최신 SY0-601 무료덤프 - CompTIA Security+
Visitors to a secured facility are required to check in with a photo ID and enter the facility through an access control vestibule. Which of the following best describes this form of security control?
정답: D
A research company discovered that an unauthorized piece of software has been detected on a small number of machines in its lab The researchers collaborate with other machines using port 445 and on the internet using port 443 The unau-thorized software is starting to be seen on additional machines outside of the lab and is making outbound communications using HTTPS and SMS. The security team has been instructed to resolve the issue as quickly as possible while causing minimal disruption to the researchers. Which of the following is the best course Of action in this scenario?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
A worldwide manufacturing company has been experiencing email account compromises. In one incident, a user logged in from the corporate office in France, but then seconds later, the same user account attempted a login from Brazil. Which of the following account policies would best prevent this type of attack?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
A company would like to provide employees with computers that do not have access to the internet in order to prevent information from being leaked to online forum. Which of the following would be best for the systems administrator to implement?
정답: B
A security analyst is reviewing an IDS alert and sees the following:
Which of the following triggered the IDS alert?
Which of the following triggered the IDS alert?
정답: D
A security analyst is taking part in an evaluation process that analyzes and categorizes threat actors Of real-world events in order to improve the incident response team's process. Which Of the following is the analyst most likely participating in?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
A company is required to continue using legacy software to support a critical service. Which of the following BEST explains a risk of this practice?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
The IT department's on-site developer has been with the team for many years. Each lime an application is released; the security team is able to identify multiple vulnerabilities Which of the Mowing would best help the team ensure the application is ready to be released to production?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
A security engineer learns that a non-critical application was compromised. The most recent version of the application includes a malicious reverse proxy while the application is running. Which of the following should the engineer is to quickly contain the incident with the least amount of impact?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
A data administrator is configuring authentication for a SaaS application and would like to reduce the number of credentials employees need to maintain. The company prefers to use domain credentials to access new SaaS applications. Which of the following methods would allow this functionality?
정답: A
A bank insists all of its vendors must prevent data loss on stolen laptops. Which of the following strategies is the bank requiring?
정답: D
A newly appointed board member with cybersecurity knowledge wants the board of directors to receive a quarterly report detailing the number of incidents that impacted the organization. The systems administrator is creating a way to present the data to the board of directors. Which of the following should the systems administrator use?
정답: D
An employee's company account was used in a data breach Interviews with the employee revealed:
* The employee was able to avoid changing passwords by using a previous password again.
* The account was accessed from a hostile, foreign nation, but the employee has never traveled to any other countries.
Which of the following can be implemented to prevent these issues from reoccuring? (Select TWO)
* The employee was able to avoid changing passwords by using a previous password again.
* The account was accessed from a hostile, foreign nation, but the employee has never traveled to any other countries.
Which of the following can be implemented to prevent these issues from reoccuring? (Select TWO)
정답: C,D
설명: (DumpTOP 회원만 볼 수 있음)
Which of the following disaster recovery tests is the LEAST time consuming for the disaster recovery team?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
Which of the following secure coding practices involves keeping business logic within a database?
정답: D
A security engineer is working to address the growing risks that shadow IT services are introducing to the organization. The organization has taken a cloud-first approach and does not have an on-premises IT infrastructure. Which of the following would best secure the organization'?
정답: B
A company would like to move to the cloud. The company wants to prioritize control and security over cost and ease of management. Which of the following cloud models would best suit this company's priorities?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
Which of the following methods can be used to detect attackers who have successfully infiltrated a network? (Select two).
정답: B,E
An internet company has created a new collaboration application. To expand the user base, the company wants to implement an option that allows users to log in to the application with the credentials of other popular websites. Which of the following should the company implement?
정답: D
A security analyst needs to centrally manage credentials and permissions to the company's network devices. The following security requirements must be met:
* All actions performed by the network staff must be logged.
* Per-command permissions must be possible.
* The authentication server and the devices must communicate through TCP.
Which of the following authentication protocols should the analyst choose?
* All actions performed by the network staff must be logged.
* Per-command permissions must be possible.
* The authentication server and the devices must communicate through TCP.
Which of the following authentication protocols should the analyst choose?
정답: B