2025年01月実際に出るSY0-601試験問題集には正確で更新された問題
SY0-601試験問題集でPDF問題とテストエンジン
Comptia SY0-601認定試験は、サイバーセキュリティのキャリアを追求したり、既存のサイバーセキュリティスキルを強化したい個人を対象としています。これは、ITの専門家、ネットワーク管理者、セキュリティアナリスト、およびサイバーセキュリティの知識と専門知識を改善したい他の専門家に最適なエントリーレベルの認定です。認定試験は、セキュリティに焦点を当てたIT管理で少なくとも2年の経験がある人なら誰でも利用できます。
Comptia Security+認定試験としても知られるComptia SY0-601は、サイバーセキュリティの分野のIT専門家のスキルと知識を検証するグローバルに認められた認定です。この認定は、企業の情報資産を保護するためのセキュリティの概念、ツール、および手順を包括的に理解することを提供します。 SY0-601試験では、セキュリティリスクを特定して軽減し、安全なネットワークアーキテクチャを実装し、セキュリティポリシーと手順を実装および管理する候補者の能力を測定します。
CompTIA SY0-601(CompTIA Security +)試験は、サイバーセキュリティのキャリアを追求することに興味がある個人にとって優れた選択肢です。この試験は、業界で最も尊敬され、高名な認定資格の1つとして広く認知されており、個人に様々な環境で成功するために必要な知識とスキルを提供します。
質問 # 51
After entering a username and password, and administrator must gesture on a touch screen. Which of the following demonstrates what the administrator is providing?
- A. Multifactor authentication
- B. Two-factor authentication
- C. Something you can do
- D. Biometric
正解:B
質問 # 52
A security engineer at an offline government facility is concerned about the validity of an SSL certificate. The engineer wants to perform the fastest check with the least delay to determine if the certificate has been revoked.
Which of the following would BEST these requirement?
- A. RA
- B. OCSP
- C. CRL
- D. CSR
正解:C
質問 # 53
Which of the following is the MOST likely motivation for a script kiddie threat actor?
- A. Corporate espionage
- B. Political expression
- C. Financial gain
- D. Notoriety
正解:D
質問 # 54
A network technician is installing a guest wireless network at a coffee shop. When a customer purchases an Item, the password for the wireless network is printed on the recent so the customer can log in. Which of the following will the technician MOST likely configure to provide the highest level of security with the least amount of overhead?
- A. WEP-TKIP
- B. WPA-EAP
- C. WPS-PIN
- D. WPA-PSK
正解:B
質問 # 55
While reviewing an alert that shows a malicious request on one web application, a cybersecurity analyst is alerted to a subsequent token reuse moments later on a different service using the same single sign-on method.
Which of the following would BEST detect a malicious actor?
- A. Deploying a WAF for the web server
- B. Disabling session tokens for all sites
- C. Deploying Netflow at the network border
- D. Utilizing SIEM correlation engines
正解:D
解説:
The initial compromise was a malicious request on a web server. Moments later the token created with SSO was used on another service, the question does not specify what type of service.
Deploying a WAF on the web server will detect the attacker but only on that server. If the attacker issues the same malicious request to get another SSO token correlating that event with using that SSO token in other services would allows to detect the malicious activity.
質問 # 56
After a hardware incident, an unplanned emergency maintenance activity was conducted to rectify the issue. Multiple alerts were generated on the SIEM during this period of time.
Which of the following BEST explains what happened?
- A. Multiple alerts were generated due to an attack occurring at the same time.
- B. The unexpected traffic correlated against multiple rules, generating multiple alerts.
- C. An error in the correlation rules triggered multiple alerts.
- D. The SIEM was unable to correlate the rules, triggering the alerts.
正解:D
質問 # 57
An information security officer at a credit card transaction company is conducting a framework-mapping exercise with the internal controls. The company recently established a new office in Europe. To which of the following frameworks should the security officer map the existing controls? (Select TWO).
- A. SOC
- B. PCI DSS
- C. ISO
- D. GDPR
- E. NIST
- F. CSA
正解:B、D
質問 # 58
The lessons-learned analysis from a recent incident reveals that an administrative office worker received a call from someone claiming to be from technical support. The caller convinced the office worker to visit a website, and then download and install a program masquerading as an antivirus package. The program was actually a backdoor that an attacker could later use to remote control the worker's PC. Which of the following would be BEST to help prevent this type of attack in the future?
- A. Application whitelisting
- B. Quarantine
- C. Segmentation
- D. Data loss prevention
正解:A
解説:
Application Whitelisting - aimed at preventing malicious programs from running on a network. It monitors the operating system, in real-time, to prevent any unauthorized files from executing.
質問 # 59
Joe, a security analyst, recently performed a network discovery to fully understand his organization's electronic footprint from a "public" perspective. Joe ran a set of commands and received the following output:
Which of the following can be determined about the organization's public presence and security posture? (Select TWO).
- A. The organization has too little information available in public registration.
- B. Joe used Whois to produce this output.
- C. Joe used Wireshark to produce this output.
- D. The organization has adequate information available in public registration.
E: The organization has too much information available in public registration. - E. Joe used cURL to produce this output.
正解:B、D
質問 # 60
DRAG DROP
An attack has occurred against a company.
INSTRUCTIONS
You have been tasked to do the following:
Identify the type of attack that is occurring on the network by clicking on the attacker's tablet and reviewing the output. (Answer Area 1).
Identify which compensating controls should be implemented on the assets, in order to reduce the effectiveness of future attacks by dragging them to the correct server.
(Answer area 2) All objects will be used, but not all placeholders may be filled. Objects may only be used once.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

正解:
解説:
質問 # 61
Which of the following can be used by an authentication application to validate a user's credentials without the need to store the actual sensitive data?
- A. Password hash
- B. Private Key
- C. Salt string
- D. Cipher stream
正解:A
解説:
Explanation
Password hash is a method of storing a user's credentials without the need to store the actual sensitive data. A password hash is a one-way function that transforms the user's password into a fixed-length string of characters that cannot be reversed. The authentication application can then compare the password hash with the stored hash to validate the user's credentials without revealing the original password. References: 1 CompTIA Security+ Certification Exam Objectives, page 15, Domain 3.0: Implementation, Objective 3.5:
Implement secure authentication mechanisms 2 CompTIA Security+ Certification Exam Objectives, page 16, Domain 3.0: Implementation, Objective 3.6: Implement identity and account management best practices 3
https://www.comptia.org/blog/what-is-password-hashing
質問 # 62
Which of the following ISO standards is certified for privacy?
- A. ISO 31000
- B. ISO 9001
- C. ISO 27002
- D. ISO 27701
正解:D
解説:
Explanation
ISO 27701 also abbreviated as PIMS (Privacy Information Management System) outlines a framework for Personally Identifiable Information (PII) Controllers and PII Processors to manage data privacy. Privacy information management systems are sometimes referred to as personal information management systems.
https://pecb.com/whitepaper/the-future-of-privacy-with-isoiec-27701
質問 # 63
Which of the following would be the BEST way to analyze diskless malware that has infected a VDI?
- A. Shut down the VDI and copy off the event logs.
- B. Use NetFlow to identify command-and-control IPs.
- C. Run a full on-demand scan of the root volume.
- D. Take a memory snapshot of the running system.
正解:D
解説:
Take a snapshot of the VDI would allow to both analyze and temporary isolate the threat as we can then shut it down to proceed to futher analyze the snapshot.
質問 # 64
A user recent an SMS on a mobile phone that asked for bank delays.
Which of the following social-engineering techniques was used in this case?
- A. Smishing
- B. Vishing
- C. SPIM
- D. Spear phishing
正解:A
質問 # 65
A security analyst is investigating a report from a penetration test. During the penetration test, consultants were able to download sensitive data from a back-end server. The back-end server was exposing an API that should have only been available from the companVs mobile application. After reviewing the back-end server logs, the security analyst finds the following entries
Which of the following is the most likely cause of the security control bypass?
- A. user-agent spoofing
- B. Referrer manipulation
- C. WAF bypass
- D. IP address allow list
正解:A
解説:
Explanation
User-agent spoofing is a technique that allows an attacker to modify the user-agent header of an HTTP request to impersonate another browser or device12. User-agent spoofing can be used to bypass security controls that rely on user-agent filtering or validation12. In this case, the attacker spoofed the user-agent header to match the company's mobile application, which was allowed to access the back-end server's API2.
質問 # 66
Which of the following can be used to detect a hacker who is stealing company data over port 80?
- A. Web application scan
- B. Packet capture
- C. Threat intelligence
- D. Log aggregation
正解:B
解説:
* Using a SIEM tool to monitor network traffic in real-time and detect any anomalies or malicious activities
* Monitoring all network protocols and ports to detect suspicious volumes of traffic or connections to uncommon IP addresses
* Monitoring for outbound traffic patterns that indicate malware communication with command and control servers, such as beaconing or DNS tunneling
* Using a CASB tool to control access to cloud resources and prevent data leaks or downloads
* Encrypting data at rest and in transit and enforcing strong authentication and authorization policies
質問 # 67
A securily analysl has receved several reporls of an issue on an inlemal web application. Users state they are having to provide their credentials brice to log in. The analyst checks with he application team and noles Unis is not an expected bohavier. After looking at several lags, the analysi deciies to in some commands on the gateway and obtains the following output:
Which of the following BEST describes the attack the company is experiencing?
- A. ARP paisoning
- B. MAC fleoding
- C. URL redirection
- D. DNS hijacking
正解:A
質問 # 68
A security manager is attempting to meet multiple security objectives in the next fiscal year. The security manager has proposed the purchase of the following four items:
1- Firewall
1-12 switch
1- Firewall
1-12 switch
Which of the following security objectives is the security manager attempting to meet? (Select two).
- A. Zero-day attack tolerance
- B. Multipath
- C. Simplified patch management
- D. Replication
- E. Redundancy is a security objective that aims to ensure availability and resilience of systems and data by having backup or alternative components or resources that can take over in case of a failure. By purchasing two firewalls and two switches from different vendors, the security manager is creating redundancy for the network devices and reducing the single point of failure risk. E. Replication is a security objective that aims to ensure integrity and availability of data by creating copies or duplicates of the data across different locations or devices. By purchasing two firewalls and two switches from different vendors, the security manager is enabling replication of the network traffic and data across different paths and devices. References: 1 CompTIA Security+ Certification Exam Objectives, page 9, Domain 2.0: Architecture and Design, Objective 2.3: Summarize secure application development, deployment, and automation concepts 2 CompTIA Security+ Certification Exam Objectives, page 11, Domain 2.0: Architecture and Design, Objective 2.5: Explain the importance of physical security controls 3 CompTIA Security+ Certification Exam Objectives, page 13, Domain 3.0: Implementation, Objective 3.2: Implement secure protocols
- F. Redundancy
- G. Scalability
正解:D、F
質問 # 69
Which of the following must be in place before implementing a BCP?
- A. SLA
- B. AUP
- C. NDA
- D. BIA
正解:D
解説:
Explanation
A Business Impact Analysis (BIA) is a critical component of a Business Continuity Plan (BCP). It identifies and prioritizes critical business functions and determines the impact of their disruption. References: CompTIA Security+ Study Guide 601, Chapter 10
質問 # 70
Which of the following utilize a subset of real data and are MOST likely to be used to assess the features and functions of a system and how it interacts or performs from an end user's perspective against defined test cases? (Choose two.)
- A. PoC
- B. Research and development
- C. Test
- D. SDLC
- E. Production
- F. UAT
正解:C、F
質問 # 71
A company is adopting a BYOD policy and is looking for a comprehensive solution to protect company information on user devices.
Which of the following solutions would BEST support the policy?
- A. Biometrics
- B. Mobile device management
- C. Remote wipe
- D. Full-device encryption
正解:B
質問 # 72
A security assessment found that several embedded systems are running unsecure protocols. These Systems were purchased two years ago and the company that developed them is no longer in business Which of the following constraints BEST describes the reason the findings cannot be remediated?
- A. Lack of computing power
- B. Implied trust
- C. inability to authenticate
- D. Unavailable patch
正解:D
質問 # 73
The Chief Information Security Officer (CISO) of a bank recently updated the incident response policy. The CISO is concerned that members of the incident response team do not understand their roles. The bank wants to test the policy but with the least amount of resources or impact.
Which of the following BEST meets the requirements?
- A. Warm site failover
- B. Full outage simulation
- C. Tabletop walk-through
- D. Parallel path testing
正解:C
解説:
Tabletop exercises
* Performing a full-scale disaster drill can be costly
- And time consuming
* Many of the logistics can be determined throughanalysis
- You don't physically have to go through a disaster or drill
* Get key players together for a tabletop exercise
- Talk through a simulated disaster
質問 # 74
......
合格させるCompTIA SY0-601試験最速合格にはGoShiken:https://www.goshiken.com/CompTIA/SY0-601-mondaishu.html
SY0-601問題集で必ず試験合格させる:https://drive.google.com/open?id=1IlmsSlVrWKF6LIHKQHrNQy9St51KCWWI