SY0-601試験問題でリアルに更新された問題PDF [Q316-Q332]

SY0-601試験問題でリアルに更新された問題PDF

合格させる無料保証付きクイズ2025年最新の実際に出ると確認されたCompTIA

質問 # 316
A security analyst is creating baselines for the server team to follow when hardening new devices for deployment. Which of the following best describes what the analyst is creating?

A. Cybersecurity framework
B. Secure configuration guide
C. Change management procedure
D. Information security policy

正解：B

解説：
A secure configuration guide is a document that provides an overview of the security features and best practices for a specific product, system, or application. A secure configuration guide helps to reduce unnecessary cyber vulnerabilities and enhance overall security by applying consistent and standardized settings and policies. A security analyst can create baselines for the server team to follow when hardening new devices for deployment based on a secure configuration guide.
A . Change management procedure. This is not the correct answer, because a change management procedure is a document that describes the steps and processes for implementing, reviewing, and approving changes to an IT system or environment. A change management procedure helps to minimize the risks and impacts of changes on the system performance, availability, and security.
B . Information security policy. This is not the correct answer, because an information security policy is a document that defines the rules and principles for protecting the confidentiality, integrity, and availability of information assets within an organization. An information security policy helps to establish the roles and responsibilities of employees, managers, and stakeholders regarding information security.
C . Cybersecurity framework. This is not the correct answer, because a cybersecurity framework is a document that provides a set of standards, guidelines, and best practices for managing cybersecurity risks and improving resilience. A cybersecurity framework helps to align the business objectives and priorities with the security requirements and capabilities.
D . Secure configuration guide. This is the correct answer, because a secure configuration guide is a document that provides an overview of the security features and best practices for a specific product, system, or application. A secure configuration guide helps to reduce unnecessary cyber vulnerabilities and enhance overall security by applying consistent and standardized settings and policies.

質問 # 317
A report delivered to the Chief Information Security Officer (CISO) shows that some user credentials could be exfiltrated. The report also indicates that users tend to choose the same credentials on different systems and applications.
Which of the following policies should the CISO use to prevent someone from using the exfiltrated credentials?

A. MFA
B. Lockout
C. Time-based logins
D. Password history

正解：D

解説：
Password history - In this scenario, the report stated that some credentials could have been exfiltrated. This means that an unauthorized transfer of these credentials has occurred, possibly due to a security breach.
Password history policies determines the number of unique new passwords that must associated with a user's account before an old password be reused. Essentially forcing users to create new passwords on a regular basis. The reports that that there are users that reuse the same credentials and password history policies will be useful as users would have to create new unique passwords.
MFA could be a preventative measure as an attacker could have their credentials, but with MFA configured they would still need to have access to whatever the other element(s) that user has configured for the MFA process. However, this option does not prevent an attacker from using the exfiltrated credentials which is the primary concern in the scenario; so this doesn't directly address the issue. As password history policies would prevent previous passwords from being used after a password change.

質問 # 318
A company's help desk has received calls about the wireless network being down and users being unable to connect to it. The network administrator says all access pcints are up and running. One of the help desk technicians notices the affected users are working in a near the parking Jot Which Of the following IS the most likely reason for the outage?

A. Someone set up an evil twin access Print in the affected area.
B. Someone near the is jamming the signal.
C. A user has set up a rogue access point near building.
D. The APS in the affected area have been from the network

正解：B

解説：
Explanation
Wireless jamming is a way for an attacker to disrupt a wireless network and create a denial of ser-vice situation by decreasing the signal-to-noise ratio at the receiving device. The attacker would need to be relatively close to the wireless network to overwhelm the good signal. The other options are not likely to cause a wireless network outage for users near the parking lot.

質問 # 319
A web architect would like to move a company's website presence to the cloud. One of the management team's key concerns is resiliency in case a cloud provider's data center or network connection goes down. Which of the following should the web architect consider to address this concern?

A. Availability zones
B. Containers
C. Virtual private cloud
D. Segmentation

正解：A

解説：
Availability zones are the most appropriate cloud feature to address the concern of resiliency in case a cloud provider's data center or network connection goes down. Availability zones are physically separate locations within an Azure region that have independent power, cooling, and networking. Each availability zone is made up of one or more data centers and houses infrastructure to support highly available, mission-critical applications. Availability zones are connected with high-speed, private fiber-optic networks. Azure services that support availability zones fall into two categories: Zonal services - you pin the resource to a specific zone (for example, virtual machines, managed disks, IP addresses), or Zone-redundant services - platform replicates automatically across zones (for example, zone-redundant storage, SQL Database). To achieve comprehensive business continuity on Azure, build your application architecture using the combination of availability zones with Azure region pairs. You can synchronously replicate your applications and data using availability zones within an Azure region for high-availability and asynchronously replicate across Azure regions for disaster recovery protection.

質問 # 320
To reduce and limit software and infrastructure costs, the Chief Information Officer has requested to move email services to the cloud. The cloud provider and the organization must have security controls to protect sensitive dat a. Which of the following cloud services would BEST accommodate the request?

A. laas
B. Daas
C. Paas
D. SaaS

正解：D

質問 # 321
An enterprise has been experiencing attacks focused on exploiting vulnerabilities in older browser versions with well-known exploits. Which of the following security solutions should be configured to best provide the ability to monitor and block these known signature-based attacks?

A. DLP
B. ACL
C. IPS
D. IDS

正解：C

質問 # 322
A security engineer is reviewing log files after a third discovered usernames and passwords for the organization's accounts. The engineer sees there was a change in the IP address for a vendor website one earlier. This change lasted eight hours. Which of the following attacks was MOST likely used?

A. Evil twin
B. Spear-phishing
C. DNS poising
D. Man-in- the middle

正解：C

質問 # 323
An administrator is configuring a firewall rule set for a subnet to only access DHCP, web pages, and SFTP, and to specifically block FTP. Which of the following would BEST accomplish this goal?

A. Option A
B. Option B
C. Option C
D. Option D

正解：A

質問 # 324
An annual information security assessment has revealed that several OS-level configurations are not in compliance due to outdated hardening standards the company is using. Which of the following would be BEST to use to update and reconfigure the OS-level security configurations?

A. GDPR guidance
B. Regional regulations
C. CIS benchmarks
D. ISO 27001 standards

正解：C

解説：
Explanation
https://www.beyondtrust.com/resources/glossary/systems-hardening

質問 # 325
A security analyst was asked to evaluate a potential attack that occurred on a publicly accessible section of the company's website. The malicious actor posted an entry in an attempt to trick users into clicking the following:

Which of the following was most likely observed?

A. Session replay
B. SQLi
C. DLL injection
D. xss

正解：D

解説：
Cross-site scripting is a type of web application attack that involves injecting malicious code or scripts into a trusted website or application. The malicious code or script can execute in the browser of the victim who visits the website or application, and can perform actions such as stealing cookies, redirecting to malicious sites, displaying fake content, or compromising the system. References:
https://www.comptia.org/blog/what-is-cross-site-scripting
https://www.certblaster.com/wp-content/uploads/2020/11/CompTIA-Security-SY0-601-Exam-Objectives-1.0.pd

質問 # 326
A security engineer at an offline government facility is concerned about the validity of an SSL certificate. The engineer wants to perform the fastest check with the least delay to determine if the certificate has been revoked.
Which of the following would BEST these requirement?

A. CRL
B. CSR
C. OCSP
D. RA

正解：A

質問 # 327
A security analyst discovers several .jpg photos from a cellular phone during a forensics investigation involving a compromised system. The analyst runs a forensics tool to gather file metadat
a. Which of the following would be part of the images if all the metadata is still intact?

A. When the file was deleted
B. The total number of print jobs
C. The GPS location
D. The number of copies made

正解：C

質問 # 328
Which of the following must be in place before implementing a BCP?

A. SLA
B. BIA
C. NDA
D. AUP

正解：B

質問 # 329
A company uses a SaaS vendor to host its customer database. The company would like to reduce the risk of customer data exposure if the systems are breached. Which of the following risks should the company focus on to achieve this objective?

A. Access auditing
B. Supply chain
C. Open ports and services1
D. Outsourced code development

正解：B

解説：
Supply chain security is management of the supply chain that focuses on risk management of external suppliers, vendors, logistics, and transportation.

質問 # 330
Joe, a user at a company, clicked an email link led to a website that infected his workstation. Joe, was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and It has continues to evade detection. Which of the following should administrator implement to protect the environment from this malware?

A. Implement CASB to protect the network shares.
B. Implement a heuristic behavior-detection solution.
C. Implement an IDS/IPS
D. Install a definition-based antivirus.

正解：B

解説：
Heuristic analysis is also one of the few methods capable of combating polymorphic viruses - the term for malicious code that constantly changes and adapts. Heuristic analysis is incorporated into advanced security solutions offered by companies like Kaspersky Labs to detect new threats before they cause harm, without the need for a specific signature. https://usa.kaspersky.com/resource-center/definitions/heuristic-analysis

質問 # 331
A systems administrator needs to install a new wireless network for authenticated guest access.
The wireless network should support 802.1X using the most secure encryption and protocol available.
Perform the following slops:
1. Configure the RADIUS server.
2. Configure the WiFi controller.
3. Preconfigure the client for an incoming guest.
The guest AD credentials are:
User: guest01
Password: guestpass