New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

SY0-601 Exam Dumps - CompTIA Security+ Exam 2023

Go to page:
Question # 225

An organization's internet-facing website was compromised when an attacker exploited a buffer overflow. Which of the following should the organization deploy to best protect against similar attacks in the future?

A.

NGFW

B.

WAF

C.

TLS

D.

SD-WAN

Full Access
Question # 226

A security analyst is reviewing the following logs:

[10:00:00 AM] Login rejected - username administrator - password Spring2023

[10:00:01 AM] Login rejected - username jsmith - password Spring2023

[10:00:01 AM] Login rejected - username guest - password Spring2023

[10:00:02 AM] Login rejected - username cpolk - password Spring2023

[10:00:03 AM] Login rejected - username fmarbin - password Spring2023

Which of the following attacks is most likely occurring?

A.

Password spraying

B.

Account forgery

C.

Pass-the-hash

D.

Brute-force

Full Access
Question # 227

The Chief Information Security Officer (CISO) asks a security analyst to install an OS update to a production VM that has a 99% uptime SLA. The CISO tells the analyst the installation must be done as quickly as possible. Which of the following courses of action should the security analyst take first?

A.

Log in to the server and perform a health check on the VM.

B.

Install the patch immediately.

C.

Confirm that the backup service is running.

D.

Take a snapshot of the VM.

Full Access
Question # 228

After an audit, an administrator discovers all users have access to confidential data on a file server. Which of the following should the administrator use to restrict access to the data quickly?

A.

Group Policy

B.

Content filtering

C.

Data loss prevention

D.

Access control lists

Full Access
Question # 229

A security administrator needs a method to secure data in an environment that includes some form of checks so that the administrator can track any changes. Which of the following should the administrator set up to achieve this goal?

A.

SPF

B.

GPO

C.

NAC

D.

FIM

Full Access
Question # 230

Which of the following techniques would most likely be used as a part of an insider threat reduction strategy to uncover relevant indicators?

A.

Blocking known file sharing sites

B.

Requiring credit monitoring

C.

Implementing impossible travel alerts

D.

Performing security awareness training

Full Access
Question # 231

A security analyst finds a rogue device during a monthly audit of current endpoint assets that are connected to the network. The corporate network utilizes 802.1X for access control. To be allowed on the network, a device must have a known hardware address, and a valid username and password must be entered in a captive portal. The following is the audit report:

Which of the following is the most likely way a rogue device was allowed to connect?

A.

A user performed a MAC cloning attack with a personal device.

B.

A DHCP failure caused an incorrect IP address to be distributed.

C.

An administrator bypassed the security controls for testing.

D.

DNS hijacking let an attacker intercept the captive portal traffic.

Full Access
Question # 232

A security administrator needs to improve the security at an entry kiosk. Currently, employees enter an employee number and PIN at a PC to enter the building.

Which of the following is the best solution to improve security at the entry kiosk?

A.

Single sign. On

B.

Smart card

C.

Password

D.

Challenge questions

Full Access
Go to page: