CompTIA SY0-601 Exam Practice Questions (P. 4)
- Full Access (860 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #31
Which of the following would detect intrusions at the perimeter of an airport?
send
light_mode
delete
Question #32
A security analyst is concerned about critical vulnerabilities that have been detected on some applications running inside containers. Which of the following is the
BEST remediation strategy?
BEST remediation strategy?
- AUpdate the base container Image and redeploy the environment.Most Voted
- BInclude the containers in the regular patching schedule for servers.
- CPatch each running container individually and test the application.
- DUpdate the host in which the containers are running.
Correct Answer:
B
B
send
light_mode
delete
Question #33
An organization has decided to purchase an insurance policy because a risk assessment determined that the cost to remediate the risk is greater than the five- year cost of the insurance policy. The organization is enabling risk:
send
light_mode
delete
Question #34
A security analyst receives an alert from the company's SIEM that anomalous activity is coming from a local source IP address of 192.168.34.26. The Chief
Information Security Officer asks the analyst to block the originating source. Several days later, another employee opens an internal ticket stating that vulnerability scans are no longer being performed properly. The IP address the employee provides is 192.168.34.26. Which of the following describes this type of alert?
Information Security Officer asks the analyst to block the originating source. Several days later, another employee opens an internal ticket stating that vulnerability scans are no longer being performed properly. The IP address the employee provides is 192.168.34.26. Which of the following describes this type of alert?
- ATrue negative
- BTrue positive
- CFalse positiveMost Voted
- DFalse negative
Correct Answer:
A
A
send
light_mode
delete
Question #35
A security analyst wants to reference a standard to develop a risk management program. Which of the following is the BEST source for the analyst to use?
send
light_mode
delete
Question #36
The Chief Information Security Officer (CISO) requested a report on potential areas of improvement following a security incident. Which of the following incident response processes is the CISO requesting?
- ALessons learnedMost Voted
- BPreparation
- CDetection
- DContainment
- ERoot cause analysis
Correct Answer:
A
A
send
light_mode
delete
Question #37
A company is providing security awareness training regarding the importance of not forwarding social media messages from unverified sources. Which of the following risks would this training help to prevent?
send
light_mode
delete
Question #38
A security analyst is receiving numerous alerts reporting that the response time of an internet-facing application has been degraded. However, the internal network performance was not degraded. Which of the following MOST likely explains this behavior?
send
light_mode
delete
Question #39
Which of the following will increase cryptographic security?
- AHigh data entropyMost Voted
- BAlgorithms that require less computing power
- CLonger key longevity
- DHashing
Correct Answer:
A
A
send
light_mode
delete
Question #40
Which of the following statements BEST describes zero-day exploits?
- AWhen a zero-day exploit is discovered, the system cannot be protected by any means.
- BZero-day exploits have their own scoring category in CVSS.
- CA zero-day exploit is initially undetectable, and no patch for it exists.Most Voted
- DDiscovering zero-day exploits is always performed via bug bounty programs.
Correct Answer:
C
C
send
light_mode
delete
All Pages