New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

SY0-601 Exam Dumps - CompTIA Security+ Exam 2023

Go to page:
Question # 33

A company wants to modify its current backup strategy to modify its current backup strategy to minimize the number of backups that would need to be restored in case of data loss. Which of the following would be the BEST backup strategy

A.

Incremental backups followed by differential backups

B.

Full backups followed by incremental backups

C.

Delta backups followed by differential backups

D.

Incremental backups followed by delta backups

E.

Full backup followed by different backups

Full Access
Question # 34

After gaining access to a dual-homed (i.e.. wired and wireless) multifunction device by exploiting a vulnerability in the device's firmware, a penetration tester then gains shell access on another networked asset This technique is an example of:

A.

privilege escalation

B.

footprinting

C.

persistence

D.

pivoting.

Full Access
Question # 35

Which of the following are the MOST likely vectors for the unauthorized inclusion of vulnerable code in a software company’s final software releases? (Select TWO.)

A.

Unsecure protocols

B.

Use of penetration-testing utilities

C.

Weak passwords

D.

Included third-party libraries

E.

Vendors/supply chain

F.

Outdated anti-malware software

Full Access
Question # 36

An organization decided not to put controls in place because of the high cost of implementing the controls compared to the cost of a potential fine. Which of the following risk management strategies is the organization following?

A.

Transference

B.

Avoidance

C.

Mitigation

D.

Acceptance

Full Access
Question # 37

The Chief Technology Officer of a local college would like visitors to utilize the school's WiFi but must be able to associate potential malicious activity to a specific person. Which of the following would BEST allow this objective to be met?

A.

Requiring all new, on-site visitors to configure their devices to use WPS

B.

Implementing a new SSID for every event hosted by the college that has visitors

C.

Creating a unique PSK for every visitor when they arrive at the reception area

D.

Deploying a captive portal to capture visitors' MAC addresses and names

Full Access
Question # 38

An account was disabled atter several failed and successful login connections were made from various parts of the Word at various times. A security analysts investigating the issue. Which of the following account policies most likely triggered the action to disable the

A.

Time based logins

B.

Password history

C.

Geofencing

D.

Impossible travel time

Full Access
Question # 39

When planning to build a virtual environment, an administrator need to achieve the following,

•Establish polices in Limit who can create new VMs

•Allocate resources according to actual utilization‘

•Require justification for requests outside of the standard requirements.

•Create standardized categories based on size and resource requirements

Which of the following is the administrator MOST likely trying to do?

A.

Implement IaaS replication

B.

Product against VM escape

C.

Deploy a PaaS

D.

Avoid VM sprawl

Full Access
Question # 40

Which of the following would be best to ensure data is saved to a location on a server, is easily scaled, and is centrally monitored?

A.

 Edge computing

B.

Microservices

C.

Containers

D.

Thin client

Full Access
Go to page: