Free Access CompTIA.SY0-601.v2022-02-05.q371 Practice Test (Page 27)

Question 126

The Chief Security Officer (CSO) at a major hospital wants to implement SSO to help improve in the environment patient data, particularly at shared terminals. The Chief Risk Officer (CRO) is concerned that training and guidance have been provided to frontline staff, and a risk analysis has not been performed. Which of the following is the MOST likely cause of the CRO's concerns?

A.SSO would reduce the resilience and availability of system if the provider goes offline.

B.SSO would simplify username and password management, making it easier for hackers to pass guess accounts.

C.SSO would reduce password fatigue, but staff would still need to remember more complex passwords.

D.SSO would reduce the password complexity for frontline staff.

Question 127

An organization is having difficulty correlating events from its individual AV. EDR. DLP. SWG. WAF. MOM. HIPS, and CASB systems. Which of the following is the BEST way to improve the situation?

A.Utilize a SIEM to centralize togs and dashboards.

B.Implement a new syslog/NetFlow appliance.

C.Modify the systems to alert only on critical issues.

D.Remove expensive systems that generate few alerts.

Question 128

A security operations analyst is using the company's SIEM solution to correlate alerts. Which of the following stages of the incident response process is this an example of?

A.Recovery

B.Identification

C.Preparation

D.Eradication

Question 129

A security analyst receives a SIEM alert that someone logged in to the appadmin test account, which is only used for the early detection of attacks. The security analyst then reviews the following application log:

Which of the following can the security analyst conclude?

A.A replay attack is being conducted against the application.

B.A service account password may have been changed, resulting in continuous failed logins within the application.

C.An injection attack is being conducted against a user authentication system.

D.A credentialed vulnerability scanner attack is testing several CVEs against the application.

Question 130

A security analyst needs to determine how an attacker was able to use User3 to gain a foothold within a company's network. The company's lockout policy requires that an account be locked out for a minimum of 15 minutes after three unsuccessful attempts. While reviewing the log files, the analyst discovers the following:

Which of the following attacks MOST likely occurred?

A.Credential-stuffing

B.Dictionary

C.Brute-force

D.Password-spraying

Other Version: 2183CompTIA.SY0-601.v2025-02-24.q781; 2127CompTIA.SY0-601.v2024-07-31.q690; 1820CompTIA.SY0-601.v2023-02-27.q56; 1549CompTIA.SY0-601.v2023-02-09.q57; 3421CompTIA.SY0-601.v2023-02-06.q78; 1499CompTIA.SY0-601.v2023-01-05.q72; 3626CompTIA.SY0-601.v2022-09-29.q183; 7358CompTIA.SY0-601.v2022-05-18.q297; 3985CompTIA.SY0-601.v2022-05-11.q168; 4529CompTIA.SY0-601.v2022-05-09.q210; 4378CompTIA.SY0-601.v2022-05-03.q215; 104CompTIA.Examboosts.SY0-601.v2021-11-02.by.prudence.224q.pdf; 10238CompTIA.SY0-601.v2021-10-06.q97

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 105HP.HPE0-V27.v2025-09-11.q78; 120Oracle.1Z0-1057-23.v2025-09-10.q47; 156Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 171TheSecOpsGroup.CNSP.v2025-09-08.q20; 237CFAInstitute.ESG-Investing.v2025-09-08.q173; 220PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 155Salesforce.Data-Architect.v2025-09-05.q216; 149Adobe.AD0-E605.v2025-09-05.q50

Question 126

Question 127

Question 128

Question 129

Question 130

Download PDF File