New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

SY0-601 Exam Dumps - CompTIA Security+ Exam 2023

Go to page:
Question # 313

A security analyst wants to fingerprint a web server. Which of the following tools will the security analyst MOST likely use to accomplish this task?

A.

nmap -pl-65535 192.168.0.10

B.

dig 192.168.0.10

C.

curl —head http://192.168-0.10

D.

ping 192.168.0.10

Full Access
Question # 314

Recent changes to a company's BYOD policy require all personal mobile devices to use a two-factor authentication method that is not something you know or have. Which of the following will meet this requirement?

A.

Facial recognition

B.

Six-digit PIN

C.

PKI certificate

D.

Smart card

Full Access
Question # 315

An IT security team is concerned about the confidentiality of documents left unattended in MFPs. Which of the following should the security team do to mitigate the situation?

A.

Educate users about the importance of paper shredder devices.

B.

Deploy an authentication factor that requires in-person action before printing.

C.

Install a software client in every computer authorized to use the MFPs.

D.

Update the management software to utilize encryption.

Full Access
Question # 316

A governance, risk, and compliance team created a report that notes the existence of a chlorine processing facility two miles from one of the company offices. Which of the following describes this type of documentation?

  • Site risk assessment

  • Environmental impact report

  • Disaster recovery plan

A.

Physical risk register

Full Access
Question # 317

Local guidelines require that all information systems meet a minimum security baseline to be compliant Which of the following can security administrators use to assess their system configurations against the baseline?

A.

SOAR playbook

B.

Security control matrix

C.

Risk management framework

D.

Benchmarks

Full Access
Question # 318

Which of the following threat vectors would appear to be the most legitimate when used by a malicious actor to impersonate a company?

A.

Phone call

B.

Instant message

C.

Email

D.

Text message

Full Access
Go to page: