.png){kind=logo}
1 / 53
CompTIA SECURITY+ SY0-601 EXAM 2023 Questions and Answers (Verified Answers) 1.A security administrator suspects an employee has been emailing propri- etary information to a competitor. Company policy requires the administrator to capture an exact copy of the employee's hard disk.Which of the following should the administrator use?A.dd B.chmod C.dnsenum
D.logger ANS : A
2.DRAG AND DROP SIMULATION (SEE IMAGE): THIS IS THE ORDER
AS FOLLOWS:
ssh-keygen -t rsa ssh-copy-id -i ~/.ssh/id_rsa.pub user@server chmod 644 ~/.ssh/id_rsa ssh root@server 1 / 4
e
2 / 53
3.DROP DOWN SIMULATION (SEE IMAGE) ANS : Firewall 1:DNS Rule "" ANY --> ANY --> DNS --> PERMIT HTTPS Outbound "" 10.0.0.1/24 --> ANY --> HTTPS --> PERMIT Management "" ANY --> ANY --> SSH --> PERMIT HTTPS Inbound "" ANY --> ANY --> HTTPS --> PERMIT HTTP Inbound "" ANY --> ANY --> HTTP -- > DENY
Firewall 2: No changes should be made to this firewall
Firewall 3:DNS Rule "" ANY --> ANY --> DNS -->
PERMIT
HTTPS Outbound "" 192.168.0.1/24 --> ANY --> HTTPS --> PERMIT Management "" ANY --> ANY --> SSH --> PERMIT HTTPS Inbound "" ANY --> ANY --> HTTPS --> PERMIT HTTP Inbound "" ANY --> ANY --> HTTP -- > DENY 4.DRAG AND DROP SIMULATION (SEE ANSWERS IN IMAGE): Se 2 / 4
3 / 53
5.Which of the following will MOST likely adversely impact the operations of unpatched traditional programmable-logic controllers, running a back-end LAMP server and OT systems with human- management interfaces that are accessible over the Internet via a web interface? (Choose two.) A.Cross-site scripting B.Data exfiltration C.Poor system logging D.Weak encryption E.SQL injection
F.Server-side request forgery ANS : DF
6.A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices.Which of the following technologies would be BEST to balance the BYOD culture while also protecting the company's data?A.Containerization B.Geofencing C.Full-disk encryption
D.Remote wipe ANS : A 3 / 4
4 / 53
7.A Chief Security Office's (CSO's) key priorities are to improve prepara- tion, response, and recovery practices to minimize system downtime and enhance organizational resilience to ransomware attacks.Which of the following would BEST meet the CSO's objectives?A.Use email-filtering software and centralized account management, patch high-risk systems, and restrict administration privileges on fileshares.B.Purchase cyber insurance from a reputable provider to reduce expenses during an incident.C.Invest in end-user awareness training to change the long-term culture and behavior of staff and executives, reducing the organization's susceptibility to phishing attacks.
- / 4
.png)