Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

SY0-601Free trial

By comptia

Verified

25Q per page

Question 76

A company is under investigation for possible fraud. As part of the investigation, the authorities need to review all emails and ensure data is not deleted. Which of the following should the company implement to assist in the investigation?

A: Legal hold
B: Chain of custody
C: Data loss prevention
D: Content filter

—

Question 77

A user wanted to catch up on some work over the weekend but had issues logging in to the corporate network using a VPN. On Monday, the user opened a ticket for this issue but was able to log in successfully. Which of the following BEST describes the policy that is being implemented?

A: Time-based logins
B: Geofencing
C: Network location
D: Password history

—

Question 78

A user enters a username and a password at the login screen for a web portal. A few seconds later the following message appears on the screen:
Please use a combination of numbers, special characters, and letters in the password field.
Which of the following concepts does this message describe?

A: Password complexity
B: Password reuse
C: Password history
D: Password age

—

Question 79

A major political party experienced a server breach. The hacker then publicly posted stolen internal communications concerning campaign strategies to give the opposition party an advantage. Which of the following BEST describes these threat actors?

A: Semi-authorized hackers
B: State actors
C: Script kiddies
D: Advanced persistent threats

—

Question 80

A company is required to continue using legacy software to support a critical service. Which of the following BEST explains a risk of this practice?

A: Default system configuration
B: Unsecure protocols
C: Lack of vendor support
D: Weak encryption

—

Question 81

A security analyst has been tasked with ensuring all programs that are deployed into the enterprise have been assessed in a runtime environment. Any critical issues found in the program must be sent back to the developer for verification and remediation. Which of the following BEST describes the type of assessment taking place?

A: Input validation
B: Dynamic code analysis
C: Fuzzing
D: Manual code review

—

Question 82

Which of the following can work as an authentication method and as an alerting mechanism for unauthorized access attempts?

A: Smart card
B: Push notifications
C: Attestation service
D: HMAC-based
E: one-time password

—

Question 83

A company has a flat network in the cloud. The company needs to implement a solution to segment its production and non-production servers without migrating servers to a new network. Which of the following solutions should the company implement?

A: Intranet
B: Screened subnet
C: VLAN segmentation
D: Zero Trust

—

Question 84

The president of a regional bank likes to frequently provide SOC tours to potential investors. Which of the following policies BEST reduces the risk of malicious activity occurring after a tour?

A: Password complexity
B: Acceptable use
C: Access control
D: Clean desk

—

Question 85

A Chief Information Security Officer has defined resiliency requirements for a new data center architecture. The requirements are as follows:

Critical fileshares will remain accessible during and after a natural disaster.
Five percent of hard disks can fail at any given time without impacting the data.
Systems will be forced to shut down gracefully when battery levels are below 20%.
Which of the following are required to BEST meet these objectives? (Choose three.)

—

Question 86

Which of the following is a security best practice that ensures the integrity of aggregated log files within a SIEM?

A: Set up hashing on the source log file servers that complies with local regulatory requirements.
B: Back up the aggregated log files at least two times a day or as stated by local regulatory requirements.
C: Write protect the aggregated log files and move them to an isolated server with limited access.
D: Back up the source log files and archive them for at least six years or in accordance with local regulatory requirements.

—

Question 87

A security analyst is evaluating the risks of authorizing multiple security solutions to collect data from the company's cloud environment. Which of the following is an immediate consequence of these integrations?

A: Non-compliance with data sovereignty rules
B: Loss of the vendors interoperability support
C: Mandatory deployment of a SIEM solution
D: Increase in the attack surface

—

Question 88

Which of the following explains why RTO is included in a BIA?

A: It identifies the amount of allowable downtime for an application or system.
B: It prioritizes risks so the organization can allocate resources appropriately.
C: It monetizes the loss of an asset and determines a break-even point for risk mitigation.
D: It informs the backup approach so that the organization can recover data to a known time.

—

Question 89

A company recently experienced an inside attack using a corporate machine that resulted in data compromise. Analysis indicated an unauthorized change to the software circumvented technological protection measures. The analyst was tasked with determining the best method to ensure the integrity of the systems remains intact and local and remote boot attestation can take place. Which of the following would provide the BEST solution?

A: HIPS
B: FIM
C: TPM
D: DLP

—

Question 90

A security analyst is reviewing web-application logs and finds the following log:

Which of the following attacks is being observed?

A: Directory traversal
B: XSS
C: CSRF
D: On-path attack

—

Question 91

A security analyst is reviewing the vulnerability scan report for a web server following an incident. The vulnerability that was used to exploit the server is present in historical vulnerability scan reports, and a patch is available for the vulnerability. Which of the following is the MOST likely cause?

A: Security patches were uninstalled due to user impact.
B: An adversary altered the vulnerability scan reports
C: A zero-day vulnerability was used to exploit the web server
D: The scan reported a false negative for the vulnerability

—

Question 92

Which of the following is a known security risk associated with data archives that contain financial information?

A: Data can become a liability if archived longer than required by regulatory guidance.
B: Data must be archived off-site to avoid breaches and meet business requirements.
C: Companies are prohibited from providing archived data to e-discovery requests.
D: Unencrypted archives should be preserved as long as possible and encrypted.

—

Question 93

Which of the following BEST describes the process of documenting who has access to evidence?

A: Order of volatility
B: Chain of custody
C: Non-repudiation
D: Admissibility

—

Question 94

A systems engineer wants to leverage a cloud-based architecture with low latency between network-connected devices that also reduces the bandwidth that is required by performing analytics directly on the endpoints. Which of the following would BEST meet the requirements? (Choose two.)

A: Private cloud
B: SaaS
C: Hybrid cloud
D: IaaS
E: DRaaS
F: Fog computing

—

Question 95

Which of the following is a policy that provides a greater depth and breadth of knowledge across an organization?

A: Asset management policy
B: Separation of duties policy
C: Acceptable use policy
D: Job rotation policy

—

Question 96

A company is moving its retail website to a public cloud provider. The company wants to tokenize credit card data but not allow the cloud provider to see the stored credit card information. Which of the following would BEST meet these objectives?

A: WAF
B: CASB
C: VPN
D: TLS

—

Question 97

A security analyst is tasked with defining the "something you are" factor of the company's MFA settings. Which of the following is BEST to use to complete the configuration?

A: Gait analysis
B: Vein
C: Soft token
D: HMAC-based, one-time password

—

Question 98

Which of the following processes will eliminate data using a method that will allow the storage device to be reused after the process is complete?

A: Pulverizing
B: Overwriting
C: Shredding
D: Degaussing

—

Question 99

A user's account is constantly being locked out. Upon further review, a security analyst found the following in the SIEM:

Which of the following describes what is occurring?

A: An attacker is utilizing a password-spraying attack against the account.
B: An attacker is utilizing a dictionary attack against the account.
C: An attacker is utilizing a brute-force attack against the account.
D: An attacker is utilizing a rainbow table attack against the account.

—

Question 100

Which of the following is a reason to publish files' hashes?

A: To validate the integrity of the files
B: To verify if the software was digitally signed
C: To use the hash as a software activation key
D: To use the hash as a decryption passphrase

—

Page 4 of 35 • Questions 76-100 of 860

←

2 3 4 5 6

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!