The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.
Table of Contents
- Question 471
- Exam Question
- Correct Answer
- Question 472
- Exam Question
- Correct Answer
- Question 473
- Exam Question
- Correct Answer
- Question 474
- Exam Question
- Correct Answer
- Question 475
- Exam Question
- Correct Answer
- Question 476
- Exam Question
- Correct Answer
- Question 477
- Exam Question
- Correct Answer
- Question 478
- Exam Question
- Correct Answer
- Question 479
- Exam Question
- Correct Answer
- Question 480
- Exam Question
- Correct Answer
Question 471
Exam Question
An ISO/IEC standard defining requirements for information security management systems is known as:
A. ISO/IEC 27001
B. ISO/IEC 27002
C. ISO/IEC 27701
D. ISO/IEC 31000
Correct Answer
A. ISO/IEC 27001
Question 472
Exam Question
A mandatory IT security and risk management framework for U.S. federal government developed by NIST is known as:
A. SSAE
B. CSF
C. RMF
D. CSA
Correct Answer
C. RMF
Question 473
Exam Question
The purpose of PCI DSS is to provide protection for:
A. Credit cardholder data
B. Licensed software
C. User passwords
D. Personal health information
Correct Answer
A. Credit cardholder data
Question 474
Exam Question
Which of the following examples do not fall into the category of physical security controls? (Select 3 answers)
A. Lighting
B. Warning signs
C. Sensors
D. IDS/IPS
E. Security cameras
F. Alarms
G. Encryption protocols
H. Fences/bollards/barricades
I. Security guards
J. Firewall ACLs
K. Access control vestibules
L. Door locks / cable locks
Correct Answer
D. IDS/IPS
G. Encryption protocols
J. Firewall ACLs
Question 475
Exam Question
Examples of deterrent security controls include: (Select 3 answers)
A. Security audits
B. Warning signs
C. Authentication protocols
D. System hardening
E. Lighting
F. Login banners
Correct Answer
B. Warning signs
E. Lighting
F. Login banners
Question 476
Exam Question
Which of the following answers refer to examples of detective security controls (Select all that apply)
A. Lighting
B. Log monitoring
C. Sandboxing
D. Security audits
E. CCTV
F. IDS
Correct Answer
B. Log monitoring
D. Security audits
E. CCTV
F. IDS
Question 477
Exam Question
Which of the answers listed below refer to examples of technical security controls? (Select 3 answers)
A. Security audits
B. Encryption protocols
C. Organizational security policy
D. Configuration management
E. Firewall ACLs
F. Authentication protocols
Correct Answer
B. Encryption protocols
E. Firewall ACLs
F. Authentication protocols
Question 478
Exam Question
Which of the following examples fall into the category of operational security controls? (Select 3 answers)
A. Configuration management
B. Data backups
C. Authentication protocols
D. Awareness programs
E. Vulnerability assessments
Correct Answer
A. Configuration management
B. Data backups
D. Awareness programs
Question 479
Exam Question
Which of the following examples fall into the category of managerial security controls? (Select 3 answers)
A. Configuration management
B. Data backups
C. Organizational security policy
D. Risk assessments
E. Vulnerability assessments
Correct Answer
C. Organizational security policy
D. Risk assessments
E. Vulnerability assessments
Question 480
Exam Question
The term “Non-repudiation” describes the inability to deny responsibility for performing a specific action. In the context of data security, non-repudiation ensures data confidentiality, provides the proof of data integrity, and proof of data origin.
A. True
B. False
Correct Answer
B. False