New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

SY0-601 Exam Dumps - CompTIA Security+ Exam 2023

Go to page:
Question # 153

Security analysts notice a server login from a user who has been on vacation for two weeks, The an-alysts confirm that the user did not log in to the system while on vacation After reviewing packet capture the analysts notice the following:

Which of the following occurred?

A.

A buffer overflow was exploited to gain unauthorized access.

B.

The user's account was con-promised, and an attacker changed the login credentials.

C.

An attacker used a pass-the-hash attack to gain access.

D.

An insider threat with username logged in to the account.

Full Access
Question # 154

Which of the following automation use cases would best enhance the security posture Of an organi-zation by rapidly updating permissions when employees leave a company Or change job roles inter-nally?

A.

Provisioning resources

B.

Disabling access

C.

APIs

D.

Escalating permission requests

Full Access
Question # 155

A network engineer is troubleshooting wireless network connectivity issues that were reported by users The issues are occurring only in the section of the building that is closest to the parking lot. Users are intermittently experiencing slow speeds when accessing websites and are unable to connect to network drives. The issues appear to increase when laptop users return to their desks after using their devices in other areas of the building There have also been reports of users being required to enter their credentials on web pages in order to gain access to them Which of the following is the most likely cause of this issue?

A.

An external access point is engaging in an evil-Twin attack

B.

The signal on the WAP needs to be increased in that section of the building

C.

The certificates have expired on the devices and need to be reinstalled

D.

The users in that section of the building are on a VLAN that is being blocked by the firewall

Full Access
Question # 156

A user downloaded an extension for a browser, and the user's device later became infected. The analyst who Is Investigating the Incident saw various logs where the attacker was hiding activity by deleting data. The following was observed running:

New-Partition -DiskNumber 2 -UseMaximumSize -AssignDriveLetter C| Format-Volume -Driveletter C - FileSystemLabel "New"-FileSystem NTFS - Full -Force -Confirm:$false

Which of the following is the malware using to execute the attack?

A.

PowerShell

B.

Python

C.

Bash

D.

Macros

Full Access
Question # 157

An organization is repairing damage after an incident. Which Of the following controls is being implemented?

A.

Detective

B.

Preventive

C.

Corrective

D.

Compensating

Full Access
Question # 158

An organization experiences a cybersecurity incident involving a command-and-control server. Which of the following logs should be analyzed to identify the impacted host? (Select two).

A.

Application

B.

Authentication

C.

Error

D.

Network

E.

Firewall

F.

System

Full Access
Question # 159

An annual information security assessment has revealed that several OS-level configurations are not in compliance due to outdated hardening standards the company is using. Which of the following would be best to use to update and reconfigure the OS-level security configurations?

A.

CIS benchmarks

B.

GDPR guidance

C.

Regional regulations

D.

ISO 27001 standards

Full Access
Question # 160

A security analyst is investigating what appears to be unauthorized access to a corporate web application. The security analyst reviews the web server logs and finds the following entries:

Which of the following password attacks is taking place?

A.

Dictionary

B.

Brute-force

C.

Rainbow table

D.

Spraying

Full Access
Go to page: