New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

SY0-601 Exam Dumps - CompTIA Security+ Exam 2023

Go to page:
Question # 249

A security analyst is responding to a malware incident at a company. The malware connects to a command-and-control server on the internet in order to function. Which of the following should the security analyst implement first?

A.

Network segmentation

B.

IP-based firewall rules

C.

Mobile device management

D.

Content filter

Full Access
Question # 250

Which of the following is the first step to take when creating an anomaly detection process?

A.

Selecting events

B.

Building a baseline

C.

Selecting logging options

D.

Creating an event log

Full Access
Question # 251

A security analyst is investigating a workstation that is suspected of outbound communication to a command-and-control server. During the investigation, the analyst discovered that logs on the endpoint were deleted. Which of the following logs would the analyst most likely look at next?

A.

IPS

B.

Firewall

C.

ACL

D.

Windows security

Full Access
Question # 252

A systems administrator is concerned about the output from web server logs Given the following snippet of the web server log file:

Which of the following attacks occurred?

A.

Cross-site scripting

B.

Buffer overflow

C.

Directory traversal

D.

SQL injection

Full Access
Question # 253

A company needs to keep the fewest records possible meet compliance needs, and ensure destruction of records that are no longer needed Which of the following best describes the policy that meets these requirements?

A.

Security policy

B.

Classification policy

C.

Retention policy

D.

Access control policy

Full Access
Question # 254

Several employees received a fraudulent text message from someone claiming to be the Chief Executive Officer (CEO). The message stated:

'Tm in an airport right now with no access to email. I need you to buy gift cards for employee recognition awards. Please send the gift cards to following email address."

Which of the following are the best responses to this situation? (Select two).

A.

Cancel current employee recognition gift cards.

B.

Add a smishing exercise to the annual company training.

C.

Issue a general email warning to the company.

D.

Have the CEO change phone numbers.

E.

Conduct a forensic investigation on the CEO's phone.

F.

Implement mobile device management.

Full Access
Question # 255

In order to strengthen a password and prevent a hacker from cracking it, a random string of 36 characters was added to the password. Which of the following best describes this technique?

A.

Key stretching

B.

Tokenization

C.

Data masking

D.

Salting

Full Access
Question # 256

A systems administrator is considering switching from tape backup to an alternative backup solution that would allow data to be readily available in the event of a disaster. Which of the following backup types should the administrator implement?

A.

Copy

B.

Incremental

C.

Cloud

D.

Disk

E.

Storage area network

Full Access
Go to page: