Which of the following is best to use when determining the severity of a vulnerability?
A. CVE
B. OSINT
C. SOAR
D. CVSS
Which of the following best describes an environment where a business owns the application and operating system but requires the resources to host them in the cloud?
A. IaaS
B. XaaS
C. PaaS
D. SaaS
An organization wants to minimize the recovery time from backups in case of a disaster. Backups must be retained for one month, while minimizing the storage space used for backups. Which of the following is the best approach for a backup strategy?
A. Full monthly, incremental daily, and differential weekly
B. Full weekly and incremental daily
C. Full weekly and differential daily
D. Full daily
An incident analyst finds several image files on a hard disk. The image files may contain geolocation coordinates. Which of the following best describes the type of information the analyst is trying to extract from the image files?
A. Log data
B. Metadata
C. Encrypted data
D. Sensitive data
A company uses a SaaS vendor to host its customer database. The company would like to reduce the risk of customer data exposure if the systems are breached. Which of the following risks should the company focus on to achieve this objective?
A. Access auditing
B. Outsourced code development
C. Supply chain
D. Open ports and services
An employee finds a USB flash drive labeled "Salary Info" in an office parking lot. The employee picks up the USB flash drive, goes into the office, and plugs it into a laptop. Later, a technician inspects the laptop and realizes it has been compromised by malware. Which of the following types of social engineering attacks has occurred?
A. Smishing
B. Baiting
C. Tailgating
D. Pretexting
The primary goal of the threat-hunting team at a large company is to identify cyberthreats that the SOC has not detected. Which of the following types of data would the threat-hunting team primarily use to identify systems that are exploitable?
A. Vulnerability scan
B. Packet capture
C. Threat feed
D. User behavior
Which of the following best describes the process of adding a secret value to extend the length of stored passwords?
A. Hashing
B. Quantum communications
C. Salting
D. Perfect forward secrecy
Adding a value to the end of a password to create a different password hash is called:
A. salting.
B. key stretching.
C. steganography.
D. MD5 checksum.
An organization is concerned about hackers bypassing MFA through social engineering of phone carriers. Which of the following would most likely protect against such an attack?
A. Receiving alerts about unusual log-in activity
B. Receiving a six-digit code via SMS
C. Receiving a push notification to a mobile application
D. Receiving a phone call for automated approval
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-601 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.