Skip to Content

CompTIA Security+ SY0-601 Exam Questions and Answers – Page 5 Part 2

The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.

CompTIA Security+ (SY0-601) Exam Questions and Answers

Question 491

Exam Question

Which type of server is used for collecting diagnostic and monitoring data from networked devices?

A. Proxy server
B. UC server
C. Syslog server
D. ICS server

Correct Answer

C. Syslog server

Question 492

Exam Question

A correlation engine used for processing various types of log data into an actionable information is a feature of:

A. REST API
B. SIEM dashboard
C. Syslog server
D. SOAR

Correct Answer

B. SIEM dashboard

Question 493

Exam Question

A technology that enables real-time analysis of security alerts generated by network hardware and applications is known as:

A. LACP
B. DSCP
C. SIEM
D. LWAPP

Correct Answer

C. SIEM

Question 494

Exam Question

Which of the following answers refers to a U.S. government initiative that provides the details on how to ensure continued performance of essential functions during unexpected events?

A. SLA
B. COOP
C. RPO
D. COPE

Correct Answer

B. COOP

Question 495

Exam Question

Which of the following answers refers to a methodology framework for intrusion analysis developed by U.S. government intelligence community?

A. MITRE ATT&CK
B. The Diamond Model of Intrusion Analysis
C. Cyber Kill Chain

Correct Answer

B. The Diamond Model of Intrusion Analysis

Question 496

Exam Question

One of the ways to prevent data recovery from a hard drive is to overwrite its contents. The data overwriting technique is used by drive wipe utilities which might employ different methods (including multiple overwriting rounds) to decrease the likelihood of data retrieval. As an example, a disk sanitization utility might overwrite the data on the drive with the value of one in the first pass, change that value to zero in the second pass, and finally perform five more passes, overwriting the contents with random characters (the Schneier method).

A. True
B. False

Correct Answer

A. True

Question 497

Exam Question

What is Metasploit?

A. Exploitation framework
B. Data sanitization tool
C. Password cracker
D. Packet-crafting utility

Correct Answer

A. Exploitation framework

Question 498

Exam Question

Which of the following answers refers to a tool for creating forensic images of computer data?

A. diskpart
B. FTK imager
C. fsutil
D. Autopsy

Correct Answer

B. FTK imager

Question 499

Exam Question

Which of the following forensic utilities enables the extraction of RAM contents?

A. Memdump
B. WinHex
C. FTK imager
D. Autopsy

Correct Answer

A. Memdump

Question 500

Exam Question

Which of the following answers refers to an advanced cross-platform packet-capturing tool equipped with a Graphical User Interface (GUI)?

A. theHarvester
B. WireShark
C. tcpdump
D. Tcpreplay

Correct Answer

B. WireShark