CompTIA SY0-601 Actual Free Exam Questions & Community Discussion

A security analyst needs an overview of vulnerabilities for a host on the network. Which of the following is the BEST type of scan for the analyst to run to discover which vulnerable services are running?

A company recently enhanced mobile device configuration by implementing a set of security controls: biometrics, context-aware authentication, and full device encryption. Even with these settings in place, an unattended phone was used by a malicious actor to access corporate data.
Which of the following additional controls should be put in place first?

A company is enhancing the security of the wireless network and needs to ensure only employees with a valid certificate can authenticate to the network. Which of the following should the company implement?

An organization is repairing the damage after an incident. Which of the following controls is being implemented?

A host was infected with malware. During the incident response. Joe, a user, reported that he did not receive any emails with links, but he had been browsing the internet all day. Which of the following would most likely show where the malware originated?

If a current private key is compromised, which of the following would ensure it cannot be used to decrypt ail historical data?

A client asked a security company to provide a document outlining the project, the cost, and the completion time frame. Which of the following documents should the company provide to the client?

While investigating a recent security breach an analyst finds that an attacker gained access by SQL injection through a company website Which of the following should the analyst recommend to the website developers to prevent this from reoccurring?

Which of the following risks can be mitigated by HTTP headers?

Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?

A manufacturing company has several one-off legacy information systems that cannot be migrated to a newer OS due to software compatibility issues. The OSs are still supported by the vendor but the industrial software is no longer supported The Chief Information Security Officer has created a resiliency plan for these systems that will allow OS patches to be installed in a non-production environment, white also creating backups of the systems for recovery. Which of the following resiliency techniques will provide these capabilities?

During an investigation, events from two affected servers in the same subnetwork occurred at the same time:
Server 1: 192.168.10.1 [01/Apr/2021:06:00:00 PST] SAN access denied for user 'admin' Server 2: 192.168.10.6 [01/Apr/2021:06:01:01 CST] SAN access successful for user 'admin Which of the following should be consistently configured to prevent the issue seen in the logs?

Which Of the following vulnerabilities is exploited an attacker Overwrite a reg-ister with a malicious address that changes the execution path?

Users at a company are reporting they are unable to access the URL for a new retail website because it is flagged as gambling and is being blocked. Which of the following changes would allow users to access the site?