New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

SY0-601 Exam Dumps - CompTIA Security+ Exam 2023

Go to page:
Question # 257

An organization is concerned about intellectual property theft by employees who leave the organization Which of the following should the organization most likely implement?

A.

CBT

B.

NDA

C.

MOU

D.

AUP

Full Access
Question # 258

A secondly administration is trying to determine whether a server is vulnerable to a range of attacks After using a tool, the administrator obtains the following output.

Which of the following attacks was successfully implemented based on the output?

A.

Memory leak

B.

Race condition

C.

SQL injection

D.

Directory traversal

Full Access
Question # 259

Which of the following is the most common data loss path for an air-gapped network?

A.

Bastion host

B.

Unsecured Bluetooth

C.

Unpatched OS

D.

Removable devices

Full Access
Question # 260

A user's login credentials were recently compromised During the investigation, the security analyst determined the user input credentials into a pop-up window when prompted to confirm the username and password However the trusted website does not use a pop-up for entering user colonials Which of the following attacks occurred?

A.

Cross-site scripting

B.

SOL injection

C.

DNS poisoning

D.

Certificate forgery

Full Access
Question # 261

Which of the following security controls is used to isolate a section of the network and its externally available resources from the internal corporate network in order to reduce the number of possible attacks?

A.

Faraday cages

B.

Air gap

C.

Vaulting

D.

Proximity readers

Full Access
Question # 262

A security analyst is creating baselines for the server team to follow when hardening new devices for deployment. Which of the following best describes what the analyst is creating?

A.

Change management procedure

B.

Information security policy

C.

Cybersecurity framework

D.

Secure configuration guide

Full Access
Question # 263

A company currently uses passwords for logging in to company-owned devices and wants to add a second authentication factor Per corporate policy, users are not allowed to have smartphones at their desks Which of the following would meet these requirements?

A.

Smart card

B.

PIN code

C.

Knowledge-based question

D.

Secret key

Full Access
Question # 264

A security engineer needs to recommend a solution to defend against malicious actors misusing protocols and being allowed through network defenses. Which of the following will the engineer most likely recommended?

A.

A content filter

B.

AWAF

C.

A next-generation firewall

D.

An IDS

Full Access
Go to page: