New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

SY0-601 Exam Dumps - CompTIA Security+ Exam 2023

Go to page:
Question # 105

A junior security analyst is reviewing web server logs and identifies the following pattern in the log file:

Which ol the following types of attacks is being attempted and how can it be mitigated?

A.

XSS. mplement a SIEM

B.

CSRF. implement an IPS

C.

Directory traversal implement a WAF

D.

SQL infection, mplement an IDS

Full Access
Question # 106

A global company is experiencing unauthorized logging due to credential theft and account lockouts caused by brute-force attacks. The company is considering implementing a third-party identity provider to help mitigate these attacks. Which of the following would be the BEST control for the company to require from prospective vendors?

A.

IP restrictions

B.

Multifactor authentication

C.

A banned password list

D.

A complex password policy

Full Access
Question # 107

A company installed several crosscut shredders as part of increased information security practices targeting data leakage risks. Which of the following will this practice reduce?

A.

Dumpster diving

B.

Shoulder surfing

C.

Information elicitation

D.

Credential harvesting

Full Access
Question # 108

A security professional wants to enhance the protection of a critical environment that is Used to store and manage a company's encryption keys. The selected technology should be tamper resistant. Which of the following should the security professional implement to achieve the goal?

A.

DLP

B.

HSM

C.

CA

D.

FIM

Full Access
Question # 109

An attacker replaces a digitally signed document with another version that goes unnoticed Upon reviewing the document's contents the author notices some additional verbiage that was not originally in the document but cannot validate an integrity issue. Which of the following attacks was used?

A.

Cryptomalware

B.

Hash substitution

C.

Collision

D.

Phishing

Full Access
Question # 110

Which of the following must be in place before implementing a BCP?

A.

SLA

B.

AUP

C.

NDA

D.

BIA

Full Access
Question # 111

During an incident, a company's CIRT determines it is necessary to observe the continued network-based transactions between a callback domain and the malware running on an enterprise PC. Which

of the following techniques would be BEST to enable this activity while reducing the nsk of lateral spread and the risk that the adversary would notice any changes?

A.

Physically move the PC to a separate Internet point of presence.

B.

Create and apply microsegmentation rules,

C.

Emulate the malware in a heavily monitored DMZ segment

D.

Apply network blacklisting rules for the adversary domain

Full Access
Question # 112

A security administrator is setting up a SIEM to help monitor for notable events across the enterprise. Which of the following control types does this BEST represent?

A.

Preventive

B.

Compensating

C.

Corrective

D.

Detective

Full Access
Go to page: