CompTIA Security+ SY0-601 Dumps PDF

CompTIA Security+ Exam 2023 Questions and Answers

Question 161

During an investigation, an incident response team attempts to understand the source of an incident. Which of the following incident response activities describes this process?

Options:

Analysis

Lessons learned

Detection

Containment

Question 162

A penetration-testing firm is working with a local community bank to create a proposal that best fits the needs of the bank. The bank's information security manager would like the penetration test to resemble a real attack scenario, but it cannot afford the hours required by the penetration-testing firm. Which of the following would best address the bank's desired scenario and budget?

Options:

Engage the penetration-testing firm's red-team services to fully mimic possible attackers.

Give the penetration tester data diagrams of core banking applications in a known-environment test.

Limit the scope of the penetration test to only the system that is used for teller workstations.

Provide limited networking details in a partially known-environment test to reduce reconnaissance efforts.

Question 163

Which of the following security program audits includes a comprehensive evaluation of the security controls in place at an organization over a six- to 12-month time period?

Options:

NIST CSF

SOC 2 Type II

ISO 27001

PCI DSS

Question 164

Which of the following enables the use of an input field to run commands that can view or manipulate data?

Options:

Cross-site scripting

Side loading

Buffer overflow

SQL injection

Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

CompTIA Security+ Exam 2023 Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

CompTIA

Fortinet

Microsoft

Salesforce