New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

SY0-601 Exam Dumps - CompTIA Security+ Exam 2023

Go to page:
Question # 113

A security researcher has alerted an organization that its sensitive user data was found for sale on a website. Which of the following should the organization use to inform the affected parties?

A.

An incident response plan

B.

A communications plan

C.

A business continuity plan

D.

A disaster recovery plan

Full Access
Question # 114

A security analyst is reviewing the vulnerability scan report for a web server following an incident. The vulnerability that was used to exploit the server is present in historical vulnerability scan reports, and a patch is available for the vulnerability. Which of the following is the MOST likely cause?

A.

Security patches were uninstalled due to user impact.

B.

An adversary altered the vulnerability scan reports

C.

A zero-day vulnerability was used to exploit the web server

D.

The scan reported a false negative for the vulnerability

Full Access
Question # 115

Which of the following controls would provide the BEST protection against tailgating?

A.

Access control vestibule

B.

Closed-circuit television

C.

Proximity card reader

D.

Faraday cage

Full Access
Question # 116

A company Is planning to install a guest wireless network so visitors will be able to access the Internet. The stakeholders want the network to be easy to connect to so time is not wasted during meetings. The WAPs are configured so that power levels and antennas cover only the conference rooms where visitors will attend meetings. Which of the following would BEST protect the company's Internal wireless network against visitors accessing company resources?

A.

Configure the guest wireless network to be on a separate VLAN from the company's internal wireless network

B.

Change the password for the guest wireless network every month.

C.

Decrease the power levels of the access points for the guest wireless network.

D.

Enable WPA2 using 802.1X for logging on to the guest wireless network.

Full Access
Question # 117

After a WiFi scan of a local office was conducted, an unknown wireless signal was identified Upon investigation, an unknown Raspberry Pi device was found connected to an Ethernet port using a single connection. Which of the following BEST describes the purpose of this device?

A.

loT sensor

B.

Evil twin

C.

Rogue access point

D.

On-path attack

Full Access
Question # 118

An employee's company account was used in a data breach Interviews with the employee revealed:

• The employee was able to avoid changing passwords by using a previous password again.

• The account was accessed from a hostile, foreign nation, but the employee has never traveled to any other countries.

Which of the following can be implemented to prevent these issues from reoccuring? (Select TWO)

A.

Geographic dispersal

B.

Password complexity

C.

Password history

D.

Geotagging

E.

Password lockout

F.

Geofencing

Full Access
Question # 119

An organization wants to integrate its incident response processes into a workflow with automated decision points and actions based on predefined playbooks. Which of the following should the organization implement?

A.

SIEM

B.

SOAR

C.

EDR

D.

CASB

Full Access
Question # 120

Which of the following would MOST likely be identified by a credentialed scan but would be missed by an uncredentialed scan?

A.

Vulnerabilities with a CVSS score greater than 6.9.

B.

Critical infrastructure vulnerabilities on non-IP protocols.

C.

CVEs related to non-Microsoft systems such as printers and switches.

D.

Missing patches for third-party software on Windows workstations and servers.

Full Access
Go to page: