SY0-601 CompTIA Exam Questions and Free Practice Test

Question 37

A company is launching a new internet platform for its clients. The company does not want to implement its own authorization solution but instead wants to rely on the authorization provided by another platform. Which of the following is the BEST approach to implement the desired solution?

A. OAuth

B. TACACS+

C. SAML

D. RADIUS

Correct Answer:D

Question 38

An organization recently recovered from a data breach. During the root cause analysis, the organization determined the source of the breach to be a personal cell phone that had been reported lost. Which of the following solutions should the organization implement to reduce the likelihood of future data breaches?

A. MDM

B. MAM

C. VDI

D. DLP

Correct Answer:A

Question 39

A vulnerability assessment report will include the CVSS score of the discovered vulnerabilities because the score allows the organization to better.

A. validate the vulnerability exists in the organization's network through penetration testing

B. research the appropriate mitigation techniques in a vulnerability database

C. find the software patches that are required to mitigate a vulnerability

D. prioritize remediation of vulnerabilities based on the possible impact.

Correct Answer:D

Question 40

Several employees return to work the day after attending an industry trade show. That same day, the security manager notices several malware alerts coming from each of the employee’s workstations. The security manager investigates but finds no signs of an attack on the perimeter firewall or the NIDS. Which of the following is MOST likely causing the malware alerts?

A. A worm that has propagated itself across the intranet, which was initiated by presentation media

B. A fileless virus that is contained on a vCard that is attempting to execute an attack

C. A Trojan that has passed through and executed malicious code on the hosts

D. A USB flash drive that is trying to run malicious code but is being blocked by the host firewall

Correct Answer:A

Question 41

Which of the following cloud models provides clients with servers, storage, and networks but nothing else?

A. SaaS

B. PaaS

C. IaaS

D. DaaS

Correct Answer:C

Question 42

The facilities supervisor for a government agency is concerned about unauthorized access to environmental systems in the event the staff WiFi network is breached. Which of the blowing would BEST address this security concern?

A. install a smart meter on the staff WiFi.

B. Place the environmental systems in the same DHCP scope as the staff WiFi.

C. Implement Zigbee on the staff WiFi access points.

D. Segment the staff WiFi network from the environmental systems network.

Correct Answer:D

START SY0-601 EXAM