[2022年03月07日] 合格させるCompTIA SY0-601試験情報と無料練習テスト [Q211-Q230]

Share

[2022年03月07日] 合格させるCompTIA SY0-601試験情報と無料練習テスト

SY0-601試験問題集PDF更新された問題集にはFast2test試験合格保証付き

質問 211
A company has limited storage available and online presence that cannot for more than four hours. Which of the following backup methodologies should the company implement to allow for the FASTEST database restore time In the event of a failure, which being maindful of the limited available storage space?

  • A. Implement fulltape backup every Sunday at 8:00 p.m and perform nightly tape rotations.
  • B. Implement different backups every Sunday at 8:00 and nightly incremental backups at 8:00 p.m
  • C. Implement nightly full backups every Sunday at 8:00 p.m
  • D. Implement full backups every Sunday at 8:00 p.m and nightly differential backups at 8:00

正解: B

 

質問 212
A security engineer is reviewing log files after a third discovered usernames and passwords for the organization's accounts. The engineer sees there was a change in the IP address for a vendor website one earlier. This change lasted eight hours. Which of the following attacks was MOST likely used?

  • A. Spear-phishing
  • B. Man-in- the middle
  • C. DNS poising
  • D. Evil twin

正解: C

解説:
Explanation
DNS spoofing, also referred to as DNS cache poisoning, is a form of computer security hacking in which corrupt Domain Name System data is introduced into the DNS resolver's cache, causing the name server to return an incorrect result record, e.g. an IP address. This results in traffic being diverted to the attacker's computer (or any other computer). https://en.wikipedia.org/wiki/DNS_spoofing

 

質問 213
A company has just experienced a malware attack affecting a large number of desktop users.
The antivirus solution was not able to block the malware, but the HIDS alerted to C2 calls as
'Troj.Generic'. Once the security team found a solution to remove the malware, they were able to remove the malware files successfully, and the HIDS stopped alerting. The next morning, however, the HIDS once again started alerting on the same desktops, and the security team discovered the files were back. Which of the following BEST describes the type of malware infecting this company's network?

  • A. Rootkit
  • B. Spyware
  • C. Botnet
  • D. Trojan

正解: D

 

質問 214
A network engineer needs to create a plan for upgrading the wireless infrastructure in a large office Priority must be given to areas that are currently experiencing latency and connection issues. Which of the following would be the BEST resource for determining the order of priority?

  • A. Nmapn
  • B. Wireshark
  • C. Heat maps
  • D. Network diagrams

正解: C

解説:
engineer needs to create a plan for upgrading the wireless infrastructure in a large office. Priority must be given to areas that are currently.
Site surveys and heat maps provide the following benefits: Identify trouble areas to help eliminate slows speeds and poor performance

 

質問 215
Which of the following describes the BEST approach for deploying application patches?

  • A. Apply the patches to systems in a testing environment then to systems in a staging environment, and finally to production systems.
  • B. Apply the patches to the production systems apply them in a staging environment, and then test all of them in a testing environment
  • C. Test the patches m a test environment apply them to the production systems and then apply them to a staging environment
  • D. Test the patches in a staging environment, develop against them in the development environment, and then apply them to the production systems

正解: A

 

質問 216
Which of the following must be in place before implementing a BCP?

  • A. BIA
  • B. AUP
  • C. NDA
  • D. SLA

正解: A

解説:
To create an effective business continuity plan, a firm should take these five steps:
Step 1: Risk Assessment
This phase includes:
Evaluation of the company's risks and exposures
Assessment of the potential impact of various business disruption scenarios
Determination of the most likely threat scenarios
Assessment of telecommunication recovery options and communication plans
Prioritization of findings and development of a roadmap
Step 2: Business Impact Analysis (BIA)
During this phase we collect information on:
Recovery assumptions, including Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO)
Critical business processes and workflows as well as the supporting production applications
Interdependencies, both internal and external
Critical staff including backups, skill sets, primary and secondary contacts
Future endeavors that may impact recovery
Special circumstances
Pro tip: Compiling your BIA into a master list can be helpful from a wholistic standpoint, as well as helpful in identifying pain points throughout the organization.
Step 3: Business Continuity Plan Development
This phase includes:
Obtaining executive sign-off of Business Impact Analysis
Synthesizing the Risk Assessment and BIA findings to create an actionable and thorough plan
Developing department, division and site level plans
Reviewing plan with key stakeholders to finalize and distribute
Step 4: Strategy and Plan Development
Validate that the recovery times that you have stated in your plan are obtainable and meet the objectives that are stated in the BIA. They should easily be available and readily accessible to staff, especially if and when a disaster were to happen. In the development phase, it's important to incorporate many perspectives from various staff and all departments to help map the overall company feel and organizational focus. Once the plan is developed, we recommend that you have an executive or management team review and sign off on the overall plan.
Step 5: Plan Testing & Maintenance
The final critical element of a business continuity plan is to ensure that it is tested and maintained on a regular basis. This includes:
Conducting periodic table top and simulation exercises to ensure key stakeholders are comfortable with the plan steps
Executing bi-annual plan reviews
Performing annual Business Impact Assessments

 

質問 217
The security administrator has installed a new firewall which implements an implicit DENY policy by default.
INSTRUCTIONS:
Click on the firewall and configure it to allow ONLY the following communication.
1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.
2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port
3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.
Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.

正解:

解説:

Hot Area:

 

質問 218
The Chief Information Security Officer wants to pilot a new adaptive, user-based authentication method. The concept Includes granting logical access based on physical location and proximity.
Which of the following Is the BEST solution for the pilot?

  • A. PKl certificates
  • B. SSO
  • C. Geofencing
  • D. Self-sovereign identification

正解: D

 

質問 219
While investigating a data leakage incident a security analyst reviews access control to cloud - hosted data. The following information was presented in a security posture report:
Policy to control external application integration: Admin authorized
only
- 47 active integration to third-party applications
- 2 applications authorized by admin
- 45 applications authorized by users
- 32 OAuth apps authorize to access data
Based on the report, which of the following was the MOST likely attack vector used against the company?

  • A. Supply chain
  • B. Spyware
  • C. Potentially unwanted programs
  • D. Logic bomb

正解: B

 

質問 220
An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification?

  • A. It provides complimentary training and certification resources to IT security staff.
  • B. It assures customers that the organization meets security standards
  • C. It certifies the organization can work with foreign entities that require a security clearance
  • D. It provides insurance in case of a data breach
  • E. It allows for the sharing of digital forensics data across organizations

正解: B

解説:
Explanation
According to the ISO https://www.iso.org/standard/54534.html
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.

 

質問 221
An organization has various applications that contain sensitive data hosted in the cloud. The company's leaders are concerned about lateral movement across applications of different trust levels. Which of the following solutions should the organization implement to address the concern?

  • A. CASB
  • B. ISFW
  • C. SWG
  • D. UTM

正解: A

解説:
Once the full extent of cloud usage is revealed, the CASB then determines the risk level associated with each by determining what the application is, what sort of data is within the app, and how it is being shared. https://www.mcafee.com/enterprise/en-au/security-awareness/cloud/what-is-a-casb.html A cloud access security broker (CASB) (sometimes pronounced cas-bee) is on-premises or cloud based software that sits between cloud service users and cloud applications, and monitors all activity and enforces security policies.[1] A CASB can offer a variety of services such as monitoring user activity, warning administrators about potentially hazardous actions, enforcing security policy compliance, and automatically preventing malware. https://en.wikipedia.org/wiki/Cloud_access_security_broker

 

質問 222
Which of the following would produce the closet experience of responding to an actual incident response scenario?

  • A. Simulation
  • B. Tabletop
  • C. Walk-through
  • D. Lessons learned

正解: A

 

質問 223
A user reports constant lag and performance issues with the wireless network when working at a local coffee shop. A security analyst walks the user through an installation of Wireshark and get a five-minute pcap to analyze. The analyst observes the following output:

Which of the following attacks does the analyst MOST likely see in this packet capture?

  • A. Session replay
  • B. ARP poisoning
  • C. Bluejacking
  • D. Evil twin

正解: D

 

質問 224
A network analyst is investigating compromised corporate information. The analyst leads to a theory that network traffic was intercepted before being transmitted to the internet. The following output was captured on an internal host:

Based on the IoCS, which of the following was the MOST likely attack used to compromise the network communication?

  • A. ARP poisoning
  • B. MAC flooding
  • C. Command injection
  • D. Denial of service

正解: D

 

質問 225
An organization has implemented a policy requiring the use of conductive metal lockboxes for personal electronic devices outside of a secure research lab. Which of the following did the organization determine to be the GREATEST risk to intellectual property when creating this policy?

  • A. Bluesnarfing of mobile devices
  • B. The theft of portable electronic devices
  • C. Data exfiltration over a mobile hotspot
  • D. Geotagging in the metadata of images

正解: C

 

質問 226
A company would like to provide flexibility for employees on device preference. However, the company is concerned about supporting too many different types of hardware. Which of the following deployment models will provide the needed flexibility with the GREATEST amount of control and security over company data and infrastructure?

  • A. BYOD
  • B. VDI
  • C. COPE
  • D. CYOD

正解: D

 

質問 227
A RAT that was used to compromise an organization's banking credentials was found on a user's computer.
The RAT evaded antivirus detection. It was installed by a user who has local administrator rights to the system as part of a remote management tool set. Which of the following recommendations would BEST prevent this from reoccurring?

  • A. Create a new acceptable use policy.
  • B. Segment the network into trusted and untrusted zones.
  • C. Enforce application whitelisting.
  • D. Implement DLP at the network boundary.

正解: C

 

質問 228
An end user reports a computer has been acting slower than normal for a few weeks, During an investigation, an analyst determines the system 3 sending the users email address and a ten-digit number ta an IP address once a day. The only resent log entry regarding the user's computer is the following:

Which of the following is the MOST likely cause of the issue?

  • A. The end user purchased and installed 2 PUP from a web browser.
  • B. 4 bot on the computer is rule forcing passwords against a website.
  • C. A hacker Is attempting to exfilltrated sensitive data.
  • D. Ransomwere is communicating with a command-and-control server.

正解: A

 

質問 229
A startup company is using multiple SaaS and IaaS platforms to stand up a corporate infrastructure and build out a customer-facing web application. Which of the following solutions would be BEST to provide security, manageability, and visibility into the platforms?

  • A. DLP
  • B. CASB
  • C. SIEM
  • D. SWG

正解: B

解説:
Explanation
A cloud access security broker is on-premises or cloud based software that sits between cloud service users and cloud applications, and monitors all activity and enforces security policies

 

質問 230
......

あなたを合格させるCompTIA試験にはSY0-601試験問題集:https://jp.fast2test.com/SY0-601-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어