comptia sy0-601 online test

CompTIA Security+ Exam

What students need to know about the sy0-601 exam

  • Total 234 Questions & Answers

Question 1

A security engineer needs to implement the following requirements:
All Layer 2 switches should leverage Active Directory for authentication.

All Layer 2 switches should use local fallback authentication of Active Directory is offline. All Layer 2 switches are not


the same and are manufactured by several vendors.
Which of the following actions should the engineer take to meet these requirements? (Choose two.)

  • A. Implement RADIUS.
  • B. Configure AAA on the switch with local login as secondary.
  • C. Configure port security on the switch with the secondary login method.
  • D. Implement TACACS+.
  • E. Enable the local firewall on the Active Directory server.
  • F. Implement a DHCP server.
Answer:

A C

Discussions

Question 2

A financial organization has adopted a new secure, encrypted document-sharing application to help with its customer loan
process. Some important PII needs to be shared across this new platform, but it is getting blocked by the DLP systems.
Which of the following actions will BEST allow the PII to be shared with the secure application without compromising the
organizations security posture?

  • A. Configure the DLP policies to allow all PII
  • B. Configure the firewall to allow all ports that are used by this application
  • C. Configure the antivirus software to allow the application
  • D. Configure the DLP policies to whitelist this application with the specific PII
  • E. Configure the application to encrypt the PII
Answer:

D

Discussions

Question 3

The website http://companywebsite.com requires users to provide personal information, including security question
responses, for registration. Which of the following would MOST likely cause a data breach?

  • A. Lack of input validation
  • B. Open permissions
  • C. Unsecure protocol
  • D. Missing patches
Answer:

C

Discussions

Question 4

A security analyst receives a SIEM alert that someone logged in to the appadmin test account, which is only used for the
early detection of attacks. The security analyst then reviews the following application log:

Which of the following can the security analyst conclude?

  • A. A replay attack is being conducted against the application.
  • B. An injection attack is being conducted against a user authentication system.
  • C. A service account password may have been changed, resulting in continuous failed logins within the application.
  • D. A credentialed vulnerability scanner attack is testing several CVEs against the application.
Answer:

C

Discussions

Question 5

A network engineer is troubleshooting wireless network connectivity issues that were reported by users. The issues are
occurring only in the section of the building that is closest to the parking lot. Users are intermittently experiencing slow
speeds when accessing websites and are unable to connect to network drives. The issues appear to increase when laptop
users return to their desks after using their devices in other areas of the building. There have also been reports of users
being required to enter their credentials on web pages in order to gain access to them. Which of the following is the MOST
likely cause of this issue?

  • A. An external access point is engaging in an evil-twin attack.
  • B. The signal on the WAP needs to be increased in that section of the building.
  • C. The certificates have expired on the devices and need to be reinstalled.
  • D. The users in that section of the building are on a VLAN that is being blocked by the firewall.
Answer:

A

Discussions

Question 6

A security administrator currently spends a large amount of time on common security tasks, such as report generation,
phishing investigations, and user provisioning and deprovisioning. This prevents the administrator from spending time on
other security projects. The business does not have the budget to add more staff members. Which of the following should
the administrator attempt?

  • A. DAC
  • B. ABAC
  • C. SCAP
  • D. SOAR
Answer:

D

Explanation:
Reference: https://searchsecurity.techtarget.com/definition/SOAR

Discussions

Question 7

A global pandemic is forcing a private organization to close some business units and reduce staffing at others. Which of the
following would be BEST to help the organizations executives determine their next course of action?

  • A. An incident response plan
  • B. A communications plan
  • C. A disaster recovery plan
  • D. A business continuity plan
Answer:

D

Discussions

Question 8

In which of the following risk management strategies would cybersecurity insurance be used?

  • A. Transference
  • B. Avoidance
  • C. Acceptance
  • D. Mitigation
Answer:

A

Discussions

Question 9

A security administrator checks the table of a network switch, which shows the following output:

Which of the following is happening to this switch?

  • A. MAC flooding
  • B. DNS poisoning
  • C. MAC cloning
  • D. ARP poisoning
Answer:

A

Explanation:
Reference: http://cisco.num.edu.mn/CCNA_R&S2/course/module2/2.2.2.1/2.2.2.1.html

Discussions

Question 10

Which of the following are requirements that must be configured for PCI DSS compliance? (Choose two.)

  • A. Testing security systems and processes regularly
  • B. Installing and maintaining a web proxy to protect cardholder data
  • C. Assigning a unique ID to each person with computer access
  • D. Encrypting transmission of cardholder data across private networks
  • E. Benchmarking security awareness training for contractors
  • F. Using vendor-supplied default passwords for system passwords
Answer:

B D

Discussions
To page 2