Free Access CompTIA.SY0-601.v2022-05-18.q297 Practice Test (Page 5)

Question 16

A security analyst b concerned about traffic initiated to the dark web from the corporate LAN. Which of the following networks should he analyst monitor?

A.SFTP

B.AS

C.IoC

D.Tor

Question 17

A dynamic application vulnerability scan identified code injection could be performed using a web form. Which of the following will be BEST remediation to prevent this vulnerability?

A.Implement input validations

B.Utilize a WAF

C.Deploy MFA

D.Configure HIPS

Question 18

A company's help desk received several AV alerts indicating Mimikatz attempted to run on the remote systems. Several users also reported that the new company flash drives they picked up in the
break room only have 512KB of storage. Which of the following is MOST likely the cause?

A.The new flash drives need a driver that is being blocked by the AV software because the flash drives are not on the application's allow list, temporarily restricting the drives to 512KB of storage.

B.The GPO prevents the use of flash drives, which triggers a false positive AV indication and restricts the drives to only 512KB of storage.

C.The GPO blocking the flash drives is being bypassed by a malicious flash drive that is attempting to harvest plaintext credentials from memory.

D.The new flash drives are incorrectly partitioned, and the systems are automatically trying to use an unapproved application to repartition the drives.

Question 19

While investigating a data leakage incident, a security analyst reviews access control to cloud-hosted dat a. The following information was presented in a security posture report.

Based on the report, which of the following was the MOST likely attack vector used against the company?

A.Spyware

B.Potentially unwanted programs

C.Logic bomb

D.Supply chain

Question 20

A security analyst is investigating an incident to determine what an attacker was able to do on a compromised laptop. The analyst reviews the following SIEM log:

Which of the following describes the method that was used to compromise the laptop?

A.An attacker was able to move laterally from PC1 to PC2 using a pass-the-hash attack

B.An attacker was able to phish user credentials successfully from an Outlook user profile

C.An attacker was able to install malware to the CAasdf234 folder and use it to gam administrator nights and launch Outlook

D.An attacker was able to bypass application whitelisting by emailing a spreadsheet attachment with an embedded PowerShell in the file

Other Version: 2181CompTIA.SY0-601.v2025-02-24.q781; 2125CompTIA.SY0-601.v2024-07-31.q690; 1808CompTIA.SY0-601.v2023-02-27.q56; 1541CompTIA.SY0-601.v2023-02-09.q57; 3405CompTIA.SY0-601.v2023-02-06.q78; 1494CompTIA.SY0-601.v2023-01-05.q72; 3590CompTIA.SY0-601.v2022-09-29.q183; 3952CompTIA.SY0-601.v2022-05-11.q168; 4497CompTIA.SY0-601.v2022-05-09.q210; 4337CompTIA.SY0-601.v2022-05-03.q215; 9401CompTIA.SY0-601.v2022-02-05.q371; 104CompTIA.Examboosts.SY0-601.v2021-11-02.by.prudence.224q.pdf; 10216CompTIA.SY0-601.v2021-10-06.q97

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 148Salesforce.Data-Architect.v2025-09-05.q216; 143Adobe.AD0-E605.v2025-09-05.q50

Question 16

Question 17

Question 18

Question 19

Question 20

Download PDF File