Free CompTIA SY0-601 Practice Exam with Questions & Answers | Set: 6

A security team is reviewing the findings in a report that was delivered after a third party performed a penetration test. One of the findings indicated that a web application form field is vulnerable to cross-site scripting. Which of the following application security techniques should the security analyst recommend the developer implement to prevent this vulnerability?

An analyst is reviewing log data from a SIEM alert about a suspicious event Threat intelligence indicates threats from domains originating in known malicious countries The analyst examines the following data.

The Chief information Security Officer asks the analyst determine whether the SIEM alerts can be attributed to the domains m the threat intelligence report. Which of the following tools would b«ii allow the analyst to make this determination?

A spoofed identity was detected for a digital certificate. Which of the following are the type of unidentified key and the certificate that could be in use on the company domain?

A company is required to perform a risk assessment on an annual basis. Which of the following types of risk assessments does this requirement describe?

Which of the following best describes a social engineering attack that uses a targeted electronic messaging campaign aimed at a Chief Executive Officer?

The Chief Information Security Officer wants to put security measures in place to protect Pll. The organization needs to use its existing labeling and classification system to accomplish this goal. Which of the following would most likely be configured to meet the requirements?

An analyst in the human resources organization is responsible for the quality of the company's personnel data. The analyst maintains a data dictionary and ensures it is correct and up to date Which of the following best describes the role of the analyst?

A company must ensure sensitive data at rest is rendered unreadable. Which of the following will the company most likely use?

An organization received threat intelligence describing an increase in credential harvesting across the industry A security analyst is reviewing the following authentication logs to look for potential Indicators of compromise.

Which of the following configurations can help prevent this hype of attack from occurring?

A company hired a security manager from outside the organization to lead security operations. Which of the following actions should the security manager perform first in this new role?

The management team notices that new accounts that are set up manually do not always have correct access or permissions. Which of the following automation techniques should a systems administrator use to streamline account creation?

Which of the following, if compromised, can indirectly impact systems’ availability by imposing inadequate environmental conditions for the hardware to operate properly?

An organization is concerned about hackers bypassing MFA through social engineering of phone carriers. Which of the following would most likely protect against such an attack?

A security administrator is hardening corporate systems and applying appropriate mitigations by consulting a real-world knowledge base for adversary behavior. Which of the following would be best for the administrator to reference?

An audit report showed that a former employee saved the following files to an external USB drive before the employee's termination date:

• annual_tax_form.pdf

• encrypted_passwords.db

• team_picture.jpg

• contactjist.db

• human_resources.txt

Which of the following could the former employee do to potentially compromise corporate credentials?

Which of the following is used to add extra complexity before using a one-way data transformation algorithm?

Following a recent security breach, an analyst discovered that user permissions were added when joining another part of the organization but were not removed from existing groups. Which of the following policies would help to correct these issues in the future?

A company is providing security awareness training regarding the importance of not forwarding social media messages from unverified sources. Which of the following risks would this training help to prevent?

A security team created a document that details the order in which critical systems should be brought back online after a major outage. Which of the following documents did the team create?

A security analyst finds a rogue device during a monthly audit of current endpoint assets that are connected to the network. The corporate network utilizes 802.1X for access control. To be allowed on the network, a device must have a known hardware address, and a valid username and password must be entered in a captive portal. The following is the audit report:

Which of the following is the most likely way a rogue device was allowed to connect?