Free SY0-601 Sample Questions — CompTIA Security+ 2021

Which of the following is the MOST relevant security check to be performed before embedding third-party libraries in developed code?

• A. Check to see if the third party has resources to create dedicated development and staging environments
• B. Verify the number of companies that downloaded the third-party code and the number of contributions on the code repository
• C. Assess existing vulnerabilities affecting the third-party code and the remediation efficiency of the libraries' developers
• D. Read multiple penetration-testing reports for environments running software that reused the library

An IT manager is estimating the mobile device budget for the upcoming year. Over the last five years, the number of devices that were replaced due to loss, damage, or theft steadily increased by 10%. Which of the following would BEST describe the estimated number of devices to be replaced next year?

• A. ALE
• B. ARO
• C. RPO
• D. SLE

An organization is having difficulty correlating events from its individual AV, EDR, DLP, SWG, WAF, MDM, HIPS, and CASB systems. Which of the following is the best way to improve the situation?

• A. Remove expensive systems that generate few alerts
• B. Modify the systems to alert only on critical issues
• C. Utilize a SIEM to centralize logs and dashboards
• D. Implement a new syslog/NetFlow appliance

The Chief Compliance Officer from a bank has approved a background check policy for all new hires. Which of the following is the policy MOST likely protecting against?

• A. Preventing any current employees' siblings from working at the bank to prevent nepotism
• B. Hiring an employee who has been convicted of theft to adhere to industry compliance
• C. Filtering applicants who have added false information to resumes so they appear better qualified
• D. Ensuring no new hires have worked at other banks that may be trying to steal customer information

A third party asked a user to share a public key for secure communication. Which of the following file formats should the user choose to share the key?

• A. pfx
• B. csr
• C. pvk
• D. cer

An administrator assists the legal and compliance team with ensuring information about customer transactions is archived for the proper time period. Which of the following data policies is the administrator carrying out?

• A. Compromise
• B. Retention
• C. Analysis
• D. Transfer
• E. Inventory

A cybersecurity administrator has a reduced team and needs to operate an on-premises network and security infrastructure efficiently. To help with the situation, the administrator decides to hire a service provider. Which of the following should the administrator use?

• A. SDP
• B. AAA
• C. IaaS
• D. MSSP
• E. Microservices

An organization has expanded its operations by opening a remote office. The new office is fully furnished with office resources to support up to 50 employees working on any given day. Which of the following VPN solutions would BEST support the new office?

• A. Always-on
• B. Remote access
• C. Site-to-site
• D. Full tunnel

A company has installed badge readers for building access but is finding unauthorized individuals roaming the hallways. Which of the following is the most likely cause?

• A. Shoulder surfing
• B. Phishing
• C. Tailgating
• D. Identity fraud

A company is adding a clause to its AUP that states employees are not allowed to modify the operating system on mobile devices. Which of the following vulnerabilities is the organization addressing?

• A. Cross-site scripting
• B. Buffer overflow
• C. Jailbreaking
• D. Side loading

A company is considering transitioning to the cloud. The company employs individuals from various locations around the world. The company does not want to increase its on premises infrastructure blueprint and only wants to pay for additional compute power required. Which of the following solutions would BEST meet the needs of the company?

• A. Private cloud
• B. Hybrid environment
• C. Managed security service provider
• D. Hot backup site

An organization has hired a security analyst to perform a penetration test. The analyst captures 1Gb worth of inbound network traffic to the server and transfers the pcap back to the machine for analysis. Which of the following tools should the analyst use to further review the pcap?

• A. Nmap
• B. cURL
• C. Netcat
• D. Wireshark

During a recent penetration test, the tester discovers large amounts of data were exfiltrated over the course of 12 months via the internet. The penetration tester stops the test to inform the client of the findings. Which of the following should be the client's NEXT step to mitigate the issue?

• A. Conduct a full vulnerability scan to identify possible vulnerabilities
• B. Perform containment on the critical servers and resources
• C. Review the firewall and identify the source of the active connection
• D. Disconnect the entire infrastructure from the internet

The SOC for a large MSSP is meeting to discuss the lessons learned from a recent incident that took much too long to resolve. This type of incident has become more common in recent weeks and is consuming large amounts of the analysts' time due to manual tasks being performed. Which of the following solutions should the SOC consider to BEST improve its response time?

• A. Configure a NIDS appliance using a Switched Port Analyzer
• B. Collect OSINT and catalog the artifacts in a central repository
• C. Implement a SOAR with customizable playbooks
• D. Install a SIEM with community-driven threat intelligence

Which of the following is an administrative control that would be MOST effective to reduce the occurrence of malware execution?

• A. Security awareness training
• B. Frequency of NIDS updates
• C. Change control procedures
• D. EDR reporting cycle

A company recently enhanced mobile device configuration by implementing a set of security controls biometrics context-aware authentication and full device encryption. Even with these settings in place, an unattended phone was used by a malicious actor to access corporate data. Which of the following additional controls should be put in place first?

• A. GPS tagging
• B. Remote wipe
• C. Screen lock timer
• D. SEAndroid

Which of the following types of data are most likely to be subject to regulations and laws? (Choose two.)

• A. PHI
• B. Trade secrets
• C. Proprietary
• D. OSINT
• E. PII
• F. Public

Which of the following, if compromised, can indirectly impact systems’ availability by imposing inadequate environmental conditions for the hardware to operate properly?

• A. SCADA
• B. TPM
• C. HSM
• D. HVAC

Which of the following best describes why a company would erase a newly purchased device and install its own image with an operating system and applications?

• A. Installing a new operating system thoroughly tests the equipment
• B. Removing unneeded applications reduces the system's attack surface
• C. Reimaging a system creates an updated baseline of the computer image
• D. Wiping the device allows the company to evaluate its performance

Which of the following threat actors is most likely to be motivated by ideology?

• A. Business competitor
• B. Hacktivist
• C. Criminal syndicate
• D. Script kiddie
• E. Disgruntled employee