New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

SY0-601 Exam Dumps - CompTIA Security+ Exam 2023

Go to page:
Question # 65

A company is launching a website in a different country in order to capture user information that a marketing business can use. The company itself will not be using the information. Which

of the following roles is the company assuming?

A.

Data owner

B.

Data processor

C.

Data steward

D.

Data collector

Full Access
Question # 66

A systems analyst is responsible for generating a new digital forensics chain -of- custody form Which of the following should the analyst include in this documentation? (Select two).

A.

The order of volatility

B.

A forensics NDA

C.

The provenance of the artifacts

D.

The vendor's name

E.

The date and time

F.

A warning banner

Full Access
Question # 67

Which of the following best describes the situation where a successfully onboarded employee who is using a fingerprint reader is denied access at the company's mam gate?

A.

Crossover error rate

B.

False match raw

C.

False rejection

D.

False positive

Full Access
Question # 68

Which of the following can be used to detect a hacker who is stealing company data over port 80?

A.

Web application scan

B.

Threat intelligence

C.

Log aggregation

D.

Packet capture

Full Access
Question # 69

A network architect wants a server to have the ability to retain network availability even if one of the network switches it is connected to goes down. Which of the following should the architect implement on the server to achieve this goal?

A.

RAID

B.

UPS

C.

NIC teaming

D.

Load balancing

Full Access
Question # 70

A security practitioner is performing due diligence on a vendor that is being considered for cloud services. Which of the following should the practitioner consult for the best insight into the

current security posture of the vendor?

A.

PCI DSS standards

B.

SLA contract

C.

CSF framework

D.

SOC 2 report

Full Access
Question # 71

A security administrator Is managing administrative access to sensitive systems with the following requirements:

• Common login accounts must not be used (or administrative duties.

• Administrative accounts must be temporal in nature.

• Each administrative account must be assigned to one specific user.

• Accounts must have complex passwords.

• Audit trails and logging must be enabled on all systems.

Which of the following solutions should the administrator deploy to meet these requirements?

A.

ABAC

B.

SAML

C.

PAM

D.

CASB

Full Access
Question # 72

Which of the following can be used to calculate the total loss expected per year due to a threat targeting an asset?

A.

EF x asset value

B.

ALE / SLE

C.

MTBF x impact

D.

SLE x ARO

Full Access
Go to page: