CompTIA Security+ Exam 2021 SY0-601 Real Dumps

1. A cybersecurity manager has scheduled biannual meetings with the IT team and department leaders to discuss how they would respond to hypothetical cyberattacks. During these meetings, the manager presents a scenario and injects additional information throughout the session to replicate what might occur in a dynamic cybersecurity event involving the company, its facilities, its data, and its staff.

Which of the following describes what the manager is doing?

2. A company has drafted an insider-threat policy that prohibits the use of external storage devices.

Which of the following would BEST protect the company from data exfiltration via removable media?

3. Which of the following is the purpose of a risk register?

4. Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?

5. A security analyst receives a SIEM alert that someone logged in to the appadmin test account, which is only used for the early detection of attacks.

The security analyst then reviews the following application log:

Which of the following can the security analyst conclude?

6. A recently discovered zero-day exploit utilizes an unknown vulnerability in the SMB network protocol to rapidly infect computers. Once infected, computers are encrypted and held for ransom.

Which of the following would BEST prevent this attack from reoccurring?

7. Which of the following would be the BEST method for creating a detailed diagram of wireless access points and hot-spots?

8. A company’s bank has reported that multiple corporate credit cards have been stolen over the past several weeks. The bank has provided the names of the affected cardholders to the company’s forensics team to assist in the cyber-incident investigation.

An incident responder learns the following information:

- The timeline of stolen card numbers corresponds closely with affected users making Internet-based purchases from diverse websites via enterprise desktop PCs.

- All purchase connections were encrypted, and the company uses an SSL inspection proxy for the inspection of encrypted traffic of the hardwired network.

- Purchases made with corporate cards over the corporate guest WiFi network,

where no SSL inspection occurs, were unaffected.

Which of the following is the MOST likely root cause?

9. A company recently set up an e-commerce portal to sell its product online. The company wants to start accepting credit cards for payment, which requires compliance with a security standard.

Which of the following standards must the company comply with before accepting credit cards on its e-commerce platform?

10. Which of the following is MOST likely to outline the roles and responsibilities of data controllers and data processors?

11. A network administrator needs to build out a new datacenter, with a focus on resiliency and uptime.

Which of the following would BEST meet this objective? (Choose two.)

12. An employee has been charged with fraud and is suspected of using corporate assets.

As authorities collect evidence, and to preserve the admissibility of the evidence, which of the following forensic techniques should be used?

13. An organization needs to implement more stringent controls over administrator/root credentials and service accounts.

Requirements for the project include:

- Check-in/checkout of credentials

- The ability to use but not know the password

- Automated password changes

- Logging of access to credentials

Which of the following solutions would meet the requirements?

14. Phishing and spear-phishing attacks have been occurring more frequently against a company’s staff.

Which of the following would MOST likely help mitigate this issue?

15. A security analyst is reviewing a new website that will soon be made publicly available.

The analyst sees the following in the URL:

http://dev-site.comptia.org/home/show.php?sessionID=77276554&loc=us

The analyst then sends an internal user a link to the new website for testing purposes, and when the user clicks the link, the analyst is able to browse the website with the following URL:

http://dev-site.comptia.org/home/show.php?sessionID=98988475&loc=us

Which of the following application attacks is being tested?

16. A network engineer needs to build a solution that will allow guests at the company’s headquarters to access the Internet via WiFi. This solution should not allow access to the internal corporate network, but it should require guests to sign off on the acceptable use policy before accessing the Internet.

Which of the following should the engineer employ to meet these requirements?

17. Which of the following would MOST likely support the integrity of a voting machine?

18. Which of the following BEST explains the reason why a server administrator would place a document named password.txt on the desktop of an administrator account on a server?

19. Which of the following cloud models provides clients with servers, storage, and networks but nothing else?

20. A company processes highly sensitive data and senior management wants to protect the sensitive data by utilizing classification labels.

Which of the following access control schemes would be BEST for the company to implement?