CompTIA CompTIA Certifications SY0-601 Questions & Answers

• Question 161:

  A security administrator needs a method to secure data in an environment that includes some form of checks so that the administrator can track any changes. Which of the following should the administrator set up to achieve this goal?

  A. SPF

  B. GPO

  C. NAC

  D. FIM

  Correct Answer: D

  File Integrity Monitoring (FIM) is a security feature that tracks changes to files and directories on a system. It helps administrators detect unauthorized changes, modifications, or deletions to critical files and data. FIM solutions use checksums or hash values to verify the integrity of files, comparing them to baseline values or known good states. If any discrepancies are found, alerts are generated, and administrators can take appropriate action to investigate and respond to potential security incidents.

  FIM is commonly used in environments where data security is essential, as it provides visibility into changes made to files, helping to detect potential security breaches or unauthorized access.

• Question 162:

  An administrator is reviewing a single server's security logs and discovers the following:

  

  Which of the following best describes the action captured in this log file?

  A. Brute-force attack

  B. Privilege escalation

  C. Failed password audit

  D. Forgotten password by the user

  Correct Answer: A

  A brute force attack is a type of cyberattack in which an attacker systematically tries all possible combinations of passwords or encryption keys until the correct one is found. It is a straightforward and time-consuming attack method that relies on the attacker's ability to repeatedly attempt different combinations until the correct one is guessed.

• Question 163:

  Which of the following must be considered when designing a high-availability network? (Choose two.)

  A. Ease of recovery

  B. Ability to patch

  C. Physical isolation

  D. Responsiveness

  E. Attack surface

  F. Extensible authentication

  Correct Answer: AD

  Ease of recovery: High-availability networks should be designed in a way that allows for quick and easy recovery in the event of a failure. Redundancy, failover mechanisms, and backup systems are some of the components that can help facilitate smooth recovery.

  Responsiveness: High-availability networks need to be responsive to ensure that any potential issues or failures are quickly detected, and appropriate actions are taken promptly to minimize downtime and impact.

• Question 164:

  Which of the following strategies shifts risks that are not covered in an organization's risk strategy?

  A. Risk transference

  B. Risk avoidance

  C. Risk mitigation

  D. Risk acceptance

  Correct Answer: A

  Risk transference is a risk management strategy that involves shifting the financial burden of potential risks to a third party. This is typically done by purchasing insurance or transferring the risk to a vendor or business partner through contractual agreements. By transferring the risk, the organization aims to mitigate the potential financial impact of the risk and protect its assets.

• Question 165:

  Which of the following agreements defines response time, escalation points, and performance metrics?

  A. BPA

  B. MOA

  C. NDA

  D. SLA

  Correct Answer: D

  An SLA (Service Level Agreement) is a formal agreement between a service provider and a customer that defines the terms and conditions of the service being provided. It outlines the agreed-upon response time, escalation points, performance metrics, and other service-related parameters. SLAs are commonly used in various business relationships to establish clear expectations and ensure that the service provider meets the agreed-upon standards of service delivery.

• Question 166:

  A bakery has a secret recipe that it wants to protect. Which of the following objectives should be added to the company's security awareness training?

  A. Insider threat detection

  B. Risk analysis

  C. Phishing awareness

  D. Business continuity planning

  Correct Answer: A

  The objective that should be added to the company's security awareness training is insider threat detection. Insider threats refer to potential security risks posed by employees, contractors, or anyone with legitimate access to the organization's sensitive information or assets. In this scenario, the bakery wants to protect its secret recipe, and it is crucial to educate employees about the risks of unauthorized disclosure or theft of sensitive information by individuals within the organization. By raising awareness about insider threats, employees can better understand the importance of safeguarding the company's intellectual property and take appropriate measures to prevent unauthorized access or disclosure.

• Question 167:

  A user would like to install software and features that are not available with a mobile device's default software. Which of the following would all the user to install unauthorized software and enable new features?

  A. SQLi

  B. Cross-site scripting

  C. Jailbreaking

  D. Side loading

  Correct Answer: C

  clear comparison between jailbreaking and sideloading with regard to certain features:

  1.

  Removes software restrictions:

  2.

  Jailbreaking: Yes

  3.

  Sideloading: No

  4.

  Can install unauthorized software:

  5.

  Jailbreaking: Yes

  6.

  Sideloading: No

  7.

  Can be used to install apps from outside the official app store:

  8.

  Jailbreaking: No

  9.

  Sideloading: Yes

  This table helps illustrate the differences between these two methods more clearly. Jailbreaking is specific to platforms like iOS and involves removing software restrictions and installing unauthorized software, while sideloading is a more general term that can apply to various platforms and allows for the installation of apps from outside official app stores.

• Question 168:

  A company has had several malware incidents that have been traced back to users accessing personal SaaS applications on the internet from the company network. The company has a policy that states users can only access business-related cloud applications from within the company network. Which of the following technical solutions should be used to enforce the policy?

  A. Implement single sign-on using an identity provider

  B. Leverage a cloud access security broker.

  C. Configure cloud security groups

  D. Install a virtual private cloud endpoint

  Correct Answer: B

• Question 169:

  You have just received some room and WiFi access control recommendations from a security consulting company. Click on each building to bring up available security controls. Please implement the following requirements:

  The Chief Executive Officer's (CEO) office had multiple redundant security measures installed on the door to the office. Remove unnecessary redundancies to deploy three-factor authentication, while retaining the expensive iris render.

  The Public Cafe has wireless available to customers. You need to secure the WAP with WPA and place a passphrase on the customer receipts.

  In the Data Center you need to include authentication from the "something you know" category and take advantage of the existing smartcard reader on the door.

  In the Help Desk Office, you need to require single factor authentication through the use of physical tokens given to guests by the receptionist.

  The PII Office has redundant security measures in place. You need to eliminate the redundancy while maintaining three-factor authentication and retaining the more expensive controls.

  

  Instructions: The original security controls for each office can be reset at any time by selecting the Reset button. Once you have met the above requirements for each office, select the Save button. When you have completed the entire simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

  

  

  Correct Answer:

  See the solution below.

  

  

• Question 170:

  CORRECT TEXT

  A systems administrator needs to install a new wireless network for authenticated guest access. The wireless network should support 802. IX using the most secure encryption and protocol available.

  Perform the following slops:

  1.

  Configure the RADIUS server.

  2.

  Configure the WiFi controller.

  3.

  Preconfigure the client for an incoming guest. The guest AD credentials are:

  User: guest01 Password: guestpass

  

  

  Correct Answer:

  See the answer below.

  Use the same settings as describe in below images.