using mobile devices for six months
• B. Select four devices for the sales department to use in a CYOD model
• C. Implement BYOD for the sates department while leveraging the MDM
• D. Deploy mobile devices using the COPE methodology

Answer: C

NEW QUESTION 2
A company recently set up an e-commerce portal to sell its product online. The company wants to start accepting credit cards for payment, which requires compliance with a security standard. Which of the following standards must the company comply with before accepting credit cards on its e-commerce platform?

• A. PCI DSS
• B. ISO 22301
• C. ISO 27001
• D. NIST CSF

Answer: A

NEW QUESTION 3
A security analyst sees the following log output while reviewing web logs:

Which of the following mitigation strategies would be BEST to prevent this attack from being successful?

• A. Secure cookies
• B. Input validation
• C. Code signing
• D. Stored procedures

Answer: B

NEW QUESTION 4
A security analyst needs to complete an assessment. The analyst is logged into a server and must use native tools to map services running on it to the server's listening ports. Which of the following tools can BEST accomplish this talk?

• A. Netcat
• B. Netstat
• C. Nmap
• D. Nessus

Answer: B

NEW QUESTION 5
A critical file server is being upgraded and the systems administrator must determine which RAID level the new server will need to achieve parity and handle two simultaneous disk failures. Which of the following RAID levels meets this requirements?

• A. RAID 0+1
• B. RAID 2
• C. RAID 5
• D. RAID 6

Answer: C

NEW QUESTION 6
A user is concerned that a web application will not be able to handle unexpected or random input without crashing. Which of the following BEST describes the type of testing the user should perform?

• A. Code signing
• B. Fuzzing
• C. Manual code review
• D. Dynamic code analysis

Answer: D

NEW QUESTION 7
A user recently attended an exposition and received some digital promotional materials The user later noticed blue boxes popping up and disappearing on the computer, and reported receiving several spam emails, which the user did not open Which of the following is MOST likely the cause of the reported issue?

• A. There was a drive-by download of malware
• B. The user installed a cryptominer
• C. The OS was corrupted
• D. There was malicious code on the USB drive

Answer: D

NEW QUESTION 8
A workwide manufacturing company has been experiencing email account compromised. In one incident, a user logged in from the corporate office in France, but then seconds later, the same user account attempted a login from Brazil. Which of the following account policies would BEST prevent this type of attack?

• A. Network location
• B. Impossible travel time
• C. Geolocation
• D. Geofencing

Answer: D

NEW QUESTION 9
A security administrator suspects there may be unnecessary services running on a server. Which of the following tools will the administrator MOST likely use to confirm the suspicions?

• A. Nmap
• B. Wireshark
• C. Autopsy
• D. DNSEnum

Answer: A

NEW QUESTION 10
A company is adopting a BYOD policy and is looking for a comprehensive solution to protect company information on user devices. Which of the following solutions would BEST support the policy?

• A. Mobile device management
• B. Full-device encryption
• C. Remote wipe
• D. Biometrics

Answer: A

NEW QUESTION 11
A security administrator checks the table of a network switch, which shows the following output:

Which of the following is happening to this switch?

• A. MAC Flooding
• B. DNS poisoning
• C. MAC cloning
• D. ARP poisoning

Answer: A

NEW QUESTION 12
A startup company is using multiple SaaS and IaaS platforms to stand up a corporate infrastructure and build out a customer-facing web application. Which of the following solutions would be BEST to provide security, manageability, and visibility into the platforms?

• A. SIEM
• B. DLP
• C. CASB
• D. SWG

Answer: C

NEW QUESTION 13
The SOC is reviewing process and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. The allowed the malware to spread to additional hosts before it was contained. Which of the following would be BEST to improve the incident response process?

• A. Updating the playbooks with better decision points
• B. Dividing the network into trusted and untrusted zones
• C. Providing additional end-user training on acceptable use
• D. Implementing manual quarantining of infected hosts

Answer: A

NEW QUESTION 14
A security analyst needs to implement an MDM solution for BYOD users that will allow the company to retain control over company emails residing on the devices and limit data exfiltration that might occur if the devices are lost or stolen. Which of the following would BEST meet these requirements? (Select TWO).

• A. Full-device encryption
• B. Network usage rules
• C. Geofencing
• D. Containerization
• E. Application whitelisting
• F. Remote control

Answer: AB

NEW QUESTION 15
Which of the following is MOST likely to outline the roles and responsibilities of data controllers and data processors?

• A. SSAE SOC 2
• B. PCI DSS
• C. GDPR
• D. ISO 31000

Answer: C

NEW QUESTION 16
Which of the following describes the BEST approach for deploying application patches?

• A. Apply the patches to systems in a testing environment then to systems in a staging environment, and finally to production systems.
• B. Test the patches in a staging environment, develop against them in the development environment, andthen apply them to the production systems
• C. Test the patches m a test environment apply them to the production systems and then apply them to a staging environment
• D. Apply the patches to the production systems apply them in a staging environment, and then test all of them in a testing environment

Answer: A

NEW QUESTION 17
A technician needs to prevent data loss in a laboratory. The laboratory is not connected to any external networks. Which of the following methods would BEST prevent the exfiltration of data? (Select TWO).

• A. VPN
• B. Drive encryption
• C. Network firewall
• D. File level encryption
• E. USB blocker
• F. MFA

Answer: BE

NEW QUESTION 18
A consultant is configuring a vulnerability scanner for a large, global organization in multiple countries. The consultant will be using a service account to scan systems with administrative privileges on a weekly basis, but there is a concern that hackers could gain access to account to the account and pivot through the global network. Which of the following would be BEST to help mitigate this concern?

• A. Create consultant accounts for each region, each configured with push MFA notifications.
• B. Create one global administrator account and enforce Kerberos authentication
• C. Create different accounts for each regio
• D. limit their logon times, and alert on risky logins
• E. Create a guest account for each regio
• F. remember the last ten passwords, and block password reuse

Answer: C

NEW QUESTION 19
Which of the following job roles would sponsor data quality and data entry initiatives that ensure business and regulatory requirements are met?

• A. The data owner
• B. The data processor
• C. The data steward
• D. The data privacy officer.

Answer: C

NEW QUESTION 20
An analyst visits an internet forum looking for information about a tool. The analyst finds a threat that appears to contain relevant information. One of the posts says the following:

Which of the following BEST describes the attack that was attempted against the forum readers?

• A. SOU attack
• B. DLL attack
• C. XSS attack
• D. API attack

Answer: C

NEW QUESTION 21
A security engineer needs to enhance MFA access to sensitive areas in a building. A key card and fingerprint scan are already in use. Which of the following would add another factor of authentication?

• A. Hard token
• B. Retina scan
• C. SMS text
• D. Keypad PIN

Answer: B

NEW QUESTION 22
A network technician is installing a guest wireless network at a coffee shop. When a customer purchases an Item, the password for the wireless network is printed on the recent so the customer can log in. Which of the following will the technician MOST likely configure to provide the highest level of security with the least amount of overhead?

• A. WPA-EAP
• B. WEP-TKIP
• C. WPA-PSK
• D. WPS-PIN

Answer: A

NEW QUESTION 23
A security analyst discovers several .jpg photos from a cellular phone during a forensics investigation involving a compromised system. The analyst runs a forensics tool to gather file metadata. Which of the following would be part of the images if all the metadata is still intact?

• A. The GPS location
• B. When the file was deleted
• C. The total number of print jobs
• D. The number of copies made

Answer: A

NEW QUESTION 24
......