CompTIA CompTIA Security+ SY0-601 Questions & Answers

• Question 1:

  A systems administrator is auditing all company servers to ensure they meet the minimum security baseline. While auditing a Linux server, the systems administrator observes the /etc/shadow file has permissions beyond the baseline recommendation.

  Which of the following commands should the systems administrator use to resolve this issue?

  A. chmod

  B. grep

  C. dd

  D. passwd

  Correct Answer: A

• Question 2:

  A company wants to implement MFA. Which of the following enables the additional factor while using a smart card?

  A. PIN

  B. Hardware token

  C. User ID

  D. SMS

  Correct Answer: A

• Question 3:

  An enterprise has hired an outside security firm to conduct penetration testing on its network and applications. The firm has been given all the developer's documentation about the internal architecture. Which of the following best represents the type of testing that will occur?

  A. Bug bounty

  B. White-box

  C. Black-box

  D. Gray-box

  Correct Answer: B

• Question 4:

  A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system.

  Which of the following would detect this behavior?

  A. Implementing encryption

  B. Monitoring outbound traffic

  C. Using default settings

  D. Closing all open ports

  Correct Answer: B

• Question 5:

  In which of the following scenarios is tokenization the best privacy technique to use?

  A. Providing pseudo-anonymization for social media user accounts

  B. Serving as a second factor for authentication requests

  C. Enabling established customers to safely store credit card information

  D. Masking personal information inside databases by segmenting data

  Correct Answer: C

• Question 6:

  A security administrator received an alert for a user account with the following log activity:

  

  Which of the following best describes the trigger for the alert the administrator received?

  A. Number of failed log-in attempts

  B. Geolocation

  C. Impossible travel time

  D. Time-based log-in attempt

  Correct Answer: C

• Question 7:

  A security team created a document that details the order in which critical systems should be brought back online after a major outage. Which of the following documents did the team create?

  A. Communication plan

  B. Incident response plan

  C. Data retention policy

  D. Disaster recovery plan

  Correct Answer: D

• Question 8:

  A company wants to reconfigure an existing wireless infrastructure. The company needs to ensure the projected WAP placement will provide proper signal strength to all workstations. Which of the following should the company use to best fulfill the requirements?

  A. Network diagram

  B. WPS

  C. 802.1X

  D. Heat map

  Correct Answer: D

• Question 9:

  A security engineer is working to address the growing risks that shadow IT services are introducing to the organization. The organization has taken a cloud-first approach and does not have an on-premises IT infrastructure. Which of the following would best secure the organization?

  A. Upgrading to a next-generation firewall

  B. Deploying an appropriate in-line CASB solution

  C. Conducting user training on software policies

  D. Configuring double key encryption in SaaS platforms

  Correct Answer: B

• Question 10:

  Which of the following are the most likely vectors for the unauthorized or unintentional inclusion of vulnerable code in a software company's final software releases? (Choose two).

  A. Certificate mismatch

  B. Use of penetration-testing utilities

  C. Weak passwords

  D. Included third-party libraries

  E. Vendors/supply chain

  F. Outdated anti-malware software

  Correct Answer: DE