The latest updated CompTIA SY0-601 exam dumps and free SY0-601 exam practice questions and answers! Latest updates from Lead4Pass CompTIA SY0-601 Dumps PDF and SY0-601 Dumps VCE, Lead4Pass SY0-601 exam questions updated and answers corrected! Get the full CompTIA SY0-601 dumps from https://www.leads4pass.com/sy0-601.html (VCE&PDF)
Latest SY0-601 PDF for free
Share the CompTIA SY0-601 Dumps PDF for free From Lead4pass SY0-601 Dumps part of the distraction collected on Google Drive shared by Lead4pass
https://drive.google.com/file/d/1WJQJM7AjSgv1WlW_Nc6OphsS_KTFcF2I/
The latest updated CompTIA SY0-601 Exam Practice Questions and Answers Online Practice Test is free to share from Lead4Pass (Q1-Q13)
QUESTION 1
A security administrator suspects there may be unnecessary services running on a server. Which of the following tools
will the administrator MOST likely use to confirm the suspicions?
A. Nmap
B. Wireshark
C. Autopsy
D. DNSEnum
Correct Answer: A
QUESTION 2
HOTSPOT
A newly purchased corporate WAP needs to be configured in the MOST secure manner possible.
INSTRUCTIONS
Please click on the below items on the network diagram and configure them accordingly:
1.
WAP
2.
DHCP Server
3.
AAA Server
4.
Wireless Controller
5.
LDAP Server
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Hot Area:
Correct Answer:
Wireless Access Point:
1.
Network Mode – G only
2.
Wireless Channel – 11
3.
Wireless SSID Broadcast – disable
4.
Security settings – WPA2 Personal
QUESTION 3
A cybersecurity manager has scheduled biannual meetings with the IT team and department leaders to discuss how
they would respond to hypothetical cyberattacks. During these meetings, the manager presents a scenario and injects
additional information throughout the session to replicate what might occur in a dynamic cybersecurity event involving
the company, its facilities, its data, and its staff. Which of the following describes what the manager is doing?
A. Developing an incident response plan
B. Building a disaster recovery plan
C. Conducting a tabletop exercise
D. Running a simulation exercise
Correct Answer: C
QUESTION 4
Which of the following cloud models provides clients with servers, storage, and networks but nothing else?
A. SaaS
B. PaaS
C. IaaS
D. DaaS
Correct Answer: C
QUESTION 5
A university with remote campuses, which all use different service providers, loses Internet connectivity across all
locations. After a few minutes, Internet and VoIP services are restored, only to go offline again at random intervals,
typically within four minutes of services being restored. Outages continue throughout the day, impacting all inbound and
outbound connections and services. Services that are limited to the local LAN or WiFi network are not impacted, but all
WAN and VoIP services are affected.
Later that day, the edge-router manufacturer releases a CVE outlining the ability of an attacker to exploit the SIP
protocol handling on devices, leading to resource exhaustion and system reloads. Which of the following BEST describes
this type of attack? (Choose two.)
A. DoS
B. SSL stripping
C. Memory leak
D. Race condition
E. Shimming
F. Refactoring
Correct Answer: AD
QUESTION 6
A company has drafted an Insider-threat policy that prohibits the use of external storage devices. Which of the following
would BEST protect the company from data exfiltration via removable media?
A. Monitoring large data transfer transactions in the firewall logs
B. Developing mandatory training to educate employees about the removable media policy
C. Implementing a group policy to block user access to system files
D. Blocking removable-media devices and write capabilities using a host-based security tool
Correct Answer: D
QUESTION 7
A security auditor is reviewing vulnerability scan data provided by an internal security team. Which of the following
Does BEST indicate that valid credentials were used?
A. The scan results show open ports, protocols, and services exposed on the target host
B. The scan enumerated software versions of installed programs
C. The scan produced a list of vulnerabilities on the target host
D. The scan identified expired SSL certificates
Correct Answer: B
QUESTION 8
A startup company is using multiple SaaS and laaS platforms to stand up a corporate infrastructure and build out a
customer-facing web application. Which of the following solutions would be BEST to provide security, manageability,
and visibility into the platforms?
A. SIEM
B. DLP
C. CASB
D. SWG
Correct Answer: C
QUESTION 9
For each of the given items, select the appropriate authentication category from the drop-down choices. Select the
appropriate authentication type for the following items:
Hot Area:
Correct Answer:
Biometrics refers to a collection of physical attributes of the human body that can be used as identification or an
authentication factor. Fingerprints and retinas are physical attributes of the human body.
Two types of tokens exist, Time-based one-time password (TOTP) tokens and HMACbased one-time password
(HOTP). TOTP tokens generate passwords at fixed time intervals, whereas HOTP tokens generate passwords not
based on fixed
time intervals but instead based on a non-repeating one-way function, such as a hash or HMAC operation.
Smart cards can have Multi-factor and proximity authentication embedded into them.
PAP allows for two entities to share a password in advance and use the password as the basis of authentication. The same goes for PIN numbers.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 282, 285
http://en.wikipedia.org/wiki/Password_authentication_protocol#Working_cycle
http://en.wikipedia.org/wiki/Smart_card#Security
QUESTION 10
Users are attempting to access a company\\’s website but are transparently redirected to another website. The users
confirm the URL is correct. Which of the following would BEST prevent this issue in the future?
A. DNSSEC
B. HTTPS
C. IPSec
D. TLS/SSL
Correct Answer: A
QUESTION 11
Which of the following should be put in place when negotiating with a new vendor about the timeliness of the response
to a significant outage or incident?
A. MOU
B. MTTR
C. SLA
D. NDA
Correct Answer: C
QUESTION 12
A security team has downloaded a public database of the largest collection of password dumps on the Internet. This
collection contains the cleartext credentials of every major breach for the last four years. The security team pulls and
compares users\\’ credentials to the database and discovers that more than 30% of the users were still using passwords
discovered in this list. Which of the following would be the BEST combination to reduce the risks discovered?
A. Password length, password encryption, password complexity
B. Password complexity, least privilege, password reuse
C. Password reuse, password complexity, password expiration
D. Group policy, password history, password encryption
Correct Answer: A
QUESTION 13
A development team employs the practice of bringing all the code changes from multiple team members into the same
development project through automation. A tool is utilized to validate the code and track source code through version
control. Which of the following BEST describes this process?
A. Continuous delivery
B. Continuous integration
C. Continuous validation
D. Continuous monitoring
Correct Answer: B
Braindump4it shares the latest updated CompTIA SY0-601 exam exercise questions, SY0-601 dumps pdf for free.
All exam questions and answers come from the Lead4pass exam dumps shared part! Lead4pass updates throughout the year and shares a portion of your exam questions for free to help you understand the exam content and enhance your exam experience!
Get the full CompTIA SY0-601 exam dumps questions at: https://www.leads4pass.com/sy0-601.html (pdf&vce)
ps.
Get free CompTIA SY0-601 dumps PDF online: https://drive.google.com/file/d/1WJQJM7AjSgv1WlW_Nc6OphsS_KTFcF2I/