Various stakeholders are meeting to discuss their hypothetical roles and responsibilities in a specific situation, such as a security incident or major disaster. Which of the following best describes this meeting?
A. Penetration test
B. Continuity of operations planning
C. Tabletop exercise
D. Simulation
Which of the following threat actors is most likely to use a high level of sophistication and potentially zero-day exploits to target organizations and systems?
A. APT groups
B. Script kiddies
C. Hacktivists
D. Ethical hackers
A company is implementing a vendor's security tool in the cloud. The security director does not want to manage users and passwords specific to this tool but would rather utilize the company's standard user directory. Which of the following should the company implement?
A. 802.1X
B. SAML
C. RADIUS
D. CHAP
An organization wants to ensure it can track changes between software deployments. Which of the following concepts should the organization implement?
A. Continuous monitoring
B. Rights management
C. Non-repudiation
D. Version control
A company has implemented a policy that requires two people to agree in order to push any changes from the test codebase repository into production. Which of the following best describes this control type?
A. Detective
B. Technical
C. Physical
D. Operational
A security analyst is looking for a way to categorize and share a threat actor's TTPs with colleagues at a partner organization. Which of the following would be the best method to achieve this goal?
A. Releasing the lessons-learned report
B. Using the MITRE ATTandCK framework
C. Sharing the CVE IDs used in attacks
D. Sending relevant log files and pcaps
A systems administrator wants to add a second factor to the single sign-on portal that the organization uses. Currently, only a username and password are required. Which of the following should the administrator implement to best meet this requirement?
A. Personal verificationQuestions
B. Software-based TOTP
C. Log-in image checks
D. Secondary PIN code
A company needs to keep the fewest records possible, meet compliance needs, and ensure destruction of records that are no longer needed. Which of the following best describes the policy that meets these requirements?
A. Security policy
B. Classification policy
C. Retention policy
D. Access control policy
A systems administrator is considering switching from tape backup to an alternative backup solution that would allow data to be readily available in the event of a disaster. Which of the following backup types should the administrator implement?
A. Copy
B. Incremental
C. Cloud
D. Disk
E. Storage area network
The security team installed video cameras in a prominent location in the building lobby. Which of the following best describe this type of control? (Choose two.)
A. Technical
B. Detective
C. Deterrent
D. Managerial
E. Compensating
F. Corrective
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-601 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.