Practice Exams:

Free SY0-601 Exam Braindumps

Pass your CompTIA Security+ Exam exam with these free Questions and Answers

Page 20 of 107
PDF with 534 Questions
QUESTION 91

- (Exam Topic 2)
Which of the following is the BEST action to foster a consistent and auditable incident response process?

  1. A. Incent new hires to constantly update the document with external knowledge.
  2. B. Publish the document in a central repository that is easily accessible to the organization.
  3. C. Restrict eligibility to comment on the process to subject matter experts of each IT silo.
  4. D. Rotate CIRT members to foster a shared responsibility model in the organization.

Correct Answer: B

QUESTION 92

- (Exam Topic 6)
A security analyst is using OSINT to gather information to verity whether company data is available publicly. Which of the following is the BEST application for the analyst to use?

  1. A. theHarvester
  2. B. Cuckoo
  3. C. Nmap
  4. D. Nessus

Correct Answer: A
TheHarvester is a reconnaissance tool that is used to gather information about a target organization, such as email addresses, subdomains, and IP addresses. It can also be used to gather information about a target individual, such as email addresses, phone numbers, and social media profiles. TheHarvester is specifically designed for OSINT (Open-Source Intelligence) and it can be used to discover publicly available information about a target organization or individual.

QUESTION 93

- (Exam Topic 3)
Which of the following is MOST likely to outline the roles and responsibilities of data controllers and data processors?

  1. A. SSAE SOC 2
  2. B. PCI DSS
  3. C. GDPR
  4. D. ISO 31000

Correct Answer: C

QUESTION 94

- (Exam Topic 4)
Aweb server administrator has redundant servers and needs to ensure failover to the secondary server when the primary server goes down. Which of the following should the administrator implement to avoid disruption?

  1. A. NIC teaming
  2. B. High availability
  3. C. Dual power supply
  4. D. laaS

Correct Answer: B

QUESTION 95

- (Exam Topic 3)
An attacker is exploiting a vulnerability that does not have a patch available. Which of the following is the attacker exploiting?

  1. A. Zero-day
  2. B. Default permissions
  3. C. Weak encryption
  4. D. Unsecure root accounts

Correct Answer: A

Page 20 of 107
PDF with 534 Questions

Post your Comments and Discuss CompTIA SY0-601 exam with other Community members: