The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.
Question 81
Exam Question
A global pandemic is forcing a private organization to close some business units and reduce staffing at others. Which of the following would be BEST to help the organization’s executives determine their next course of action?
A. An incident response plan
B. A communications plan
C. A disaster recovery plan
D. A business continuity plan
Correct Answer
D. A business continuity plan
Question 82
Exam Question
After a ransomware attack, a forensics company needs to review a cryptocurrency transaction between the victim and the attacker. Which of the following will the company MOST likely review to trace this transaction?
A. The public ledger
B. The NetFlow data
C. A checksum
D. The event log
Correct Answer
D. The event log
Question 83
Exam Question
During an incident response, a security analyst observes the following log entry on the web server:
GET http://www.companysite.com/product_info.php?show=../../../../etc/password HTTP/1.1
Host: www.companysite.com
Which of the following BEST describes the type of attack the analyst is experiencing?
A. SQL injection
B. Cross-site scripting
C. Pass-the-hash
D. Directory traversal
Correct Answer
D. Directory traversal
Question 84
Exam Question
Which of the following ISO standards is certified for privacy?
A. ISO 9001
B. ISO 27002
C. ISO 27701
D. ISO 31000
Correct Answer
C. ISO 27701
Question 85
Exam Question
A security analyst is running a vulnerability scan to check for missing patches during a suspected security incident. During which of the following phases of the response process is this activity MOST likely occurring?
A. Containment
B. Identification
C. Recovery
D. Preparation
Correct Answer
B. Identification
Question 86
Exam Question
Which of the following is a team of people dedicated to testing the effectiveness of organizational security programs by emulating the techniques of potential attackers?
A. Red team
B. White team
C. Blue team
D. Purple team
Correct Answer
A. Red team
Question 87
Exam Question
A security analyst discovers that a company’s username and password database was posted on an Internet forum. The usernames and passwords are stored in plain text. Which of the following would mitigate the damage done by this type of data exfiltration in the future?
A. Create DLP controls that prevent documents from leaving the network.
B. Implement salting and hashing.
C. Configure the web content filter to block access to the forum.
D. Increase password complexity requirements.
Correct Answer
B. Implement salting and hashing.
Question 88
Exam Question
Which of the following are requirements that must be configured for PCI DSS compliance? (Choose two.)
A. Testing security systems and processes regularly
B. Installing and maintaining a web proxy to protect cardholder data
C. Assigning a unique ID to each person with computer access
D. Encrypting transmission of cardholder data across private networks
E. Benchmarking security awareness training for contractors
F. Using vendor-supplied default passwords for system passwords
Correct Answer
B. Installing and maintaining a web proxy to protect cardholder data
D. Encrypting transmission of cardholder data across private networks
Question 89
Exam Question
A security analyst needs to be proactive in understanding the types of attacks that could potentially target the company’s executives. Which of the following intelligence sources should the security analyst review?
A. Vulnerability feeds
B. Trusted automated exchange of indicator information
C. Structured threat information expression
D. Industry information-sharing and collaboration groups
Correct Answer
D. Industry information-sharing and collaboration groups
Question 90
Exam Question
A security audit has revealed that a process control terminal is vulnerable to malicious users installing and executing software on the system. The terminal is beyond end-of-life support and cannot be upgraded, so it is placed on a protected network segment. Which of the following would be MOST effective to implement to further mitigate the reported vulnerability?
A. DNS sinkholing
B. DLP rules on the terminal
C. An IP blacklist
D. Application whitelisting
Correct Answer
D. Application whitelisting
