CompTIA SY0-601 - CompTIA Security+ 2021 Exam
Page: 2 / 172
Total 860 questions
Question #6 (Topic: Single Topic)
An audit identified PII being utilized in the development environment of a critical application. The Chief Privacy Officer (CPO) is adamant that this data must be
removed; however, the developers are concerned that without real data they cannot perform functionality tests and search for specific data. Which of the following
should a security professional implement to BEST satisfy both the CPO's and the development team's requirements?
removed; however, the developers are concerned that without real data they cannot perform functionality tests and search for specific data. Which of the following
should a security professional implement to BEST satisfy both the CPO's and the development team's requirements?
A. Data anonymization
B. Data encryption
C. Data masking
D. Data tokenization
Answer: A
Question #7 (Topic: Single Topic)
A company is implementing a DLP solution on the file server. The file server has PII, financial information, and health information stored on it. Depending on what
type of data that is hosted on the file server, the company wants different DLP rules assigned to the data. Which of the following should the company do to help
accomplish this goal?
type of data that is hosted on the file server, the company wants different DLP rules assigned to the data. Which of the following should the company do to help
accomplish this goal?
A. Classify the data.
B. Mask the data.
C. Assign the application owner.
D. Perform a risk analysis.
Answer: A
Question #8 (Topic: Single Topic)
A forensics investigator is examining a number of unauthorized payments that were reported on the company's website. Some unusual log entries show users
received an email for an unwanted mailing list and clicked on a link to attempt to unsubscribe. One of the users reported the email to the phishing team, and the
forwarded email revealed the link to be:
<a href="https://www.company.com/payto.do?routing=00001111&acct=22223334&amount=250">Click here to unsubscribe</a>
Which of the following will the forensics investigator MOST likely determine has occurred?
received an email for an unwanted mailing list and clicked on a link to attempt to unsubscribe. One of the users reported the email to the phishing team, and the
forwarded email revealed the link to be:
<a href="https://www.company.com/payto.do?routing=00001111&acct=22223334&amount=250">Click here to unsubscribe</a>
Which of the following will the forensics investigator MOST likely determine has occurred?
A. SQL injection
B. Broken authentication
C. XSS
D. XSRF
Answer: B
Question #9 (Topic: Single Topic)
A report delivered to the Chief Information Security Officer (CISO) shows that some user credentials could be exfiltrated. The report also indicates that users tend
to choose the same credentials on different systems and applications. Which of the following policies should the CISO use to prevent someone from using the
exfiltrated credentials?
to choose the same credentials on different systems and applications. Which of the following policies should the CISO use to prevent someone from using the
exfiltrated credentials?
A. MFA
B. Lockout
C. Time-based logins
D. Password history
Answer: A
Question #10 (Topic: Single Topic)
A company wants to simplify the certificate management process. The company has a single domain with several dozen subdomains, all of which are publicly
accessible on the internet. Which of the following BEST describes the type of certificate the company should implement?
accessible on the internet. Which of the following BEST describes the type of certificate the company should implement?
A. Subject alternative name
B. Wildcard
C. Self-signed
D. Domain validation
Answer: B
