Free Access CompTIA.SY0-601.v2022-05-09.q210 Practice Test (Page 40)

Question 191

A security analyst is responding to an alert from the SIEM. The alert states that malware was discovered on a host and was not automatically deleted. Which of the following would be BEST for the analyst to perform?

A.Add a deny-all rule to that host in the network ACL

B.Implement a network-wide scan for other instances of the malware.

C.Quarantine the host from other parts of the network

D.Revoke the client's network access certificates

Question 192

A security analyst is performing a forensic investigation compromised account credentials. Using the Event Viewer, the analyst able to detect the following message, ''Special privileges assigned to new login.'' Several of these messages did not have a valid logon associated with the user before these privileges were assigned. Which of the following attacks is MOST likely being detected?

A.Pass-the-hash

B.Buffer overflow

C.Cross-site scripting

D.Session replay

Question 193

Which of the following types of attacks is being attempted and how can it be mitigated?

A.Directory traversal: implement a WAF

B.SQL injection: implement an IDS

C.CSRF; implement an IPS

D.XSS; implement a SIEM

Question 194

Which of the following scenarios BEST describes a risk reduction technique?

A.A security control objective cannot be met through a technical change, so the company implements a policy to train users on a more secure method of operation.

B.A security control objective cannot be met through a technical change, so the company changes as method of operation

C.A security control objective cannot be met through a technical change, so the company purchases insurance and is no longer concerned about losses from data breaches.

D.A security control objective cannot be met through a technical change, so the Chief Information Officer (CIO) decides to sign off on the risk.

Question 195

A network administrator is setting up wireless access points in all the conference rooms and wants to authenticate device using PKI. Which of the following should the administrator configure?

A.802.1X

B.WPS

C.PSK

D.A captive portal

Other Version: 2181CompTIA.SY0-601.v2025-02-24.q781; 2125CompTIA.SY0-601.v2024-07-31.q690; 1818CompTIA.SY0-601.v2023-02-27.q56; 1547CompTIA.SY0-601.v2023-02-09.q57; 3415CompTIA.SY0-601.v2023-02-06.q78; 1496CompTIA.SY0-601.v2023-01-05.q72; 3598CompTIA.SY0-601.v2022-09-29.q183; 7317CompTIA.SY0-601.v2022-05-18.q297; 3962CompTIA.SY0-601.v2022-05-11.q168; 4345CompTIA.SY0-601.v2022-05-03.q215; 9404CompTIA.SY0-601.v2022-02-05.q371; 104CompTIA.Examboosts.SY0-601.v2021-11-02.by.prudence.224q.pdf; 10225CompTIA.SY0-601.v2021-10-06.q97

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 150Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50

Question 191

Question 192

Question 193

Question 194

Question 195

Download PDF File