The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.
Table of Contents
- Question 481
- Exam Question
- Correct Answer
- Question 482
- Exam Question
- Correct Answer
- Question 483
- Exam Question
- Correct Answer
- Question 484
- Exam Question
- Correct Answer
- Question 485
- Exam Question
- Correct Answer
- Question 486
- Exam Question
- Correct Answer
- Question 487
- Exam Question
- Correct Answer
- Question 488
- Exam Question
- Correct Answer
- Exam Question
- Correct Answer
- Question 490
- Exam Question
- Correct Answer
Question 481
Exam Question
Which of the following can be used to validate the origin (provenance) of digital evidence? (Select 2 answers)
A. Hashing
B. Tokenization
C. Salting
D. Metadata examination
E. Checksums
Correct Answer
A. Hashing
E. Checksums
Question 482
Exam Question
Which of the following answers refers to an example order of volatility for a typical computer system?
A. Cache memory -> RAM -> Disk files -> Temporary files -> Swap/Pagefile -> Archival media
B. Archival media -> Disk files -> Temporary files -> Swap/Pagefile -> RAM -> Cache memory
C. Cache memory -> RAM -> Swap/Pagefile -> Temporary files -> Disk files -> Archival media
D. Temporary files -> RAM -> Cache memory -> Swap/Pagefile -> Archival media -> Disk files
Correct Answer
C. Cache memory -> RAM -> Swap/Pagefile -> Temporary files -> Disk files -> Archival media
Question 483
Exam Question
A type of file that an OS uses to hold parts of programs and data files that cannot be stored in RAM due to insufficient memory space is called: (Select 2 answers)
A. Swap file
B. Temporary file
C. Pagefile
D. Signature file
E. Archive file
Correct Answer
A. Swap file
C. Pagefile
Question 484
Exam Question
In forensic procedures, a sequence of steps in which different types of evidence should be collected is known as:
A. Order of volatility
B. Layered security
C. Chain of custody
D. Transitive access
Correct Answer
A. Order of volatility
Question 485
Exam Question
In forensic procedures, a chronological record outlining persons in possession of an evidence is referred to as:
A. Proxy list
B. Order of volatility
C. Access log
D. Chain of custody
Correct Answer
D. Chain of custody
Question 486
Exam Question
A SOAR playbook is a checklist of actions that can be performed in response to a security incident.
A. True
B. False
Correct Answer
A. True
Question 487
Exam Question
An IETF specification that defines how IP flow information is to be formatted and transferred from an exporter to a collector is called:
A. NetFlow
B. IPFIX
C. sFlow
D. NXLog
Correct Answer
B. IPFIX
Question 488
Exam Question
Which of the following is a Cisco-designed IP traffic collection method that by default does not offer packet sampling?
A. IPFIX
B. NetFlow
C. NXLog
D. sFlow
Correct Answer
B. NetFlow
Exam Question
Which of the following is a cross-platform log-managing tool?
A. NetFlow
B. rsyslog
C. NXLog
D. sFlow
E. syslog-ng
Correct Answer
C. NXLog
Question 490
Exam Question
Which of the following are log managing utilities for Unix and Unix-like systems that implement the basic syslog protocol and extend it with additional functionalities? (Select 2 answers)
A. NXLog
B. syslog-ng
C. NetFlow
D. rsyslog
E. sFlow
Correct Answer
B. syslog-ng
D. rsyslog