15 July 2023 By underratedcollege.com 1

CompTIA Security+ Exam SY0-601 ( 3 )

Welcome to your CompTIA Security+ Exam SY0-601 ( 3 )

1-) A security administrator suspects an employee has been emailing proprietary information to a competitor. Company policy requires the administrator to capture an exact copy of the employee’s hard disk. Which of the following should the administrator use?

2-) A company has been experiencing very brief power outages from its utility company over the last few months. These outages only last for one second each time. The utility company is aware of the issue and is working to replace a faulty transformer. Which of the following BEST describes what the company should purchase to ensure its critical servers and network devices stay online?

3-) A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do FIRST after recovery?

4-) A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use. Which of the following should the engineer do to determine the issue? (Choose two.)

5-) A nuclear plant was the victim of a recent attack, and all the networks were air gapped. A subsequent investigation revealed a worm as the source of the issue. Which of the following BEST explains what happened?

6-) A security administrator is setting up a SIEM to help monitor for notable events across the enterprise. Which of the following control types does this BEST represent?

7-) A financial institution would like to stare is customer data a could but still allow the data ta he accessed and manipulated while encrypted. Doing se would prevent the cloud service provider from being able to decipher the data due to its sensitivity. The financial institution is not concern about computational overheads and slow speeds, Which of the following cryptographic techniques would BEST meet the requirement?

😎 Which of the following describes the BEST approach for deploying application patches?

9-) A Chief Security Officer (CSO) is concerned about the amount of PII that is stored locally on each salesperson’s laptop. The sales department has a higher-thanaverage rate of lost equipment. Which of the following recommendations would BEST address the CSO’s concern?

10-)Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?

11-) An attacked is attempting to exploit users by creating a fake website with the URL www.validwebsite.com. The attacker's intent is to imitate the look and feel of a legitimate website to obtain personal information from unsuspecting users. Which of the following social-engineering attacks does this describe?

12-) A network administrator at a large organization Is reviewing methods to improve the security of the wired LAN Any security improvement must be centrally managed and allow corporate-owned devices to have access to the intranet but limit others to Internet access only. Which of the following should the administrator recommend?

13-) A company is upgrading its wireless infrastructure to WPA2-Enterprise using EAP-TLS. Which of the following must be part of the security architecture to achieve AAA? (Select TWO)

14-) A network administrator has been asked to install an IDS to improve the security posture of an organization. Which of the following control types is an IDS?

15-) In which of the following common use cases would steganography be employed?

16-) A security analyst is reviewing the output of a web server log and notices a particular account is attempting to transfer large amounts of money: Which of the following types of attack is MOST likely being conducted?

17-) Which of the following allows for functional test data to be used in new systems for testing and training purposes to protect the read data?

18-) An organization would like to remediate the risk associated with its cloud service provider not meeting its advertised 99.999% availability metrics. Which of the following should the organization consult for the exact requirements for the cloud provider?

19-) A network administrator has been alerted that web pages are experiencing long load times. After determining it is not a routing or DNS issue, the administrator logs in to the router, runs a command, and receives the following output: Which of the following is the router experiencing?

20-) An attacker is attempting, to harvest user credentials on a client's website. A security analyst notices multiple attempts of random usernames and passwords. When the analyst types in a random username and password. the logon screen displays the following message: Which of the following should the analyst recommend be enabled?