New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

SY0-601 Exam Dumps - CompTIA Security+ Exam 2023

Go to page:
Question # 177

A network manager is concerned that business may be negatively impacted if the firewall in its data center goes offline. The manager would like to implement a high availability pair to:

A.

decrease the mean time between failures.

B.

remove the single point of failure.

C.

cut down the mean time to repair

D.

reduce the recovery time objective

Full Access
Question # 178

During an assessment, a systems administrator found several hosts running FTP and decided to immediately block FTP communications at the firewall. Which of the following describes the

greatest risk associated with using FTP?

A.

Private data can be leaked

B.

FTP is prohibited by internal policy.

C.

Users can upload personal files

D.

Credentials are sent in cleartext.

Full Access
Question # 179

During a recent security assessment, a vulnerability was found in a common OS. The OS vendor was unaware of the issue and promised to release a patch within the next quarter. Which of the following best describes this type of vulnerability?

A.

Legacy operating system

B.

Weak configuration

C.

Zero day

D.

Supply chain

Full Access
Question # 180

Which Of the following is a primary security concern for a setting up a BYOD program?

A.

End of life

B.

Buffer overflow

C.

VM escape

D.

Jailbreaking

Full Access
Question # 181

To reduce and limit software and infrastructure costs the Chief Information Officer has requested to move email services to the cloud. The cloud provider and the organization must have secunty controls to protect sensitive data Which of the following cloud services would best accommodate the request?

A.

laaS

B.

PaaS

C.

DaaS

D.

SaaS

Full Access
Question # 182

Which of the following terms should be included in a contract to help a company monitor the ongo-ing security maturity Of a new vendor?

A.

A right-to-audit clause allowing for annual security audits

B.

Requirements for event logs to kept for a minimum of 30 days

C.

Integration of threat intelligence in the companys AV

D.

A data-breach clause requiring disclosure of significant data loss

Full Access
Question # 183

A company recently experienced a significant data loss when proprietary information was leaked to a competitor. The company took special precautions by using proper labels; however, email filter logs do not have any record of the incident. An investigation confirmed the corporate network was not breached, but documents were downloaded from an employee's COPE tablet and passed to the competitor via cloud storage. Which of the following is the best mitigation strategy to prevent this from happening in the future?

A.

User training

B.

CAsB

C.

MDM

D.

EDR

Full Access
Question # 184

A security administrator needs to inspect in-transit files on the enterprise network to search for PI I credit card data, and classification words Which of the following would be the best to use?

A.

IDS solution

B.

EDR solution

C.

HIPS software solution

D.

Network DLP solution

Full Access
Go to page: