SY0-601試験無料問題集「CompTIA Security+ 認定」

Which of the following describes an executive team that is meeting in a board room and testing the company's incident response plan?

Which of the following is the most effective way to protect an application server running software that is no longer supported from network threats?

A company is planning to set up a SIEM system and assign an analyst to review the logs on a weekly basis. Which of the following types of controls is the company setting up?

Which of the following is the most likely way a rogue device was allowed to connect'?

A security administrator is setting up a SIEM to help monitor for notable events across the enterprise. Which of the following control types does this BEST represent?

解説: (GoShiken メンバーにのみ表示されます)
A security engineer obtained the following output from a threat intelligence source that recently performed an attack on the company's server:

Which of the following best describes this kind of attack?

解説: (GoShiken メンバーにのみ表示されます)
A company has implemented a policy that requires two people to agree in order to push any changes from the test codebase repository into production. Which of the following best describes this control type?

A security engineer needs to create a network segment that can be used for servers thal require connections from untrusted networks. Which of the following should the engineer implement?

解説: (GoShiken メンバーにのみ表示されます)
Which of the following supplies non-repudiation during a forensics investigation?

解説: (GoShiken メンバーにのみ表示されます)
After multiple on-premises security solutions were migrated to the cloud, the incident response time increased The analysts are spending a long time trying to trace information on different cloud consoles and correlating data in different formats. Which of the following can be used to optimize the incident response time?

解説: (GoShiken メンバーにのみ表示されます)
A network analyst is setting up a wireless access point for a home office in a remote, rural location. The requirement is that users need to connect to the access point securely but do not want to have to remember passwords Which of the following should the network analyst enable to meet the requirement?

解説: (GoShiken メンバーにのみ表示されます)
During an investigation, an incident response team attempts to understand the source of an incident. Which of the following incident response activities describes this process?

A security practitioner is performing due diligence on a vendor that is being considered for cloud services. Which of the following should the practitioner consult for the best insight into the current security posture of the vendor?

解説: (GoShiken メンバーにのみ表示されます)
A prospective customer is interested in seeing the type of data that can be retrieved when a customer uses a company's services. An engineer at the company sends the following documentation before reviewing it:

The prospective customer is concerned. Which of the following will best resolve the concern?

Which of the following is a cryptographic concept that operates on a fixed length of bits?

解説: (GoShiken メンバーにのみ表示されます)
A security analyst is reviewing the output of a web server log and notices a particular account is attempting to transfer large amounts of money:
GET http://yourbank.com/transfer.do?acctnum=08764 6959 &amount=500000 HTTP/1.1 GET http://yourbank.com/transfer.do?acctnum=087646958 &amount=5000000 HTTP/1.1 GET http://yourbank.com/transfer.do?acctnum=-087646958 &amount=1000000 HTTP/1.1 GET http://yourbank.com/transfer.do?acctnum=087646953&amount=500 HTTP/1.1 Which of the following types of attacks is most likely being conducted?

解説: (GoShiken メンバーにのみ表示されます)