CompTIA SY0-601 Free Practice Questions

NEW QUESTION 1
A hospital's administration is concerned about a potential loss of patient data that is stored on tablets. A security administrator needs to implement controls to alert the SOC any time the devices are near exits. Which of the following would BEST achieve this objective?

• A. Geotargeting
• B. Geolocation
• C. Geotagging
• D. Geofencing

Answer: D

NEW QUESTION 2
A company's Chief Information Office (CIO) is meeting with the Chief Information Security Officer (CISO) to plan some activities to enhance the skill levels of the company's developers. Which of the following would be MOST suitable for training the developers'?

• A. A capture-the-flag competition
• B. A phishing simulation
• C. Physical security training
• D. Baste awareness training

Answer: B

NEW QUESTION 3
A client sent several inquiries to a project manager about the delinquent delivery status of some critical reports. The project manager darned the reports were previously sent via email but then quickly generated and backdated the reports before submitting them via a new email message Which of the following actions MOST likely supports an investigation for fraudulent submission?

• A. Establish chain of custody
• B. Inspect the file metadata
• C. Reference the data retention policy
• D. Review the email event logs

Answer: D

NEW QUESTION 4
A security analyst wants to verify that a client-server (non-web) application is sending encrypted traffic. Which of the following should the analyst use?

• A. openssl
• B. hping
• C. netcat
• D. tcpdump

Answer: A

NEW QUESTION 5
A company is designing the layout of a new datacenter so it will have an optimal environmental temperature Which of the following must be included? (Select TWO)

• A. An air gap
• B. A cold aisle
• C. Removable doors
• D. A hot aisle
• E. An loT thermostat
• F. A humidity monitor

Answer: EF

NEW QUESTION 6
A company’s bank has reported that multiple corporate credit cards have been stolen over the past several weeks. The bank has provided the names of the affected cardholders to the company’s forensics team to assist in the cyber-incident investigation.
An incident responder learns the following information:
The timeline of stolen card numbers corresponds closely with affected users making Internet-based purchases from diverse websites via enterprise desktop PCs.
All purchase connections were encrypted, and the company uses an SSL inspection proxy for the inspection of encrypted traffic of the hardwired network.
Purchases made with corporate cards over the corporate guest WiFi network, where no SSL inspection occurs, were unaffected.
Which of the following is the MOST likely root cause?

• A. HTTPS sessions are being downgraded to insecure cipher suites
• B. The SSL inspection proxy is feeding events to a compromised SIEM
• C. The payment providers are insecurely processing credit card charges
• D. The adversary has not yet established a presence on the guest WiFi network

Answer: C

NEW QUESTION 7
Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?

• A. Least privilege
• B. Awareness training
• C. Separation of duties
• D. Mandatory vacation

Answer: C

NEW QUESTION 8
A security analyst has received an alert about being sent via email. The analyst’s Chief information Security Officer (CISO) has made it clear that PII must be handle with extreme care From which of the following did the alert MOST likely originate?

• A. S/MIME
• B. DLP
• C. IMAP
• D. HIDS

Answer: B

NEW QUESTION 9
A security analyst needs to generate a server certificate to be used for 802.1X and secure RDP connections. The analyst is unsure what is required to perform the task and solicits help from a senior colleague. Which of the following is the FIRST step the senior colleague will most likely tell the analyst to perform to accomplish this task?

• A. Create an OCSP
• B. Generate a CSR
• C. Create a CRL
• D. Generate a .pfx file

Answer: B

NEW QUESTION 10
An organization has a growing workforce that is mostly driven by additions to the sales department. Each newly hired salesperson relies on a mobile device to conduct business. The Chief Information Officer (CIO) is wondering it the organization may need to scale down just as quickly as it scaled up. The ClO is also concerned about the organization's security and customer privacy. Which of the following would be BEST to address the ClO’s concerns?

• A. Disallow new hires from using mobile devices for six months
• B. Select four devices for the sales department to use in a CYOD model
• C. Implement BYOD for the sates department while leveraging the MDM
• D. Deploy mobile devices using the COPE methodology

Answer: C

NEW QUESTION 11
During a security assessment, a security finds a file with overly permissive permissions. Which of the following tools will allow the analyst to reduce the permission for the existing users and groups and remove the set-user-ID from the file?

• A. 1a
• B. chflags
• C. chmod
• D. leof
• E. setuid

Answer: D

NEW QUESTION 12
The IT department at a university is concerned about professors placing servers on the university network in an attempt to bypass security controls. Which of the following BEST represents this type of threat?

• A. A script kiddie
• B. Shadow IT
• C. Hacktivism
• D. White-hat

Answer: B

NEW QUESTION 13
A security engineer at an offline government facility is concerned about the validity of an SSL certificate. The engineer wants to perform the fastest check with the least delay to determine if the certificate has been revoked. Which of the following would BEST these requirement?

• A. RA
• B. OCSP
• C. CRL
• D. CSR

Answer: C

NEW QUESTION 14
A global pandemic is forcing a private organization to close some business units and reduce staffing at others. Which of the following would be BEST to help the organization’s executives determine the next course of action?

• A. An incident response plan
• B. A communications plan
• C. A disaster recovery plan
• D. A business continuity plan

Answer: D

NEW QUESTION 15
A security administrator checks the table of a network switch, which shows the following output:

Which of the following is happening to this switch?

• A. MAC Flooding
• B. DNS poisoning
• C. MAC cloning
• D. ARP poisoning

Answer: A

NEW QUESTION 16
A security analyst is investigating an incident to determine what an attacker was able to do on a compromised laptop. The analyst reviews the following SIEM log:

Which of the following describes the method that was used to compromise the laptop?

• A. An attacker was able to move laterally from PC1 to PC2 using a pass-the-hash attack
• B. An attacker was able to bypass application whitelisting by emailing a spreadsheet attachment with an embedded PowerShell in the file
• C. An attacker was able to install malware to the CAasdf234 folder and use it to gam administrator nights and launch Outlook
• D. An attacker was able to phish user credentials successfully from an Outlook user profile

Answer: A

NEW QUESTION 17
Which of the following BEST explains the difference between a data owner and a data custodian?

• A. The data owner is responsible for adhering to the rules for using the data, while the data custodian is responsible for determining the corporate governance regarding the data
• B. The data owner is responsible for determining how the data may be used, while the data custodian is responsible for implementing the protection to the data
• C. The data owner is responsible for controlling the data, while the data custodian is responsible for maintaining the chain of custody when handling the data
• D. The data owner grants the technical permissions for data access, while the data custodian maintains the database access controls to the data

Answer: B

NEW QUESTION 18
......