Updated CompTIA Security+ SY0-601 Exam Dumps

1. Which of the following allows for functional test data to be used in new systems for testing and training purposes to protect the read data?

2. A network engineer needs to build a solution that will allow guests at the company’s headquarters to access the Internet via WiFi. This solution should not allow access to the internal corporate network, but it should require guests to sign off on the acceptable use policy before accessing the Internet.

Which of the following should the engineer employ to meet these requirements?

3. Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?

4. In which of the following risk management strategies would cybersecurity insurance be used?

5. A company's Chief Information Office (CIO) is meeting with the Chief Information Security Officer (CISO) to plan some activities to enhance the skill levels of the company's developers.

Which of the following would be MOST suitable for training the developers'?

6. A manufacturer creates designs for very high security products that are required to be protected and controlled by the government regulations. These designs are not accessible by corporate networks or the Internet.

Which of the following is the BEST solution to protect these designs?

7. A company has drafted an insider-threat policy that prohibits the use of external storage devices.

Which of the following would BEST protect the company from data exfiltration via removable media?

8. An organization just experienced a major cyberattack modem. The attack was well coordinated sophisticated and highly skilled.

Which of the following targeted the organization?

9. Company engineers regularly participate in a public Internet forum with other engineers throughout the industry.

Which of the following tactics would an attacker MOST likely use in this scenario?

10. Which of the following relets to applications and systems that are used within an organization without consent or approval?

11. Which of the following would be BEST to establish between organizations that have agreed cooperate and are engaged in early discussion to define the responsibilities of each party, but do not want to establish a contractually binding agreement?

12. A security administrator checks the table of a network switch, which shows the following output:

Which of the following is happening to this switch?

13. A system administrator needs to implement an access control scheme that will allow an object’s access policy be determined by its owner.

Which of the following access control schemes BEST fits the requirements?

14. An organization wants to implement a third factor to an existing multifactor authentication. The organization already uses a smart card and password.

Which of the following would meet the organization’s needs for a third factor?

15. Which of the following BEST describes a security exploit for which a vendor patch is not readily available?

16. A network administrator needs to build out a new datacenter, with a focus on resiliency and uptime.

Which of the following would BEST meet this objective? (Choose two.)

17. A financial organization has adopted a new secure, encrypted document-sharing application to help with its customer loan process. Some important PII needs to be shared across this new platform, but it is getting blocked by the DLP systems.

Which of the following actions will BEST allow the PII to be shared with the secure application without compromising the organization’s security posture?

18. An organization has implemented a policy requiring the use of conductive metal lockboxes for personal electronic devices outside of a secure research lab.

Which of the following did the organization determine to be the GREATEST risk to intellectual property when creating this policy?

19. Which of the following organizational policies are MOST likely to detect fraud that is being conducted by existing employees? (Select TWO).

20. A security analyst has been asked to investigate a situation after the SOC started to receive alerts from the SIEM.

The analyst first looks at the domain controller and finds the following events:

To better understand what is going on, the analyst runs a command and receives the following output:

Based on the analyst’s findings, which of the following attacks is being executed?

21. Which of the following scenarios BEST describes a risk reduction technique?

22. An organization with a low tolerance for user inconvenience wants to protect laptop hard drives against loss or data theft.

Which of the following would be the MOST acceptable?

23. An end user reports a computer has been acting slower than normal for a few weeks. During an investigation, an analyst determines the system is sending the user's email address and a ten-digit number to an IP address once a day.

The only recent log entry regarding the user's computer is the following:

Which of the following is the MOST likely cause of the issue?

24. A company processes highly sensitive data and senior management wants to protect the sensitive data by utilizing classification labels.

Which of the following access control schemes would be BEST for the company to implement?

25. A company provides mobile devices to its users to permit access to email and enterprise applications. The company recently started allowing users to select from several different vendors and device models.

When configuring the MDM, which of the following is a key security implication of this heterogeneous device approach?

26. An engineer wants to access sensitive data from a corporate-owned mobile device. Personal data is not allowed on the device.

Which of the following MDM configurations must be considered when the engineer travels for business?

27. A technician needs to prevent data loss in a laboratory. The laboratory is not connected to any external networks.

Which of the following methods would BEST prevent the exfiltration of data? (Select TWO).

28. A security analyst is looking for a solution to help communicate to the leadership team the seventy levels of the organization’s vulnerabilities.

Which of the following would BEST meet this need?

29. A cybersecurity administrator needs to add disk redundancy for a critical server. The solution must have a two- drive failure for better fault tolerance.

Which of the following RAID levels should the administrator select?

30. Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?

31. A security administrator needs to create a RAIS configuration that is focused on high read speeds and fault tolerance. It is unlikely that multiple drivers will fail simultaneously.

Which of the following RAID configurations should the administration use?

32. A symmetric encryption algorithm Is BEST suited for:

33. A security analyst is investigation an incident that was first reported as an issue connecting to network shares and the internet, While reviewing logs and tool output, the analyst sees the following:

Which of the following attacks has occurred?

34. A software developer needs to perform code-execution testing, black-box testing, and non-functional testing on a new product before its general release.

Which of the following BEST describes the tasks the developer is conducting?

35. An analyst needs to identify the applications a user was running and the files that were open before the user’s computer was shut off by holding down the power button.

Which of the following would MOST likely contain that information?

36. A cybersecurity analyst reviews the log files from a web server and sees a series of files that indicates a directory-traversal attack has occurred.

Which of the following is the analyst MOST likely seeing?

A)

B)

C)

D)

37. A small company that does not have security staff wants to improve its security posture.

Which of the following would BEST assist the company?

38. A security analyst reviews the datacenter access logs for a fingerprint scanner and notices an abundance of errors that correlate with users' reports of issues accessing the facility.

Which of the following MOST likely the cause of the cause of the access issues?

39. A company's Chief Information Security Officer (CISO) recently warned the security manager that the company’s Chief Executive Officer (CEO) is planning to publish a controversial option article in a national newspaper, which may result in new cyberattacks.

Which of the following would be BEST for the security manager to use in a threat mode?

40. A university with remote campuses, which all use different service providers, loses Internet connectivity across all locations. After a few minutes, Internet and VoIP services are restored, only to go offline again at random intervals, typically within four minutes of services being restored. Outages continue throughout the day, impacting all inbound and outbound connections and services. Services that are limited to the local LAN or WiFi network are not impacted, but all WAN and VoIP services are affected.

Later that day, the edge-router manufacturer releases a CVE outlining the ability of an attacker to exploit the SIP protocol handling on devices, leading to resource exhaustion and system reloads.

Which of the following BEST describe this type of attack? (Choose two.)

41. When used at the design stage, which of the following improves the efficiency, accuracy, and speed of a database?

42. A security analyst needs to implement an MDM solution for BYOD users that will allow the company to retain control over company emails residing on the devices and limit data exfiltration that might occur if the devices are lost or stolen.

Which of the following would BEST meet these requirements? (Select TWO).

43. An analyst needs to set up a method for securely transferring files between systems. One of the requirements is to authenticate the IP header and the payload.

Which of the following services would BEST meet the criteria?

44. A security administrator currently spends a large amount of time on common security tasks, such aa report generation, phishing investigations, and user provisioning and deprovisioning This prevents the administrator from spending time on other security projects. The business does not have the budget to add more staff members.

Which of the following should the administrator implement?

45. A recent audit uncovered a key finding regarding the use of a specific encryption standard in a web application that is used to communicate with business customers. Due to the technical limitations of its customers the company is unable to upgrade the encryption standard.

Which of the following types of controls should be used to reduce the risk created by this scenario?

46. A network engineer needs to create a plan for upgrading the wireless infrastructure in a large office Priority must be given to areas that are currently experiencing latency and connection issues.

Which of the following would be the BEST resource for determining the order of priority?

47. A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices.

Which of the following technologies would be BEST to balance the BYOD culture while also protecting the company’s data?

48. A company recently set up an e-commerce portal to sell its product online. The company wants to start accepting credit cards for payment, which requires compliance with a security standard.

Which of the following standards must the company comply with before accepting credit cards on its e-commerce platform?

49. A malicious actor recently penetration a company’s network and moved laterally to the datacenter. Upon investigation, a forensics firm wants to know was in the memory on the compromised server.

Which of the following files should be given to the forensics firm?

50. An analyst visits an internet forum looking for information about a tool. The analyst finds a threat that appears to contain relevant information.

One of the posts says the following:

Which of the following BEST describes the attack that was attempted against the forum readers?

51. A security administrator suspects there may be unnecessary services running on a server.

Which of the following tools will the administrator MOST likely use to confirm the suspicions?

52. On which of the following is the live acquisition of data for forensic analysis MOST dependent? (Choose two.)

53. A company is implementing MFA for all applications that store sensitive data. The IT manager wants MFA to be non-disruptive and user friendly.

Which of the following technologies should the IT manager use when implementing MFA?

54. Which of the following describes the BEST approach for deploying application patches?

55. A Chief Executive Officer's (CEO) personal information was stolen in a social engineering attack.

Which of the following sources would reveal if the CEO's personal information is for sale?

56. The following is an administrative control that would be MOST effective to reduce the occurrence of malware execution?

57. Which of the following BEST explains the reason why a server administrator would place a document named password.txt on the desktop of an administrator account on a server?

58. A vulnerability assessment report will include the CVSS score of the discovered vulnerabilities because the score allows the organization to better.

59. After a ransomware attack a forensics company needs to review a cryptocurrency transaction between the victim and the attacker.

Which of the following will the company MOST likely review to trace this transaction?

60. Which of the following would MOST likely support the integrity of a voting machine?

61. A company has determined that if its computer-based manufacturing is not functioning for 12 consecutive hours, it will lose more money that it costs to maintain the equipment.

Which of the following must be less than 12 hours to maintain a positive total cost of ownership?

62. Which of the following control sets should a well-written BCP include? (Select THREE)

63. Which of the following technical controls is BEST suited for the detection and prevention of buffer overflows on hosts?

64. A company has limited storage available and online presence that cannot for more than four hours.

Which of the following backup methodologies should the company implement to allow for the FASTEST database restore time In the event of a failure, which being maindful of the limited available storage space?

65. The manager who is responsible for a data set has asked a security engineer to apply encryption to the data on a hard disk. The security engineer is an example of a:

66. The Chief Security Officer (CSO) at a major hospital wants to implement SSO to help improve in the environment patient data, particularly at shared terminals. The Chief Risk Officer (CRO) is concerned that training and guidance have been provided to frontline staff, and a risk analysis has not been performed.

Which of the following is the MOST likely

cause of the CRO’s concerns?

67. Which of the following disaster recovery tests is The LEAST time-consuming for the disaster recovery team?

68. Which of the following describes the ability of code to target a hypervisor from inside

69. Which of the following cloud models provides clients with servers, storage, and networks

but nothing else?

70. A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use.

Which of the following should the engineer do to determine the issue? (Choose two.)