The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.
Question 81
A global pandemic is forcing a private organization to close some business units and reduce staffing at others. Which of the following would be BEST to help the organization’s executives determine their next course of action?
A. An incident response plan
B. A communications plan
C. A disaster recovery plan
* D. A business continuity plan
Question 82
After a ransomware attack, a forensics company needs to review a cryptocurrency transaction between the victim and the attacker. Which of the following will the company MOST likely review to trace this transaction?
A. The public ledger
B. The NetFlow data
C. A checksum
* D. The event log
Question 83
During an incident response, a security analyst observes the following log entry on the web server:
GET http://www.companysite.com/product_info.php?show=../../../../etc/password HTTP/1.1
Host: www.companysite.com
Which of the following BEST describes the type of attack the analyst is experiencing?
A. SQL injection
B. Cross-site scripting
C. Pass-the-hash
* D. Directory traversal
Question 84
Which of the following ISO standards is certified for privacy?
A. ISO 9001
B. ISO 27002
* C. ISO 27701
D. ISO 31000
Question 85
A security analyst is running a vulnerability scan to check for missing patches during a suspected security incident. During which of the following phases of the response process is this activity MOST likely occurring?
A. Containment
* B. Identification
C. Recovery
D. Preparation
Question 86
Which of the following is a team of people dedicated to testing the effectiveness of organizational security programs by emulating the techniques of potential attackers?
* A. Red team
B. White team
C. Blue team
D. Purple team
Question 87
A security analyst discovers that a company’s username and password database was posted on an Internet forum. The usernames and passwords are stored in plain text. Which of the following would mitigate the damage done by this type of data exfiltration in the future?
A. Create DLP controls that prevent documents from leaving the network.
* B. Implement salting and hashing.
C. Configure the web content filter to block access to the forum.
D. Increase password complexity requirements.
Question 88
Which of the following are requirements that must be configured for PCI DSS compliance? (Choose two.)
A. Testing security systems and processes regularly
* B. Installing and maintaining a web proxy to protect cardholder data
C. Assigning a unique ID to each person with computer access
* D. Encrypting transmission of cardholder data across private networks
E. Benchmarking security awareness training for contractors
F. Using vendor-supplied default passwords for system passwords
Question 89
A security analyst needs to be proactive in understanding the types of attacks that could potentially target the company’s executives. Which of the following intelligence sources should the security analyst review?
A. Vulnerability feeds
B. Trusted automated exchange of indicator information
C. Structured threat information expression
* D. Industry information-sharing and collaboration groups
Question 90
A security audit has revealed that a process control terminal is vulnerable to malicious users installing and executing software on the system. The terminal is beyond end-of-life support and cannot be upgraded, so it is placed on a protected network segment. Which of the following would be MOST effective to implement to further mitigate the reported vulnerability?
A. DNS sinkholing
B. DLP rules on the terminal
C. An IP blacklist
* D. Application whitelisting