New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

SY0-601 Exam Dumps - CompTIA Security+ Exam 2023

Go to page:
Question # 241

The Chief Information Security Officer wants to put security measures in place to protect Pll. The organization needs to use its existing labeling and classification system to accomplish this goal. Which of the following would most likely be configured to meet the requirements?

A.

Tokenization

B.

S/MIME

C.

DLP

D.

MFA

Full Access
Question # 242

An application server is published directly on the internet with a public IP address Which of the following should the administrator use to monitor the application traffic?

A.

WAF

B.

Content filter

C.

NAT

D.

Perimeter network

Full Access
Question # 243

Which of the following alert types is the most likely to be ignored over time?

A.

True positive

B.

True negative

C.

False positive

D.

False negative

Full Access
Question # 244

After a recent vulnerability scan, a security engineer needs to harden the routers within the corporate network. Which of the following is the most appropriate to disable?

A.

Console access

B.

Routing protocols

C.

VLANs

D.

Web-based administration

Full Access
Question # 245

The security operations center is researching an event concerning a suspicious IP address. A security analyst looks at the following event logs and discovers that a significant portion of the user accounts have experienced failed log-in attempts when authenticating event logs and discovers that a significant portion of the user accounts have experienced failed log-in attempts when authenticating from the same IP address:

Which of the following most likely describes the attack that took place?

A.

Spraying

B.

Brute-force

C.

Dictionary

D.

Rainbow table

Full Access
Question # 246

Which of the following is the phase in the incident response process when a security analyst reviews roles and responsibilities?

A.

Prepara

B.

Recovery

C.

Lessons learned

D.

Analysis

Full Access
Question # 247

Which of the following is required for an organization to properly manage its restore process in the event of system failure?

A.

IRP

B.

DRP

C.

RPO

D.

SDLC

Full Access
Question # 248

A system^ administrator performs a quick scan of an organization's domain controller and finds the following:

Which of the following vulnerabilities does this output represent?

A.

Unnecessary open ports

B.

Insecure protocols

C.

Misconfigured firewall

D.

Weak user permissions

Full Access
Go to page: