당신은 온라인 연습 문제를 통해 CompTIA SY0-601 시험지식에 대해 자신이 어떻게 알고 있는지 파악한 후 시험 참가 신청 여부를 결정할 수 있다.
시험을 100% 합격하고 시험 준비 시간을 35% 절약하기를 바라며 SY0-601 덤프 (최신 실제 시험 문제)를 사용 선택하여 현재 최신 82개의 시험 문제와 답을 포함하십시오.
/ 7
Question No : 1
A security analyst is reviewing the following attack log output:
Which of the following types of attacks does this MOST likely represent?
정답: Explanation:
Password spraying is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts.
https://us-cert.cisa.gov/ncas/current-activity/2019/08/08/acsc-releases-advisory-password-spraying-attacks#:~:text=Password%20spraying%20is%20a%20type,rapid%20or%20frequent%20account%20lockouts.
Question No : 2
A small company that does not have security staff wants to improve its security posture.
Which of the following would BEST assist the company?
정답:
Question No : 3
The IT department’s on-site developer has been with the team for many years. Each time an application is released, the security team is able to identify multiple vulnerabilities.
Which of the following would BEST help the team ensure the application is ready to be released to production?
정답:
Question No : 4
A software developer needs to perform code-execution testing, black-box testing, and non-functional testing on a new product before its general release.
Which of the following BEST describes the tasks the developer is conducting?
정답:
Question No : 5
Which of the following ISO standards is certified for privacy?
정답: Explanation:
ISO 27701 also abbreviated as PIMS (Privacy Information Management System) outlines a framework for Personally Identifiable Information (PII) Controllers and PII Processors to manage data privacy. Privacy information management systems are sometimes referred to as personal information management systems. https://pecb.com/whitepaper/the-future-of-privacy-with-isoiec-27701
Question No : 6
A network administrator has been alerted that web pages are experiencing long load times.
After determining it is not a routing or DNS issue, the administrator logs in to the router, runs a command, and receives the following output:
Which of the following is the router experiencing?
정답:
Question No : 7
A company’s bank has reported that multiple corporate credit cards have been stolen over the past several weeks. The bank has provided the names of the affected cardholders to the company’s forensics team to assist in the cyber-incident investigation.
An incident responder learns the following information:
✑ . The timeline of stolen card numbers corresponds closely with affected users making Internet-based purchases from diverse websites via enterprise desktop PCs.
✑ All purchase connections were encrypted, and the company uses an SSL inspection proxy for the inspection of encrypted traffic of the hardwired network.
✑ Purchases made with corporate cards over the corporate guest WiFi network, where no SSL inspection occurs, were unaffected.
Which of the following is the MOST likely root cause?
정답:
Question No : 8
A cybersecurity administrator has a reduced team and needs to operate an on-premises network and security infrastructure efficiently. To help with the situation, the administrator decides to hire a service provider.
Which of the following should the administrator use?
정답:
Question No : 9
A remote user recently took a two-week vacation abroad and brought along a corporate-owned laptop. Upon returning to work, the user has been unable to connect the laptop to the VPN.
Which of the following is the MOST likely reason for the user’s inability to connect the laptop to the VPN?
정답:
Question No : 10
A security analyst is performing a forensic investigation compromised account credentials. Using the Event Viewer, the analyst able to detect the following message, ‘’Special privileges assigned to new login.’’ Several of these messages did not have a valid logon associated with the user before these privileges were assigned.
Which of the following attacks is MOST likely being detected?
A security auditor is reviewing vulnerability scan data provided by an internal security team.
Which of the following BEST indicates that valid credentials were used?
정답:
Question No : 12
A network engineer notices the VPN concentrator overloaded and crashes on days when there are a lot of remote workers. Senior management has placed greater importance on the availability of VPN resources for the remote workers than the security of the end users’ traffic.
Which of the following would be BEST to solve this issue?
정답:
Question No : 13
A company provides mobile devices to its users to permit access to email and enterprise applications. The company recently started allowing users to select from several different vendors and device models. When configuring the MDM, which of the following is a key security implication of this heterogeneous device approach?
정답:
Question No : 14
A database administrator needs to ensure all passwords are stored in a secure manner, so the administrate adds randomly generated data to each password before string.
Which of the following techniques BEST explains this action?
정답:
Question No : 15
A company recently experienced a data breach and the source was determined to be an executive who was charging a phone in a public area.
Which of the following would MOST likely have prevented this breach?