New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

SY0-601 Exam Dumps - CompTIA Security+ Exam 2023

Go to page:
Question # 297

A security engineer is implementing FDE for all laptops in an organization. Which of the following are the most important for the engineer to consider as part of the planning process? (Select two).

A.

Key escrow

B.

TPM presence

C.

Digital signatures

D.

Data tokenization

E.

Public key management

F.

Certificate authority linking

Full Access
Question # 298

A network manager wants to protect the company's VPN by multifactor authentication that uses:

• Something you know

• Something you have

• Somewhere you are

Which of the following would accomplish the manager's goal?

A.

Domain name, PKI, GeoIP lookup

B.

VPN IP address, company ID, partner site

C.

Password, authentication token, thumbprint

D.

Company URL, TLS certificate, home address

Full Access
Question # 299

An administrator assists the legal and compliance team with ensuring information about customer transactions is archived for the proper time period. Which of the following data policies is the administrator carrying out?

A.

Compromise

B.

Retention

C.

Analysis

D.

Transfer

E.

Inventory

Full Access
Question # 300

The Chief Information Security Officer (CISO) of a bank recently updated the incident response policy. The CISO is concerned that members of the incident response team do not understand their roles. The bank wants to test the policy but with the least amount of resources or impact. Which of the following BEST meets the requirements?

A.

Warm-site failover

B.

Tabletop walk-through

C.

Parallel path testing

D.

Full outage simulation

Full Access
Question # 301

A security analyst was asked to evaluate a potential attack that occurred on a publicly accessible section of the company's website. The malicious actor posted an entry in an attempt to trick users into clicking the following:

Which of the following was most likely observed?

A.

DLL injection

B.

Session replay

C.

SQLi

D.

xss

Full Access
Question # 302

Which of the following is used to quantitatively measure the criticality of a vulnerability?

A.

CVE

B.

CVSS

C.

CIA

D.

CERT

Full Access
Question # 303

Which of the following security controls s sed to isolate a section of the network and its externally available resources from the internal corporate network in order to reduce the number of

possible attacks?

A.

Faraday cages

B.

Air gap

C.

Vaulting

D.

Proximity readers

Full Access
Question # 304

The primary goal of the threat-hunting team at a large company is to identify cyberthreats that the SOC has not detected. Which of the following types of data would the threat-hunting team primarily use to identify systems that are exploitable?

A.

Vulnerability scan

B.

Packet capture

C.

Threat feed

D.

User behavior

Full Access
Go to page: