Free Preparation Discussions
MENU
CompTIA SY0-601 Exam
- Topic 1: Describe how wireless and remote access security is enforced/ Identify strategies for ensuring business continuity, fault tolerance, and disaster recovery
- Topic 2: Summarize application and coding vulnerabilities and identify development and deployment methods designed to mitigate them/ Install and configure network- and host-based security technologies
- Topic 3: Identify strategies developed by cyber adversaries to attack networks and hosts and the countermeasures deployed to defend them
- Topic 4: Know the technologies and uses of cryptographic standards and products/ Describe the standards and products used to enforce security on web and communications technologies
- Topic 5: Understand the principles of organizational security and the elements of effective security policies
Free CompTIA SY0-601 Exam Actual Questions
The questions for SY0-601 were last updated On Apr. 22, 2024
The primary goal of the threat-hunting team at a large company is to identify cyberthreats that the SOC has not detected. Which of the following types of data would the threat-hunting team primarily use to identify systems that are exploitable?
A vulnerability scan is a type of data that can identify systems that are exploitable by detecting known weaknesses and misconfigurations in the software and hardware. Packet capture, threat feed, and user behavior are types of data that can help identify malicious activities or indicators of compromise, but not necessarily the systems that are vulnerable to exploitation.
An organization is concerned about intellectual property theft by employees who leave the organization Which of the following should the organization most likely implement?
A security analyst is investigating a malware incident at a company The malware is accessing a command-and-control website at www.comptia.com. All outbound internet traffic is logged to a syslog server and stored in /logfiles/messages Which of the following commands would be best for the analyst to use on the syslog server to search for recent traffic to the command-and-control website?
A company currently uses passwords for logging in to company-owned devices and wants to add a second authentication factor Per corporate policy, users are not allowed to have smartphones at their desks Which of the following would meet these requirements?
Which of the following is best to use when determining the severity of a vulnerability?
CVSS, or Common Vulnerability Scoring System, is a standard method for assessing the severity of software vulnerabilities based on various metrics and factors. CVE, or Common Vulnerabilities and Exposures, is a list of publicly disclosed vulnerabilities, but does not provide a severity score. OSINT, or Open Source Intelligence, is the collection and analysis of publicly available information, which may or may not be relevant to a specific vulnerability. SOAR, or Security Orchestration, Automation and Response, is a set of tools and processes that automate and streamline security operations and incident response.
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Currently there are no comments in this discussion, be the first to comment!