최신 SY0-601 무료덤프 - CompTIA Security+
Which of the following security program audits includes a comprehensive evaluation of the security controls in place at an organization over a six- to 12-month time period?
정답: C
Which of the following is the most likely way a rogue device was allowed to connect'?
정답: C
A large industrial system's smart generator monitors the system status and sends alerts to third-party maintenance personnel when critical failures occur. While reviewing the network logs, the company's security manager notices the generator's IP is sending packets to an internal file server's IP. Which of the following mitigations would be best for the security manager to implement while maintaining alerting capabilities?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
A network administrator added a new router to the network. Which of the following should the administrator do first when configuring the router?
정답: A
A security engineer obtained the following output from a threat intelligence source that recently performed an attack on the company's server:
Which of the following best describes this kind of attack?
Which of the following best describes this kind of attack?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
The management team has requested that the security team implement 802.1X into the existing wireless network setup. The following requirements must be met:
* Minimal interruption to the end user
* Mutual certificate validation
Which of the following authentication protocols would meet these requirements?
* Minimal interruption to the end user
* Mutual certificate validation
Which of the following authentication protocols would meet these requirements?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
A company requires that all user authentication against a core directory service must be secure. Which of the following should the company implement to meet this requirement?
정답: A
Users are reporting performance issues from a specific application server A security administrator notices that user traffic is being intermittently denied depending on which load balancer the traffic is originating from Which of the following types of log files should be used to capture this information?
정답: C
A security administrator needs to inspect in-transit files on the enterprise network to search for PI I credit card data, and classification words Which of the following would be the best to use?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
Which of the following environments would MOST likely be used to assess the execution of component parts of a system at both the hardware and software levels and to measure performance characteristics?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
A developer is building a new portal to deliver single-pane-of-glass management capabilities to customers with multiple firewalls. To Improve the user experience, the developer wants to implement an authentication and authorization standard that uses security tokens that contain assertions to pass user Information between nodes. Which of the following roles should the developer configure to meet these requirements? (Select TWO).
정답: A,E
설명: (DumpTOP 회원만 볼 수 있음)
Which Of the following is the best method for ensuring non-repudiation?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
A company wants to deploy PKI on its internet-facing website The applications that are currently deployed are
* www company.com (mam website)
* contact us company com (for locating a nearby location)
* quotes company.com (for requesting a price quote)
The company wants to purchase one SSL certificate that will work for all the existing applications and any future applications that follow the same naming conventions, such as store company com Which of the following certificate types would best meet the requirements?
* www company.com (mam website)
* contact us company com (for locating a nearby location)
* quotes company.com (for requesting a price quote)
The company wants to purchase one SSL certificate that will work for all the existing applications and any future applications that follow the same naming conventions, such as store company com Which of the following certificate types would best meet the requirements?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
Which of the following best describes a use case for a DNS sinkhole?
정답: A
A company's marketing department collects, modifies, and stores sensitive customer dat a. The infrastructure team is responsible for Securing the data while in transit and at rest. Which of the following data roles describes the customer?
정답: D
A server administrator is reporting performance issues when accessing all internal resources. Upon further investigation, the security team notices the following:
* A user's endpoint has been compromised and is broadcasting its MAC as the default gateway's MAC throughout the LAN.
* Traffic to and from that endpoint is significantly greater than all other similar endpoints on the LAN.
* Network ports on the LAN are not properly configured.
* Wired traffic is not being encrypted properly.
Which of the following attacks is most likely occurring?
* A user's endpoint has been compromised and is broadcasting its MAC as the default gateway's MAC throughout the LAN.
* Traffic to and from that endpoint is significantly greater than all other similar endpoints on the LAN.
* Network ports on the LAN are not properly configured.
* Wired traffic is not being encrypted properly.
Which of the following attacks is most likely occurring?
정답: C
Which of the following is a method used by some organizations to recognize and compensate security researchers for finding exploits and vulnerabilities?
정답: B
An information security officer at a credit card transaction company is conducting a framework-mapping exercise with the internal controls. The company recently established a new office in Europe. To which of the following frameworks should the security officer map the existing controls' (Select two).
정답: B,F
설명: (DumpTOP 회원만 볼 수 있음)
While reviewing the /etc/shadow file, a security administrator notices files with the same values. Which of the following attacks should the administrator be concerned about?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)