CompTIA SY0-601 Free Practice Questions

NEW QUESTION 1
An organization just experienced a major cyberattack modem. The attack was well coordinated sophisticated and highly skilled. Which of the following targeted the organization?

• A. Shadow IT
• B. An insider threat
• C. A hacktivist
• D. An advanced persistent threat

Answer: D

NEW QUESTION 2
A security engineer is reviewing log files after a third discovered usernames and passwords for the organization’s accounts. The engineer sees there was a change in the IP address for a vendor website one earlier. This change lasted eight hours. Which of the following attacks was MOST likely used?

• A. Man-in- the middle
• B. Spear-phishing
• C. Evil twin
• D. DNS poising

Answer: D

NEW QUESTION 3
Accompany deployed a WiFi access point in a public area and wants to harden the configuration to make it more secure. After performing an assessment, an analyst identifies that the access point is
configured to use WPA3, AES, WPS, and RADIUS. Which of the following should the analyst disable to enhance the access point security?

• A. WPA3
• B. AES
• C. RADIUS
• D. WPS

Answer: D

NEW QUESTION 4
An analyst visits an internet forum looking for information about a tool. The analyst finds a threat that appears to contain relevant information. One of the posts says the following:

Which of the following BEST describes the attack that was attempted against the forum readers?

• A. SOU attack
• B. DLL attack
• C. XSS attack
• D. API attack

Answer: C

NEW QUESTION 5
A public relations team will be taking a group of guest on a tour through the facility of a large e-commerce company. The day before the tour, the company sends out an email to employees to ensure all whiteboars are cleaned and all desks are cleared. The company is MOST likely trying to protect against.

• A. Loss of proprietary information
• B. Damage to the company’s reputation
• C. Social engineering
• D. Credential exposure

Answer: C

NEW QUESTION 6
Which of the following is MOST likely to outline the roles and responsibilities of data controllers and data processors?

• A. SSAE SOC 2
• B. PCI DSS
• C. GDPR
• D. ISO 31000

Answer: C

NEW QUESTION 7
A university with remote campuses, which all use different service providers, loses Internet connectivity across all locations. After a few minutes, Internet and VoIP services are restored, only to go offline again at random intervals, typically within four minutes of services being restored. Outages continue throughout the day, impacting all inbound and outbound connections and services. Services that are limited to the local LAN or WiFi network are not impacted, but all WAN and VoIP services are affected.
Later that day, the edge-router manufacturer releases a CVE outlining the ability of an attacker to exploit the SIP protocol handling on devices, leading to resource exhaustion and system reloads. Which of the following BEST describe this type of attack? (Choose two.)

• A. DoS
• B. SSL stripping
• C. Memory leak
• D. Race condition
• E. Shimming
• F. Refactoring

Answer: AD

NEW QUESTION 8
A company has drafted an insider-threat policy that prohibits the use of external storage devices. Which of the following would BEST protect the company from data exfiltration via removable media?

• A. Monitoring large data transfer transactions in the firewall logs
• B. Developing mandatory training to educate employees about the removable media policy
• C. Implementing a group policy to block user access to system files
• D. Blocking removable-media devices and write capabilities using a host-based security tool

Answer: D

NEW QUESTION 9
A company is upgrading its wireless infrastructure to WPA2-Enterprise using EAP-TLS. Which of the following must be part of the security architecture to achieve AAA? (Select TWO)

• A. DNSSEC
• B. Reverse proxy
• C. VPN concentrator
• D. PKI
• E. Active Directory
• F. RADIUS

Answer: EF

NEW QUESTION 10
Joe, a user at a company, clicked an email link led to a website that infected his workstation. Joe, was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and It has continues to evade detection. Which of the following should administrator implement to protect the environment from this malware?

• A. Install a definition-based antivirus.
• B. Implement an IDS/IPS
• C. Implement a heuristic behavior-detection solution.
• D. Implement CASB to protect the network shares.

Answer: C

NEW QUESTION 11
When selecting a technical solution for identity management, an architect chooses to go from an in-house to a third-party SaaS provider. Which of the following risk management strategies is this an example of?

• A. Acceptance
• B. Mitigation
• C. Avoidance
• D. Transference

Answer: D

NEW QUESTION 12
Phishing and spear-phishing attacks have been occurring more frequently against a company’s staff. Which of the following would MOST likely help mitigate this issue?

• A. DNSSEC and DMARC
• B. DNS query logging
• C. Exact mail exchanger records in the DNS
• D. The addition of DNS conditional forwarders

Answer: C

NEW QUESTION 13
A company recently added a DR site and is redesigning the network. Users at the DR site are having issues browsing websites.
INSTRUCTIONS
Click on each firewall to do the following:
Deny cleartext web traffic.
Ensure secure management protocols are used.
Resolve issues at the DR site.
The ruleset order cannot be modified due to outside constraints.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 14
A global company is experiencing unauthorized logging due to credential theft and account lockouts caused by brute-force attacks. The company is considering implementing a third-party identity provider to help mitigate these attacks. Which of the following would be the BEST control for the company to require from prospective vendors’?

• A. IP restrictions
• B. Multifactor authentication
• C. A banned password list
• D. A complex password policy

Answer: B

NEW QUESTION 15
The SOC is reviewing process and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. The allowed the malware to spread to additional hosts before it was contained. Which of the following would be BEST to improve the incident response process?

• A. Updating the playbooks with better decision points
• B. Dividing the network into trusted and untrusted zones
• C. Providing additional end-user training on acceptable use
• D. Implementing manual quarantining of infected hosts

Answer: A

NEW QUESTION 16
An organization with a low tolerance for user inconvenience wants to protect laptop hard drives against loss or data theft. Which of the following would be the MOST acceptable?

• A. SED
• B. HSM
• C. DLP
• D. TPM

Answer: A

NEW QUESTION 17
An organization relies on third-party video conferencing to conduct daily business. Recent security changes now require all remote workers to utilize a VPN to corporate resources. Which of the following would BEST maintain high-quality video conferencing while minimizing latency when connected to the VPN?

• A. Using geographic diversity to have VPN terminators closer to end users
• B. Utilizing split tunneling so only traffic for corporate resources is encrypted
• C. Purchasing higher-bandwidth connections to meet the increased demand
• D. Configuring QoS properly on the VPN accelerators

Answer: D

NEW QUESTION 18
......