SY0-601無料問題集「CompTIA Security+」

質問 1

A security analyst needs to implement an MDM solution for BYOD users that will allow the company to retain control over company emails residing on the devices and limit data exfiltration that might occur if the devices are lost or stolen.Which of the following would BEST meet these requirements? (Select TWO).

（A）Geofencing

（B）Remote control

（C）Full-device encryption

（D）Application whitelisting

（E）Network usage rules

（F）Containerization

正解：D、F 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

A security administrator is configuring fileshares. The administrator removed the default permissions and added permissions for only users who will need to access the fileshares as part of their job duties. Which of the following best describes why the administrator performed these actions?

（A）Data replication requirements

（B）Access control monitoring

（C）Encryption standard compliance

（D）Least privilege

正解：D 解答を投票する

質問 3

During a security assessment, a security finds a file with overly permissive permissions. Which of the following tools will allow the analyst to reduce the permission for the existing users and groups and remove the set-user-ID from the file?

（A）setuid

（B）chmod

（C）chflags

（D）1s

（E）lsof

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

Which of the following function as preventive, detective, and deterrent controls to reduce the risk of physical theft? (Select TWO).

（A）Bollards

（B）Antivirus

（C）Mantraps

（D）Fences

（E）Security guards

（F）Video surveillance

正解：C、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Which of the following examples would be best mitigated by input sanitization?

（A）Browser message: "Your connection is not private

（B）<script>alert("Warning!") ;</script>

（C）nmap -p- 10.11.1.130

（D）Email message: "Click this link to get your free gift card."

正解：B 解答を投票する

質問 6

A local server recently crashed, and the team is attempting to restore the server from a backup. During the restore process, the team notices the file size of each daily backup is large and will run out of space at the current rate.
The current solution appears to do a full backup every night. Which of the following would use the least amount of storage space for backups?

（A）A weekly, full backup with daily incremental backups

（B）A weekly, full backup with daily snapshot backups

（C）A weekly, full backup with daily differential backups

（D）A weekly, incremental backup with daily differential backups

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Which of the following threat actors is most likely to use a high level of sophistication and potentially zero-day exploits to target organizations and systems?

（A）Script kiddies

（B）Ethical hackers

（C）Hacktivists

（D）APT groups

正解：D 解答を投票する

質問 8

Which of the following assists in training employees on the importance of cybersecurity?

（A）Social media analysis

（B）Employee handbook

（C）Phishing campaigns

（D）Acceptable use policy

正解：C 解答を投票する

質問 9

A store receives reports that shoppers' credit card information is being stolen. Upon further analysis, those same shoppers also withdrew money from an ATM in that store.
The attackers are using the targeted shoppers' credit card information to make online purchases. Which of the following attacks is the MOST probable cause?

（A）Identity theft

（B）Card skimming

（C）RFID cloning

（D）Shoulder surfing

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

Which of the technologies is used to actively monitor for specific file types being transmitted on the network?

（A）Data loss prevention

（B）Tcpreplay

（C）Honeynets

（D）File integrity monitoring

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

Which of the following are cases in which an engineer should recommend the decommissioning of a network device? (Select two).

（A）The device is moved to a different location in the enterprise.

（B）The device is configured to use cleartext passwords.

（C）The device's encryption level cannot meet organizational standards.

（D）The device has been moved from a production environment to a test environment.

（E）The device is unable to receive authorized updates.

（F）The device is moved to an isolated segment on the enterprise network.

正解：B、C 解答を投票する

質問 12

Which Of the following will provide the best physical security countermeasures to Stop intruders? (Select two).

（A）Lighting

（B）Fencing

（C）Alarm

（D）Sensors

（E）Signage

（F）Access control vestibules

正解：A、B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 13

Which of the following must be considered when designing a high-availability network? (Select two).

（A）Ability to patch

（B）Responsiveness

（C）Extensible authentication

（D）Attack surface

（E）Ease of recovery

（F）Physical isolation

正解：E、F 解答を投票する

質問 14

An annual information security assessment has revealed that several OS-level configurations are not in compliance due to outdated hardening standards the company is using. Which of the following would be best to use to update and reconfigure the OS-level security configurations?

（A）Regional regulations

（B）ISO 27001 standards

（C）GDPR guidance

（D）CIS benchmarks

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 15

An attacker is attempting to harvest user credentials on a client's website. A security analyst notices multiple attempts of random usernames and passwords. When the analyst types in a random username and password, the logon screen displays the following message:
The username you entered does not exist.
Which of the following should the analyst recommend be enabled?

（A）Username lockout

（B）Error handling

（C）Obfuscation

（D）Input validation

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 16

During a recent company safety stand-down, the cyber-awareness team gave a presentation on the importance of cyber hygiene. One topic the team covered was best practices for printing centers. Which of the following describes an attack method that relates to printing centers?

（A）Credential harvesting

（B）Prepending

（C）Dumpster diving

（D）Whaling

正解：C 解答を投票する

SY0-601 無料問題集「CompTIA Security+」

弊社を連絡する

関連リンク

トップ試験