Skip to Content

CompTIA Security+ SY0-601 Exam Questions and Answers – Page 5 Part 2

The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.

CompTIA Security+ (SY0-601) Exam Questions and Answers

Question 471

Exam Question

An ISO/IEC standard defining requirements for information security management systems is known as:

A. ISO/IEC 27001
B. ISO/IEC 27002
C. ISO/IEC 27701
D. ISO/IEC 31000

Correct Answer

A. ISO/IEC 27001

Question 472

Exam Question

A mandatory IT security and risk management framework for U.S. federal government developed by NIST is known as:

A. SSAE
B. CSF
C. RMF
D. CSA

Correct Answer

C. RMF

Question 473

Exam Question

The purpose of PCI DSS is to provide protection for:

A. Credit cardholder data
B. Licensed software
C. User passwords
D. Personal health information

Correct Answer

A. Credit cardholder data

Question 474

Exam Question

Which of the following examples do not fall into the category of physical security controls? (Select 3 answers)

A. Lighting
B. Warning signs
C. Sensors
D. IDS/IPS
E. Security cameras
F. Alarms
G. Encryption protocols
H. Fences/bollards/barricades
I. Security guards
J. Firewall ACLs
K. Access control vestibules
L. Door locks / cable locks

Correct Answer

D. IDS/IPS
G. Encryption protocols
J. Firewall ACLs

Question 475

Exam Question

Examples of deterrent security controls include: (Select 3 answers)

A. Security audits
B. Warning signs
C. Authentication protocols
D. System hardening
E. Lighting
F. Login banners

Correct Answer

B. Warning signs
E. Lighting
F. Login banners

Question 476

Exam Question

Which of the following answers refer to examples of detective security controls (Select all that apply)

A. Lighting
B. Log monitoring
C. Sandboxing
D. Security audits
E. CCTV
F. IDS

Correct Answer

B. Log monitoring
D. Security audits
E. CCTV
F. IDS

Question 477

Exam Question

Which of the answers listed below refer to examples of technical security controls? (Select 3 answers)

A. Security audits
B. Encryption protocols
C. Organizational security policy
D. Configuration management
E. Firewall ACLs
F. Authentication protocols

Correct Answer

B. Encryption protocols
E. Firewall ACLs
F. Authentication protocols

Question 478

Exam Question

Which of the following examples fall into the category of operational security controls? (Select 3 answers)

A. Configuration management
B. Data backups
C. Authentication protocols
D. Awareness programs
E. Vulnerability assessments

Correct Answer

A. Configuration management
B. Data backups
D. Awareness programs

Question 479

Exam Question

Which of the following examples fall into the category of managerial security controls? (Select 3 answers)

A. Configuration management
B. Data backups
C. Organizational security policy
D. Risk assessments
E. Vulnerability assessments

Correct Answer

C. Organizational security policy
D. Risk assessments
E. Vulnerability assessments

Question 480

Exam Question

The term “Non-repudiation” describes the inability to deny responsibility for performing a specific action. In the context of data security, non-repudiation ensures data confidentiality, provides the proof of data integrity, and proof of data origin.

A. True
B. False

Correct Answer

B. False