IMPORTANT NOTICE
Feedback
We have developed quality product and state-of-art service to ensure our customers interest. If you have any suggestions, please feel free to contact us at feedback@examout.co
Support
If you have any questions about our product, please provide the following items:
exam code screenshot of the question
login id/email
please contact us at and our technical experts will provide support within 24 hours.
Copyright
support@examout.co
The product of each order has its own encryption code, so you should use it independently. Any unauthorized changes will inflict legal punishment. We reserve the right of final explanation for this statement.
Topic 1, Exam Set 1
Question #:1 - (Exam Topic 1)
Which of the following controls would be the MOST cost-effective and time-efficient to deter intrusions at the perimeter of a restricted, remote military training area?
(Select TWO).
Barricades
Thermal sensors
Drones
Signage
Motion sensors
Guards
Bollards
Answer: A D
Explanation
Barricades and signage are the most cost-effective and time-efficient controls to deter intrusions at the perimeter of a restricted, remote military training area. References:
CompTIA Security+ Study Guide Exam SY0-601, Chapter 7
Question #:2 - (Exam Topic 1)
As part of annual audit requirements, the security team performed a review of exceptions to the company policy that allows specific users the ability to use USB storage devices on their laptops The review yielded the following results.
• The exception process and policy have been correctly followed by the majority of users
• A small number of users did not create tickets for the requests but were granted access
• All access had been approved by supervisors.
• Valid requests for the access sporadically occurred across multiple departments.
• Access, in most cases, had not been removed when it was no longer needed
Which of the following should the company do to ensure that appropriate access is not disrupted but unneeded access is removed in a reasonable time frame?
Create an automated, monthly attestation process that removes access if an employee's supervisor denies the approval
Remove access for all employees and only allow new access to be granted if the employee's supervisor approves the request
Perform a quarterly audit of all user accounts that have been granted access and verify the exceptions with the management team
Implement a ticketing system that tracks each request and generates reports listing which employees actively use USB storage devices
Answer: A
Explanation
According to the CompTIA Security+ SY0-601 documents, the correct answer option is A. Create an automated, monthly attestation process that removes access if an employee’s supervisor denies the approval12
This option ensures that appropriate access is not disrupted but unneeded access is removed in a reasonable time frame by requiring supervisors to approve or deny the exceptions on a regular basis. It also reduces the manual workload of the security team and improves the compliance with the company policy.
Question #:3 - (Exam Topic 1)
Which of the following must be in place before implementing a BCP?
Answer: D
Explanation
A Business Impact Analysis (BIA) is a critical component of a Business Continuity Plan (BCP). It identifies and prioritizes critical business functions and determines the impact of their disruption. References: CompTIA Security+ Study Guide 601, Chapter 10
Question #:4 - (Exam Topic 1)
A company recently experienced an attack during which its main website was Directed to the attacker's web
server, allowing the attacker to harvest credentials from unsuspecting customers, Which of the following should the
company implement to prevent this type of attack from occurring In the future?
Answer: B
Explanation
To prevent attacks where the main website is directed to the attacker's web server and allowing the attacker to harvest credentials from unsuspecting customers, the company should implement SSL/TLS (Secure Sockets Layer/Transport Layer Security) to encrypt the communication between the web server and the clients. This will prevent attackers from intercepting and tampering with the communication, and will also help to verify the identity of the web server to the clients.
Question #:5 - (Exam Topic 1)
A financial institution would like to store its customer data in a cloud but still allow the data to be accessed and manipulated while encrypted. Doing so would prevent the cloud service provider from being able to decipher the data due to its sensitivity. The financial institution is not concerned about computational overheads and slow speeds. Which of the following cryptographic techniques would BEST meet the requirement?
Asymmetric
Symmetric
Homomorphic
Ephemeral
Answer: B
Explanation
Symmetric encryption allows data to be encrypted and decrypted using the same key. This is useful when the data needs to be accessed and manipulated while still encrypted.
References: CompTIA Security+ Study Guide, Exam SY0-601, Chapter 6
Topic 2, Exam Set 2
Question #:6 - (Exam Topic 2)
A security analyst is reviewing computer logs because a host was compromised by malware After the computer was infected it displayed an error screen and shut down. Which of the following should the analyst review first to determine more information?
Dump file
System log
Web application log
Security too
Answer: A
Explanation
A dump file is the first thing that a security analyst should review to determine more information about a compromised device that displayed an error screen and shut down. A dump file is a file that contains a snapshot of the memory contents of a device at the time of a system crash or error. A dump file can help a security analyst analyze the cause and source of the crash or error, as well as identify any malicious code or activity that may have triggered it.
References: https://www.comptia.org/certifications/security#examdetails
https://www.comptia.org/content/guides/comptia-security-sy0-601-exam-objectives https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/introduction-to-crash-dump-files
Question #:7 - (Exam Topic 2)
A security engineer is investigating a penetration test report that states the company website is vulnerable to a web application attack. While checking the web logs from the time of the test, the engineer notices several invalid web form submissions using an unusual address: "SELECT * FROM customername”. Which of the following is most likely being attempted?
Directory traversal
SQL injection
Privilege escalation
Cross-site scripting
Answer: B
Explanation
SQL injection is a web application attack that involves inserting malicious SQL statements into an input field, such as a web form, to manipulate or access the database behind the application. SQL injection can be used to perform various actions, such as reading, modifying, or deleting data, executing commands on the database server, or bypassing authentication. In this scenario, the attacker is trying to use a SQL statement “SELECT * FROM customername” to retrieve all data from the customername table in the database.
Question #:8 - (Exam Topic 2)
A security team discovered a large number of company-issued devices with non-work-related software installed. Which of the following policies would most likely contain language that would prohibit this activity?
NDA BPA AUP SLA
Answer: C
Explanation
AUP stands for acceptable use policy, which is a document that defines the rules and guidelines for using an organization’s network, systems, devices, and resources. An AUP typically covers topics such as authorized and unauthorized activities, security requirements, data protection, user responsibilities, and consequences for violations. An AUP can help prevent non-work-related software installation on company-issued devices by clearly stating what types of software are allowed or prohibited, and what actions will be taken if users do not comply with the policy.
References: https://www.comptia.org/certifications/security#examdetails
https://www.comptia.org/content/guides/comptia-security-sy0-601-exam-objectives
https://www.techopedia.com/definition/2471/acceptable-use-policy-aup
Question #:9 - (Exam Topic 2)
A contractor overhears a customer recite their credit card number during a confidential phone call. The credit card Information is later used for a fraudulent transaction. Which of the following social engineering techniques describes this scenario?
Shoulder surfing
Watering hole
Vishing
Tailgating
Answer: A
Explanation
Shoulder surfing is a social engineering technique that involves looking over someone’s shoulder to see what they are typing, writing, or viewing on their screen. It can be used to steal passwords, PINs, credit card numbers, or other sensitive information. In this scenario, the contractor used shoulder surfing to overhear the customer’s credit card number during a phone call.
Question #:10 - (Exam Topic 2)
A global pandemic is forcing a private organization to close some business units and reduce staffing at others. Which of the following would be best to help the organization's executives determine their next course of action?
A. B. C. D.
An incident response plan
A communication plan
A disaster recovery plan
A business continuity plan
Answer: D
Explanation
A business continuity plan (BCP) is a document that outlines how an organization will continue its critical functions during and after a disruptive event, such as a natural disaster, pandemic, cyberattack, or power outage. A BCP typically covers topics such as business impact analysis, risk assessment, recovery strategies, roles and responsibilities, communication plan, testing and training, and maintenance and review. A BCP can help the organization’s executives determine their next course of action by providing them with a clear framework and guidance for managing the crisis and resuming normal operations.
References: https://www.comptia.org/certifications/security#examdetails
https://www.comptia.org/content/guides/comptia-security-sy0-601-exam-objectives
https://www.ready.gov/business-continuity-plan
About examout.co
examout.co was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam Questions, Study Guides, Practice Tests.
We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on.
View list of all certification exams: All vendors
We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed below.
Sales: sales@examout.co
Feedback: feedback@examout.co
Support: support@examout.co
Any problems about IT certification or our products, You can write us back and we will get back to you within 24 hours.