Free Access CompTIA.SY0-601.v2022-05-03.q215 Practice Test (Page 27)

Question 126

A security engineer needs to create a network segment that can be used for servers that require connections from untrusted networks When of the following should the engineer implement?

A.An air gap

B.A hot site

C.A screened subnet

D.AVLAN

Question 127

A recently discovered zero-day exploit utilizes an unknown vulnerability in the SMB network protocol to rapidly infect computers. Once infected, computers are encrypted and held for ransom. Which of the following would BEST prevent this attack from reoccurring?

A.Ensure endpoint detection and response systems are alerting on suspicious SMB connections.

B.Deny unauthenticated users access to shared network folders.

C.Configure the perimeter firewall to deny inbound external connections to SMB ports.

D.Verify computers are set to install monthly operating system, updates automatically.

Question 128

A developer is building a new portal to deliver single-pane-of-glass management capabilities to customers with multiple firewalls. To Improve the user experience, the developer wants to implement an authentication and authorization standard that uses security tokens that contain assertions to pass user Information between nodes. Which of the following roles should the developer configure to meet these requirements? (Select TWO).

A.Notarized referral

B.Identity provider

C.Tokenized resource

D.Service provider

E.Service requestor

F.Identity processor

Question 129

Which of the following must be in place before implementing a BCP?

A.SLA

B.AUP

C.NDA

D.BIA

Correct Answer: D

To create an effective business continuity plan, a firm should take these five steps:
Step 1: Risk Assessment
This phase includes:
Evaluation of the company's risks and exposures
Assessment of the potential impact of various business disruption scenarios Determination of the most likely threat scenarios Assessment of telecommunication recovery options and communication plans Prioritization of findings and development of a roadmap Step 2: Business Impact Analysis (BIA) During this phase we collect information on:
Recovery assumptions, including Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO) Critical business processes and workflows as well as the supporting production applications Interdependencies, both internal and external Critical staff including backups, skill sets, primary and secondary contacts Future endeavors that may impact recovery Special circumstances Pro tip: Compiling your BIA into a master list can be helpful from a wholistic standpoint, as well as helpful in identifying pain points throughout the organization.
Step 3: Business Continuity Plan Development
This phase includes:
Obtaining executive sign-off of Business Impact Analysis
Synthesizing the Risk Assessment and BIA findings to create an actionable and thorough plan Developing department, division and site level plans Reviewing plan with key stakeholders to finalize and distribute Step 4: Strategy and Plan Development Validate that the recovery times that you have stated in your plan are obtainable and meet the objectives that are stated in the BIA. They should easily be available and readily accessible to staff, especially if and when a disaster were to happen. In the development phase, it's important to incorporate many perspectives from various staff and all departments to help map the overall company feel and organizational focus. Once the plan is developed, we recommend that you have an executive or management team review and sign off on the overall plan.
Step 5: Plan Testing & Maintenance
The final critical element of a business continuity plan is to ensure that it is tested and maintained on a regular basis. This includes:
Conducting periodic table top and simulation exercises to ensure key stakeholders are comfortable with the plan steps Executing bi-annual plan reviews Performing annual Business Impact Assessments

Question 130

The Chief Security Officer (CSO) at a major hospital wants to implement SSO to help improve in the environment patient data, particularly at shared terminals. The Chief Risk Officer (CRO) is concerned that training and guidance have been provided to frontline staff, and a risk analysis has not been performed. Which of the following is the MOST likely cause of the CRO's concerns?

A.SSO would reduce the resilience and availability of system if the provider goes offline.

B.SSO would simplify username and password management, making it easier for hackers to pass guess accounts.

C.SSO would reduce password fatigue, but staff would still need to remember more complex passwords.

D.SSO would reduce the password complexity for frontline staff.

Premium Bundle

Newest SY0-601 Exam PDF Dumps shared by BraindumpsPass.com for Helping Passing SY0-601 Exam! BraindumpsPass.com now offer the updated SY0-601 exam dumps, the BraindumpsPass.com SY0-601 exam questions have been updated and answers have been corrected get the latest BraindumpsPass.com SY0-601 pdf dumps with Exam Engine here:

Access SY0-601 Premium Version

(1061 Q&As Dumps, 40%OFF Special Discount: Exam-Tests)

Other Version: 2181CompTIA.SY0-601.v2025-02-24.q781; 2127CompTIA.SY0-601.v2024-07-31.q690; 1820CompTIA.SY0-601.v2023-02-27.q56; 1548CompTIA.SY0-601.v2023-02-09.q57; 3420CompTIA.SY0-601.v2023-02-06.q78; 1499CompTIA.SY0-601.v2023-01-05.q72; 3621CompTIA.SY0-601.v2022-09-29.q183; 7345CompTIA.SY0-601.v2022-05-18.q297; 3972CompTIA.SY0-601.v2022-05-11.q168; 4528CompTIA.SY0-601.v2022-05-09.q210; 9432CompTIA.SY0-601.v2022-02-05.q371; 104CompTIA.Examboosts.SY0-601.v2021-11-02.by.prudence.224q.pdf; 10236CompTIA.SY0-601.v2021-10-06.q97

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 152Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 166TheSecOpsGroup.CNSP.v2025-09-08.q20; 225CFAInstitute.ESG-Investing.v2025-09-08.q173; 175PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 151Salesforce.Data-Architect.v2025-09-05.q216; 148Adobe.AD0-E605.v2025-09-05.q50