SY0-601 CompTIA Exam Questions and Free Practice Test

Question 49

A security analyst is investigating a vulnerability in which a default file permission was set incorrectly. The company uses non-credentialed scanning for vulnerability management.
Which of the following tools can the analyst use to verify the permissions?

A. ssh

B. chmod

C. 1s

D. setuid

E. nessus

F. nc

Correct Answer:B

Question 50

A security analyst sees the following log output while reviewing web logs:
Which of the following mitigation strategies would be BEST to prevent this attack from being successful?

A. Secure cookies

B. Input validation

C. Code signing

D. Stored procedures

Correct Answer:B

Question 51

A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use. Which of the following should the engineer do to determine the issue? (Choose two.)

A. Perform a site survey

B. Deploy an FTK Imager

C. Create a heat map

D. Scan for rogue access points

E. Upgrade the security protocols

F. Install a captive portal

Correct Answer:AC

Question 52

A forensics examiner is attempting to dump password cached in the physical memory of a live system but keeps receiving an error message. Which of the following BEST describes the cause of the error?

A. The examiner does not have administrative privileges to the system

B. The system must be taken offline before a snapshot can be created

C. Checksum mismatches are invalidating the disk image

D. The swap file needs to be unlocked before it can be accessed

Correct Answer:D

Question 53

An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification?

A. It allows for the sharing of digital forensics data across organizations

B. It provides insurance in case of a data breach

C. It provides complimentary training and certification resources to IT security staff.

D. It certifies the organization can work with foreign entities that require a security clearance

E. It assures customers that the organization meets security standards

Correct Answer:E

Question 54

An organization would like to remediate the risk associated with its cloud service provider not meeting its advertised 99.999% availability metrics. Which of the following should the organization consult for the exact requirements for the cloud provider?

A. SLA

B. BPA

C. NDA

D. MOU

Correct Answer:A

START SY0-601 EXAM