CompTIA Security+ SY0-601 Exam Questions and Answers – Page 2 Part 1

The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.

Question 131

Exam Question

Which of the following answers refers to a NIST’s voluntary framework outlining best practices for computer security?

A. CSF
B. SSAE
C. CIS
D. RMF

Correct Answer

A. CSF

Question 132

Exam Question

Which of the following answers refers to a nonprofit organization focused on developing globally-recognized best practices for securing IT systems and data against cyberattacks?

A. CIS
B. RMF
C. CSA
D. SSAE

Correct Answer

A. CIS

Question 133

Exam Question

Which of the following regulates personal data privacy of the European Union (EU) citizens?

A. PHI
B. HIPAA
C. PCI DSS
D. GDPR

Correct Answer

D. GDPR

Question 134

Exam Question

Which of the following answers refer to compensating security controls? (Select all that apply)

A. Backup power system
B. Sandboxing
C. Temporary port blocking
D. Fire suppression system
E. Security audits
F. Temporary service disablement

Correct Answer

A. Backup power system
B. Sandboxing
C. Temporary port blocking
F. Temporary service disablement

Question 135

Exam Question

Which of the answers listed below refer to examples of corrective security controls? (Select all that apply)

A. IPS
B. Security guards
C. Backups and system recovery
D. Log monitoring
E. Alternate site
F. Fire suppression system

Correct Answer

A. IPS
C. Backups and system recovery
E. Alternate site
F. Fire suppression system

Question 136

Exam Question

What are the examples of preventive security controls? (Select 3 answers)

A. Security guards
B. Fire suppression system
C. System hardening
D. Login banners
E. CCTV
F. Separation of duties

Correct Answer

A. Security guards
C. System hardening
F. Separation of duties

Question 137

Exam Question

Which of the following answers can be used to describe the category of technical security controls (Select 3 answers)

A. Focused on managing risk
B. Sometimes called logical security controls
C. Executed by computer systems (instead of people)
D. Also known as administrative controls
E. Implemented with technology
F. Primarily implemented and executed by people (as opposed to systems)

Correct Answer

B. Sometimes called logical security controls
C. Executed by computer systems (instead of people)
E. Implemented with technology

Question 138

Exam Question

Which of the following answers can be used to describe the category of operational security controls (Select 3 answers)

A. Also known as administrative controls
B. Focused on the day-to-day procedures of an organization
C. Executed by computer systems (instead of people)
D. Used to ensure that the equipment continues to work as specified
E. Focused on managing risk
F. Primarily implemented and executed by people (as opposed to systems)

Correct Answer

B. Focused on the day-to-day procedures of an organization
D. Used to ensure that the equipment continues to work as specified
F. Primarily implemented and executed by people (as opposed to systems)

Question 139

Exam Question

Which of the following answers can be used to describe the category of managerial security controls? (Select 3 answers)

A. Also known as administrative controls
B. Sometimes referred to as logical security controls
C. Focused on managing risk
D. Executed by computer systems (instead of people)
E. Documented in written policies
F. Focused on the day-to-day procedures of an organization

Correct Answer

A. Also known as administrative controls
C. Focused on managing risk
E. Documented in written policies

Question 140

Exam Question

The process of searching, collecting, and securing electronic data with the intent of using it in a legal proceeding or investigation is known as:

A. OSINT
B. E-discovery
C. White-hat hacking
D. Active reconnaissance

Correct Answer

B. E-discovery