[2022年05月] 問題集簡単概要SY0-601試験問題Fast2test
SY0-601トレーニング認証最新版をゲットCompTIA Security+
質問 279
A network administrator needs to build out a new datacenter, with a focus on resiliency and uptime. Which of the following would BEST meet this objective? (Choose two.)
- A. Scheduled penetration testing
- B. Automatic OS upgrades
- C. Network-attached storage
- D. NIC teaming
- E. Dual power supply
- F. Off-site backups
正解: E,F
質問 280
The security administrator has installed a new firewall which implements an implicit DENY policy by default.
- A. INSTRUCTIONS:
Click on the firewall and configure it to allow ONLY the following communication.
1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.
2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port
3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.
Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.
Hot Area:


Section: Network Security
正解:
解説:
Implicit deny is the default security stance that says if you aren't specifically granted access or privileges for a resource, you're denied access by default.
Rule #1 allows the Accounting workstation to ONLY access the web server on the public network over the default HTTPS port, which is TCP port 443.
Rule #2 allows the HR workstation to ONLY communicate with the Financial server over the default SCP port, which is TCP Port 22 Rule #3 & Rule #4 allow the Admin workstation to ONLY access the Financial and Purchasing servers located on the secure network over the default TFTP port, which is Port 69.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 26, 44 http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 26, 44 http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
質問 281
Which of the following attacks can be mitigated by proper data retention policies?
- A. Dumpster diving
- B. Watering hole
- C. Spear phishing
- D. Man-in-the-browser
正解: A
解説:
Dumpster diving risks would be mitigated by proper data SANITATION policies...isn't data RETNETION about how we keep data secure through backups, legal hold, etc.
質問 282
A security engineer is setting up passwordless authentication for the first time.
INSTRUCTIONS
Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
正解:
解説:
質問 283
A document that appears to be malicious has been discovered in an email that was sent to a company's Chief Financial Officer (CFO). Which of the following would be BEST to allow a security analyst to gather information and confirm it is a malicious document without executing any code it may contain?
- A. View the document's metadata for origin clues.
- B. Open the document on an air-gapped network.
- C. Detonate the document in an analysis sandbox.
- D. Search for matching file hashes on malware websites.
正解: D
質問 284
A security engineer is setting up passwordless authentication for the first time.
INSTRUCTIONS
Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
正解:
解説:
質問 285
The security administrator has installed a new firewall which implements an implicit DENY policy by default.
INSTRUCTIONS:
Click on the firewall and configure it to allow ONLY the following communication.
1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.
2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port
3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.
Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.
正解:
解説:
Hot Area:
質問 286
A cybersecurity analyst needs to implement secure authentication to third-party websites without users' passwords. Which of the following would be the BEST way to achieve this objective?
- A. OAuth
- B. PAP
- C. SAML
- D. SSO
正解: C
質問 287
After reading a security bulletin, a network security manager is concerned that a malicious actor may have breached the network using the same software flaw. The exploit code is publicly available and has been reported as being used against other industries in the same vertical.
Which of the following should the network security manager consult FIRST to determine a priority list for forensic review?
- A. The vulnerability scan output
- B. The SIEM alerts
- C. The full packet capture data
- D. The IDS logs
正解: A
質問 288
A Chief Information Security Officer (CISO) is concerned about the organization's ability to continue business operation in the event of a prolonged DDoS attack on its local datacenter that consumes database resources. Which of the following will the CISO MOST likely recommend to mitigate this risk?
- A. Implement a hot-site failover location
- B. Upgrade the bandwidth available into the datacenter
- C. Switch to a complete SaaS offering to customers
- D. Implement a challenge response test on all end-user queries
正解: A
質問 289
A security analyst has been asked to investigate a situation after the SOC started to receive alerts from the SIEM. The analyst first looks at the domain controller and finds the following events:
To better understand what is going on, the analyst runs a command and receives the following output:
Based on the analyst's findings, which of the following attacks is being executed?
- A. Credential harvesting
- B. Keylogger
- C. Spraying
- D. Brute-force
正解: C
質問 290
A SOC is implementing an in sider-threat-detection program. The primary concern is that users may be accessing confidential data without authorization. Which of the following should be deployed to detect a potential insider threat?
- A. DLP
- B. File integrity monitoring
- C. ADMZ
- D. A honeyfile
正解: A
質問 291
A security analyst needs to determine how an attacker was able to use User3 to gain a foothold within a company's network. The company's lockout policy requires that an account be locked out for a minimum of 15 minutes after three unsuccessful attempts. While reviewing the log files, the analyst discovers the following:
Which of the following attacks MOST likely occurred?
- A. Brute-force
- B. Dictionary
- C. Password-spraying
- D. Credential-stuffing
正解: A
質問 292
A document that appears to be malicious has been discovered in an email that was sent to a company's Chief Financial Officer (CFO). Which of the following would be BEST to allow a security analyst to gather information and confirm it is a malicious document without executing any code it may contain?
- A. Detonate the document in an analysis sandbox
- B. Search for matching file hashes on malware websites
- C. View the document's metadata for origin clues
- D. Open the document on an air-gapped network
正解: A
質問 293
A cyberthreat intelligence analyst is gathering data about a specific adversary using OSINT techniques. Which of the following should the analyst use?
- A. Confidential reports
- B. Internal log files
- C. Proprietary databases
- D. Government press releases
正解: B
解説:
https://www.eccouncil.org/cyber-threat-intelligence/
質問 294
An organization regularly scans its infrastructure for missing security patches but is concerned about hackers gaining access to the scanner's account.
Which of the following would be BEST to minimize this risk?
- A. Require a complex, eight-character password that is updated every 90 days.
- B. Perform only non-intrusive scans of workstations.
- C. Log and alert on unusual scanner account logon times.
- D. Use non-credentialed scans against high-risk servers.
正解: C
質問 295
The cost of '@movable media and the security risks of transporting data have become too great for a laboratory. The laboratory has decided to interconnect with partner laboratones to make data transfers easier and more secure. The Chief Security Officer <CSO) has several concerns about proprietary data being exposed once the interconnections are established. Which of the following security features should the network administrator implement lo prevent unwanted data exposure to users in partner laboratories?
- A. NAC that permits only data-transfer agents to move data between networks
- B. DLP running on hosts to prevent file transfers between networks
- C. VLAN zoning with a file-transfer server in an external-facing zone
- D. VPN with full tunneling and NAS authenticating through the Active Directory
正解: B
質問 296
......
CompTIA SY0-601 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
認証トレーニングSY0-601試験問題集テストエンジン:https://jp.fast2test.com/SY0-601-premium-file.html