The Secret Of CompTIA SY0-601 Pdf
Exambible offers free demo for SY0-601 exam. "CompTIA Security+ Exam", also known as SY0-601 exam, is a CompTIA Certification. This set of posts, Passing the CompTIA SY0-601 exam, will help you answer those questions. The SY0-601 Questions & Answers covers all the knowledge points of the real exam. 100% real CompTIA SY0-601 exams and revised by experts!
Online CompTIA SY0-601 free dumps demo Below:
NEW QUESTION 1
A user enters a password to log in to a workstation and is then prompted to enter an authentication code. Which of the following MFA factors or attributes are being utilized in the authentication process? (Select TWO).
- A. Something you know
- B. Something you have
- C. Somewhere you are
- D. Someone you are
- E. Something you are
- F. Something you can do
NEW QUESTION 2
A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices. Which of the following technologies would be BEST to balance the BYOD culture while also protecting the company’s data?
- A. Containerization
- B. Geofencing
- C. Full-disk encryption
- D. Remote wipe
NEW QUESTION 3
A network administrator has been asked to design a solution to improve a company's security posture The administrator is given the following, requirements?
• The solution must be inline in the network
• The solution must be able to block known malicious traffic
• The solution must be able to stop network-based attacks
Which of the following should the network administrator implement to BEST meet these requirements?
- A. HIDS
- B. NIDS
- C. HIPS
- D. NIPS
NEW QUESTION 4
A forensics examiner is attempting to dump password cached in the physical memory of a live system but keeps receiving an error message. Which of the following BEST describes the cause of the error?
- A. The examiner does not have administrative privileges to the system
- B. The system must be taken offline before a snapshot can be created
- C. Checksum mismatches are invalidating the disk image
- D. The swap file needs to be unlocked before it can be accessed
NEW QUESTION 5
A vulnerability assessment report will include the CVSS score of the discovered vulnerabilities because the score allows the organization to better.
- A. validate the vulnerability exists in the organization's network through penetration testing
- B. research the appropriate mitigation techniques in a vulnerability database
- C. find the software patches that are required to mitigate a vulnerability
- D. prioritize remediation of vulnerabilities based on the possible impact.
NEW QUESTION 6
A security administrator checks the table of a network switch, which shows the following output:
Which of the following is happening to this switch?
- A. MAC Flooding
- B. DNS poisoning
- C. MAC cloning
- D. ARP poisoning
NEW QUESTION 7
An organization is concerned that is hosted web servers are not running the most updated version of the software. Which of the following would work BEST to help identify potential vulnerabilities?
- A. Hping3 –s comptia, org –p 80
- B. Nc -1 –v comptia, org –p 80
- C. nmp comptia, org –p 80 –aV
- D. nslookup –port=80 comtia.org
NEW QUESTION 8
The facilities supervisor for a government agency is concerned about unauthorized access to environmental systems in the event the staff WiFi network is breached. Which of the blowing would BEST address this security concern?
- A. install a smart meter on the staff WiFi.
- B. Place the environmental systems in the same DHCP scope as the staff WiFi.
- C. Implement Zigbee on the staff WiFi access points.
- D. Segment the staff WiFi network from the environmental systems network.
NEW QUESTION 9
A security engineer is reviewing log files after a third discovered usernames and passwords for the organization’s accounts. The engineer sees there was a change in the IP address for a vendor website one earlier. This change lasted eight hours. Which of the following attacks was MOST likely used?
- A. Man-in- the middle
- B. Spear-phishing
- C. Evil twin
- D. DNS poising
NEW QUESTION 10
A network administrator has been alerted that web pages are experiencing long load times. After determining it is not a routing or DNS issue, the administrator logs in to the router, runs a command, and receives the following output:
Which of the following is the router experiencing?
- A. DDoS attack
- B. Memory leak
- C. Buffer overflow
- D. Resource exhaustion
NEW QUESTION 11
A malicious actor recently penetration a company’s network and moved laterally to the datacenter. Upon investigation, a forensics firm wants to know was in the memory on the compromised server. Which of the following files should be given to the forensics firm?
- A. Security
- B. Application
- C. Dump
- D. Syslog
NEW QUESTION 12
A user recent an SMS on a mobile phone that asked for bank delays. Which of the following social-engineering techniques was used in this case?
- A. SPIM
- B. Vishing
- C. Spear phishing
- D. Smishing
NEW QUESTION 13
A document that appears to be malicious has been discovered in an email that was sent to a company's Chief Financial Officer (CFO). Which of the following would be BEST to allow a security analyst to gather information and confirm it is a malicious document without executing any code it may contain?
- A. Open the document on an air-gapped network
- B. View the document's metadata for origin clues
- C. Search for matching file hashes on malware websites
- D. Detonate the document in an analysis sandbox
NEW QUESTION 14
Which of the following allows for functional test data to be used in new systems for testing and training purposes to protect the read data?
- A. Data encryption
- B. Data masking
- C. Data deduplication
- D. Data minimization
NEW QUESTION 15
Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?
- A. An attacker is sniffing traffic to port 53, and the server is managed using unencrypted usernames and passwords.
- B. An organization is experiencing excessive traffic on port 53 and suspects an attacker is trying to DoS the domain name server.
- C. Malware trying to resolve an unregistered domain name to determine if it is running in an isolated sandbox
- D. Routing tables have been compromised, and an attacker is rerouting traffic to malicious websites
NEW QUESTION 16
A security engineer needs to Implement the following requirements:
• All Layer 2 switches should leverage Active Directory tor authentication.
• All Layer 2 switches should use local fallback authentication If Active Directory Is offline.
• All Layer 2 switches are not the same and are manufactured by several vendors.
Which of the following actions should the engineer take to meet these requirements? (Select TWO).
- A. Implement RADIUS.
- B. Configure AAA on the switch with local login as secondary.
- C. Configure port security on the switch with the secondary login method.
- D. Implement TACACS+
- E. Enable the local firewall on the Active Directory server.
- F. Implement a DHCP server.
NEW QUESTION 17
A smart switch has the ability to monitor electrical levels and shut off power to a building in the event of power surge or other fault situation. The switch was installed on a wired network in a hospital and is monitored by the facilities department via a cloud application. The security administrator isolated the switch on a separate VLAN and set up a patch routine. Which of the following steps should also be taken to harden the smart switch?
- A. Set up an air gap for the switch.
- B. Change the default password for the switch.
- C. Place the switch In a Faraday cage.
- D. Install a cable lock on the switch
NEW QUESTION 18
A security analyst needs to produce a document that details how a security incident occurred, the steps that were taken for recovery, and how future incidents can be avoided. During which of the following stages of the response process will this activity take place?
- A. Recovery
- B. Identification
- C. Lessons learned
- D. Preparation
NEW QUESTION 19
A technician needs to prevent data loss in a laboratory. The laboratory is not connected to any external networks. Which of the following methods would BEST prevent data? (Select TWO)
- A. VPN
- B. Drive encryption
- C. Network firewall
- D. File-level encryption
- E. USB blocker
- F. MFA
NEW QUESTION 20
After a ransomware attack a forensics company needs to review a cryptocurrency transaction between the victim and the attacker. Which of the following will the company MOST likely review to trace this transaction?
- A. The public ledger
- B. The NetFlow data
- C. A checksum
- D. The event log
NEW QUESTION 21
P.S. Certleader now are offering 100% pass ensure SY0-601 dumps! All SY0-601 exam questions have been updated with correct answers: https://www.certleader.com/SY0-601-dumps.html (218 New Questions)