New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

SY0-601 Exam Dumps - CompTIA Security+ Exam 2023

Go to page:
Question # 289

A security administrator recently reset local passwords and the following values were recorded in the system:

Which of the following is the security administrator most likely protecting against?

A.

Account sharing

B.

Weak password complexity

C.

Pass-the-hash attacks

D.

Password compromise

Full Access
Question # 290

Which of the following has the ability to physically verify individuals who enter and exit a restricted area?

A.

Barricade

B.

Access control vestibule

C.

Access log

D.

Gait analysis

Full Access
Question # 291

The manager who is responsible for a data set has asked a security engineer to apply encryption to the data on a hard disk. The security engineer is an example of a:

A.

data controller

B.

data owner.

C.

data custodian.

D.

data processor

Full Access
Question # 292

A Chief Security Officer (CSO) is concerned that cloud-based services are not adequately protected from advanced threats and malware. The CSO believes there is a high risk that a data breach could occur in the near future due to the lack of detective and preventive controls Which of the following should be implemented to best address the CSO's concerns? (Select two).

A.

AWAF

B.

A CASB

C.

An NG-SWG

D.

Segmentation

E.

Encryption

F.

Containenzation

Full Access
Question # 293

Several users have opened tickets with the help desk. The help desk has reassigned the tickets to a security analyst for further review. The security analyst reviews the following metrics:

Which of the following is most likely the result of the security analyst's review?

A.

The ISP is dropping outbound connections.

B.

The user of the Sales-PC fell for a phishing attack.

C.

Corporate PCs have been turned into a botnet.

D.

An on-path attack is taking place between PCs and the router.

Full Access
Question # 294

A software company adopted the following processes before releasing software to production

• Peer review

• Static code scanning

• Signing

A considerable number of vulnerabilities are still being detected when code is executed on production Which of the following security tools can improve vulnerability detection on this environment?

A.

File integrity monitoring for the source code

B.

Dynamic code analysis tool

C.

Encrypted code repository

D.

Endpoint detection and response solution

Full Access
Question # 295

An endpoint protection application contains critical elements that are used to protect a system from infection. Which of the following must be updated before completing a weekly endpoint check?

A.

Policy engine

B.

Policy updates

C.

Policy definitions

D.

Policy signatures

Full Access
Question # 296

During a recent penetration test, a tester plugged a laptop into an Ethernet port in an unoccupied conference room and obtained a valid IP address. Which of the following would have best prevented this avenue of attack?

A.

Enabling MAC address filtering

B.

Moving printers inside a firewall

C.

Implementing 802.IX

D.

Using network port security

Full Access
Go to page: