CompTIA CompTIA Certifications SY0-601 Questions & Answers

• Question 41:

  Which of the following best represents an application that does not have an on-premises requirement and is accessible from anywhere?

  A. PaaS

  B. Hybrid cloud

  C. Private cloud

  D. IaaS

  E. SaaS

  Correct Answer: E

• Question 42:

  During an investigation, events from two affected servers in the same subnetwork occurred at the same time:

  Server 1: 192.168.10.1 [01/Apr/2021:06:00:00 PST] SAN access denied for user 'admin' Server 2: 192.168.10.6 [01/Apr/2021:06:01:01 CST] SAN access successful for user 'admin'

  Which of the following should be consistently configured to prevent the issue seen in the logs?

  A. Geolocation

  B. TOTP

  C. NTP

  D. MFA

  Correct Answer: C

• Question 43:

  Which of the following tools can assist with detecting an employee who has accidentally emailed a file containing a customer's PII?

  A. SCAP

  B. NetFlow

  C. Antivirus

  D. DLP

  Correct Answer: D

• Question 44:

  A bank insists all of its vendors must prevent data loss on stolen laptops. Which of the following strategies is the bank requiring?

  A. Encryption at rest

  B. Masking

  C. Data classification

  D. Permission restrictions

  Correct Answer: A

• Question 45:

  After a recent vulnerability scan, a security engineer needs to harden the routers within the corporate network. Which of the following is the most appropriate to disable?

  A. Console access

  B. Routing protocols

  C. VLANs

  D. Web-based administration

  Correct Answer: D

  Web based Administration, cannot disable the rest of the options.

• Question 46:

  A company requires hard drives to be securely wiped before sending decommissioned systems to recycling. Which of the following best describes this policy?

  A. Enumeration

  B. Sanitization

  C. Destruction

  D. Inventory

  Correct Answer: B

  Data sanitization involves purposely, permanently deleting, or destroying data from a storage device, to ensure it cannot be recovered.

• Question 47:

  An attacker posing as the Chief Executive Officer calls an employee and instructs the employee to buy gift cards. Which of the following techniques is the attacker using?

  A. Smishing

  B. Phishing

  C. Impersonating

  D. Vishing

  Correct Answer: D

• Question 48:

  Which of the following best describes a use case for a DNS sinkhole?

  A. Attackers can see a DNS sinkhole as a highly valuable resource to identify a company's domain structure.

  B. A DNS sinkhole can be used to draw employees away from known-good websites to malicious ones owned by the attacker.

  C. A DNS sinkhole can be used to capture traffic to known-malicious domains used by attackers.

  D. A DNS sinkhole can be set up to attract potential attackers away from a company's network resources.

  Correct Answer: C

• Question 49:

  Which of the following explains why an attacker cannot easily decrypt passwords using a rainbow table attack?

  A. Digital signatures

  B. Salting

  C. Hashing

  D. Perfect forward secrecy

  Correct Answer: B

• Question 50:

  A company reduced the area utilized in its data center by creating virtual networking through automation and by creating provisioning routes and rules through scripting. Which of the following does this example describe?

  A. IaC

  B. MSSP

  C. Containers

  D. SaaS

  Correct Answer: A

  The scenario described is an example of Infrastructure as Code (IaC). IaC is a key devOps practice that involves managing and provisioning computing infrastructure through machine-readable script files, rather than through physical hardware configuration or interactive configuration tools. This approach can help in automating the process of setting up, changing, and versioning infrastructure efficiently and it can be particularly useful in managing virtualized and cloud-based services, which is the case in the scenario provided.