Topics

Recap failed questions. An organization is migrating several SaaS applications that support SSO. The security manager wants to ensure the migration is completed securely. Which of the following application integration aspects should the organization consider before focusing into underlying implementation details? (Choose two.)

Which of the following is MOST likely to contain ranked and ordered information on the likelihood and potential impact of catastrophic events that may affect business processes and systems, while also highlighting the residual risks that need to be managed after mitigating controls have been implemented?

zone transfers

A Chief Information Security Officer wants to ensure the organization is validating and checking the integrity of zone transfers. Which of the following solutions should be implemented?

- A. DNSSEC

casb2

A company is moving its retail website to a public cloud provider. The company wants to tokenize credit card data but not allow the cloud provider to see the stored credit card information. Which of the following would BEST meet these objectives?

fog

A systems engineer wants to leverage a cloud-based architecture with low latency between network-connected devices that also reduces the bandwidth that is required by performing analytics directly on the endpoints. Which of the following would BEST meet the requirements? (Choose two.)

While a private cloud can provide security and control, it may not be as suitable for “low-latency” requirements in scenarios involving network-connected devices. Hybrid cloud environments can also incorporate edge computing, which processes data closer to the source (devices) to reduce latency and improve performance.

vuln

A security analyst is reviewing the vulnerability scan report for a web server following an incident. The vulnerability that was used to exploit the server is present in historical vulnerability scan reports, and a patch is available for the vulnerability. Which of the following is the MOST likely cause?

rto

Which of the following explains why RTO is included in a BIA?

The Recovery Time Objective (RTO) is the maximum amount of time allowed for the recovery of a business process or system after a disruption occurs. It is an essential component of a Business Impact Analysis (BIA) because it helps to determine the criticality of various systems and applications within an organization. By understanding the RTO for each system, an organization can prioritize its recovery efforts and allocate resources appropriately to minimize downtime and ensure continuity of operations.

PKI
  1. Business partners are working on a security mechanism to validate transactions securely. The requirement is for one company to be responsible for deploying a trusted solution that will register and issue artifacts used to sign, encrypt, and decrypt transaction files. Which of the following is the BEST solution to adopt?
Preventive&Detective
  1. A Chief Security Officer (CSO) is concerned that cloud-based services are not adequately protected from advanced threats and malware. The CSO believes there is a high risk that a data breach could occur in the near future due to the lack of detective and preventive controls. Which of the following should be implemented to BEST address the CSO’s concerns? (Choose two.)

An NG-SWG combines traditional secure web gateway capabilities with advanced security features such as advanced threat detection, sandboxing, data loss prevention, and SSL/TLS inspection. By deploying an NG-SWG, organizations can apply granular security policies to monitor and control web traffic to and from cloud-based services, ensuring that malicious activity is detected and blocked. The NG-SWG can provide advanced threat intelligence, content filtering, and behavioral analysis to protect against known and unknown threats. It also offers visibility into user activities, allowing organizations to detect anomalies and potential security breaches. A Cloud Access Security Broker (CASB) can also help address the concerns by providing additional security controls and visibility into cloud-based services. A CASB acts as an intermediary between users and cloud service providers, allowing organizations to enforce security policies, monitor user activity, and detect and prevent unauthorized access to cloud resources.-

Password History

Multiple business accounts were compromised a few days after a public website had its credentials database leaked on the Internet. No business emails were identified in the breach, but the security team thinks that the list of passwords exposed was later used to compromise business accounts. Which of the following would mitigate the issue?

Reveal Solution

Memory Leak

A systems administrator reports degraded performance on a virtual server. The administrator increases the virtual memory allocation, which improves conditions, but performance degrades again after a few days. The administrator runs an analysis tool and sees the following output:
==3214== timeAttend.exe analyzed
==3214== ERROR SUMMARY:
==3214== malloc/free: in use at exit: 4608 bytes in 18 blocks.
==3214== checked 82116 bytes
==3214== definitely lost: 4608 bytes in 18 blocks.
The administrator terminates the timeAttend.exe, observes system performance over the next few days, and notices that the system performance does not degrade. Which of the following issues is MOST likely occurring?

A memory leak occurs when a program or process does not release memory resources properly after it is no longer needed. As a result, memory consumption continues to increase over time, leading to degraded performance and potential system instability. In this case, the system administrator observed degraded performance on the virtual server, which improved temporarily after increasing the virtual memory allocation. However, the performance degraded again after a few days. The output of the analysis tool indicates that there are 4608 bytes in 18 blocks of memory that are "definitely lost" at the time of exit. By terminating the "timeAttend.exe" process and observing that the system performance does not degrade afterward, it suggests that the memory leak issue was related to the "timeAttend.exe" process. Terminating the process would release the allocated memory, resolving the memory leak and improving system performance.

Transit Gateway

Which of the following components can be used to consolidate and forward inbound internet traffic to multiple cloud environments though a single firewall?

Scalability

DDoS attacks are causing an overload on the cluster of cloud servers. A security architect is researching alternatives to make the cloud environment respond to load fluctuation in a cost-effective way. Which of the following options BEST fulfills the architect’s requirements?

An orchestration solution that can adjust the scalability of cloud assets is the best option to fulfill the security architect’s requirements. Orchestration in the context of cloud computing refers to the automated management and coordination of various cloud resources to handle changes in demand and optimize performance. By using an orchestration solution, the cloud environment can dynamically scale resources up or down based on load fluctuations caused by DDoS attacks or any other factors. This allows the organization to respond to changing demands in a cost-effective and efficient manner.

Context aware authentication

A security proposal was set up to track requests for remote access by creating a baseline of the users’ common sign-in properties. When a baseline deviation is detected, an MFA challenge will be triggered. Which of the following should be configured in order to deploy the proposal?

Context-Aware authentication -> An access control scheme that verifies an object's identity based on various environmental factors, like time, location, and behavior.

casb

The Chief Information Security Officer directed a risk reduction in shadow IT and created a policy requiring all unsanctioned high-risk SaaS applications to be blocked from user access. Which of the following is the BEST security solution to reduce this risk?

cloud access security broker (CASB) is on-premises or cloud-based software that sits between a cloud service consumer and a cloud service provider. It serves as a tool for enforcing an organization's security policies through risk identification and regulation compliance whenever its cloud-residing data is accessed.

AUP

Users are presented with a banner upon each login to a workstation. The banner mentions that users are not entitled to any reasonable expectation of privacy and access is for authorized personnel only. In order to proceed past that banner, users must click the OK button. Which of the following is this an example of?

Certs

An untrusted SSL certificate was discovered during the most recent vulnerability scan. A security analyst determines the certificate is signed properly and is a valid wildcard. This same certificate is installed on the other company servers without issue. Which of the following is the MOST likely reason for this finding?

- A. The required intermediate certificate is not loaded as part of the certificate chain.

RAID covers the 5% disk failure UPS covers the graceful shutdown Geo Disp covers the critical file shares remain available during disaster

120. As part of a security compliance assessment, an auditor performs automated vulnerability scans. In addition, which of the following should the auditor do to complete the assessment? 

	- A. User behavior analysis
	- B. Packet captures
	- C. Configuration reviews
	- D. Log analysis

duda

Which of the following is the BEST action to foster a consistent and auditable incident response process?

An organization implemented a process that compares the settings currently configured on systems against secure configuration guidelines in order to identify any gaps. Which of the following control types has the organization implemented?

An organization wants to implement a biometric system with the highest likelihood that an unauthorized user will be denied access. Which of the following should the organization use to compare biometric solutions?

Which of the following control types would be BEST to use in an accounting department to reduce losses from fraudulent transactions?

A company labeled some documents with the public sensitivity classification. This means the documents can be accessed by:

Fingerprint

A security analyst wants to fingerprint a web server. Which of the following tools will the security analyst MOST likely use to accomplish this task?

-

dudas 15/02

https://www.examtopics.com/discussions/comptia/view/81119-exam-sy0-601-topic-1-question-190-discussion/ A web server has been compromised due to a ransomware attack. Further investigation reveals the ransomware has been in the server for the past 72 hours. The systems administrator needs to get the services back up as soon as possible. Which of the following should the administrator use to restore services to a secure state?

https://www.examtopics.com/discussions/comptia/view/78867-exam-sy0-601-topic-1-question-191-discussion/

https://www.examtopics.com/discussions/comptia/view/80151-exam-sy0-601-topic-1-question-197-discussion/ https://www.examtopics.com/discussions/comptia/view/79209-exam-sy0-601-topic-1-question-202-discussion/ https://www.examtopics.com/discussions/comptia/view/78760-exam-sy0-601-topic-1-question-204-discussion/ https://www.examtopics.com/discussions/comptia/view/78875-exam-sy0-601-topic-1-question-208-discussion/ https://www.examtopics.com/discussions/comptia/view/84549-exam-sy0-601-topic-1-question-216-discussion/ https://www.examtopics.com/discussions/comptia/view/74664-exam-sy0-601-topic-1-question-316-discussion/

https://www.examtopics.com/discussions/comptia/view/84944-exam-sy0-601-topic-1-question-235-discussion/

https://www.examtopics.com/discussions/comptia/view/84711-exam-sy0-601-topic-1-question-239-discussion/

nose

Which of the following holds staff accountable while escorting unauthorized personnel?

A vulnerability has been discovered and a known patch to address the vulnerability does not exist. Which of the following controls works BEST until a proper fix is released?

n attacker replaces a digitally signed document with another version that goes unnoticed. Upon reviewing the document’s contents, the author notices some additional verbiage that was not originally in the document but cannot validate an integrity issue. Which of the following attacks was used?