The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.
Table of Contents
- Question 461
- Exam Question
- Correct Answer
- Question 462
- Exam Question
- Correct Answer
- Question 463
- Exam Question
- Correct Answer
- Question 464
- Exam Question
- Correct Answer
- Question 465
- Exam Question
- Correct Answer
- Question 466
- Exam Question
- Correct Answer
- Question 467
- Exam Question
- Correct Answer
- Question 468
- Exam Question
- Correct Answer
- Question 469
- Exam Question
- Correct Answer
- Question 470
- Exam Question
- Correct Answer
Question 461
Exam Question
Which of the following terms relates closely to the concept of residual risk?
A. Risk deterrence
B. Risk transference
C. Risk acceptance
D. Risk avoidance
Correct Answer
C. Risk acceptance
Question 462
Exam Question
Which of the terms listed below refer to a product/service that no longer receives continuing support? (Select 2 answers)
A. ETL
B. SDLC
C. EOL
D. EOF
E. ERP
F. EOSL
Correct Answer
C. EOL
F. EOSL
Question 463
Exam Question
A type of agreement that specifies generic terms to simplify the negotiation of future contracts between the signing parties is called:
A. MOU
B. SLA
C. MSA
D. SOW
Correct Answer
C. MSA
Question 464
Exam Question
Which of the following terms refers to an agreement that specifies performance requirements for a vendor?
A. MSA
B. SLA
C. MOU
D. SOW
Correct Answer
B. SLA
Question 465
Exam Question
A legal contract between the holder of confidential information and another person to whom that information is disclosed prohibiting that other person from disclosing the confidential information to any other party is known as:
A. ISA
B. NDA
C. BPA
D. SLA
Correct Answer
B. NDA
Question 466
Exam Question
Which of the answers listed below refers to a concept of having more than one person required to complete a given task?
A. Job rotation
B. Role-Based Access Control (RBAC)
C. Multitasking
D. Separation of duties
Correct Answer
D. Separation of duties
Question 467
Exam Question
From the security standpoint, the job rotation policy enables detection of fraudulent activity within the company/organization.
A. True
B. False
Correct Answer
A. True
Question 468
Exam Question
Which of the following answers refers to a cybersecurity control framework for cloud computing?
A. CCM
B. CSA
C. CSF
D. CIS
Correct Answer
A. CCM
Question 469
Exam Question
Statement on Standards for Attestation Engagements 18 (SSAE 18) is a standard from the American Institute of Certified Public Accountants (AICPA). The standard defines three types of System and Organization Controls (SOC) audit reports that review different aspects of a company’s operations. A SOC 2 audit report provides detailed information and assurance about a service organization’s security, availability, processing integrity, confidentiality and/or privacy controls, based on their compliance with the AICPA’s TSC (Trust Services Criteria). Furthermore, a SOC 2 Type I audit provides a snapshot of the organization’s control landscape in a specific point in time, SOC 2 Type II audit evaluates the effectiveness of controls over a period of time of at least six consecutive calendar months (in simple terms, “SOC” defines the scope of the audit, “Type” defines the time covered during the audit).
A. True
B. False
Correct Answer
A. True
Question 470
Exam Question
An extension to the ISO/IEC 27001 standard that focuses on privacy data management is called:
A. ISO/IEC 27002
B. ISO/IEC 27701
C. ISO/IEC 27702
D. ISO/IEC 31000
Correct Answer
B. ISO/IEC 27701