Question 115Local guidelines require that all information systems meet a minimum-security baseline to be compliant. Which of the following can security administrators use to assess their system configurations against the baseline? Show A. SOAR playbook B. Security control matrix C. Risk management framework D. Benchmarks Correct Answer:D Question 116A security engineer is
setting up passwordless authentication for the first time. INSTRUCTIONS  Solution: Does this meet the goal? Correct Answer:A Question 117An organization is concerned that its hosted web servers are not running the most updated version of the software. Which of the following would work BEST to help identify potential vulnerabilities? A. hping3 -S corsptia.org -p 80 B. nc —1 —v comptia.org -p 80 C. nmap comptia.org -p 80 —sV D. nslookup -port=80 comptia.org Correct
Answer:C Question 118Users have been issued smart cards that provide physical access to a building. The cards also contain tokens that can be used to access information systems. Users can log m to any thin client located throughout the building and see the same desktop each time. Which of the following technologies are being utilized to provide these capabilities? (Select TWO)
A. COPE B. VDI C. GPS D. TOTP E. RFID F. BYOD Correct Answer:BE Question 119An organization has implemented a two-step verification process to protect user access to data that 6 stored in the could Each employee now uses an email address of mobile number a code to access the data. Which of the following authentication methods did the organization implement? A. Token key B. Static code C. Push notification D. HOTP Correct Answer:A Question 120A500 is implementing an insider threat detection program, The primary concern is that users may be accessing confidential data without authorization. Which of the fallowing should be deployed to detect a potential insider threat? A. A honeyfile B. A DMZ C. ULF D. File integrity monitoring Correct Answer:A CompTIA SY0-601 Questions & AnswersCompTIA Security+ Certification ExamVersion: 1.0 QUESTION NO: 1 CORRECT TEXTA company recently added a DR site and is redesigning the network. Users at the DR site arehaving issues browsing websites.INSTRUCTIONSClick on each firewall to do the following:Deny cleartext web traffic.Ensure secure management protocols are used.Resolve issues at the DR site.The ruleset order cannot be modified due to outside constraints.If at any time you would like to bring back the initial state of the simulation, please click the ResetAll button.CompTIA SY0-601 Exam"Everything is under control" - 2 CompTIA SY0-601 Exam"Everything is under control" - 3 CompTIA SY0-601 Exam"Everything is under control" - 4 Answer:See explanation below.Explanation:Firewall 1:CompTIA SY0-601 Exam"Everything is under control" - 5 DNS Rule – ANY --> ANY --> DNS --> PERMITHTTPS Outbound – 10.0.0.1/24 --> ANY --> HTTPS --> PERMITManagement – ANY --> ANY --> SSH --> PERMITHTTPS Inbound – ANY --> ANY --> HTTPS --> PERMITHTTP Inbound – ANY --> ANY --> HTTP --> DENYFirewall 2: No changes should be made to this firewallFirewall 3:DNS Rule – ANY --> ANY --> DNS --> PERMITHTTPS Outbound – 192.168.0.1/24 --> ANY --> HTTPS --> PERMITManagement – ANY --> ANY --> SSH --> PERMITHTTPS Inbound – ANY --> ANY --> HTTPS --> PERMITHTTP Inbound – ANY --> ANY --> HTTP --> DENYQUESTION NO: 2 DRAG DROPA security engineer is setting up passwordless authentication for the first time.INSTRUCTIONSUse the minimum set of commands to set this up and verify that it works. Commands cannot bereused.If at any time you would like to bring back the initial state of the simulation, please click the ResetAll button.CompTIA SY0-601 Exam"Everything is under control" - 6 Answer:Explanation:ssh-keygen -t rsassh-copy-id -i/.ssh/id_rsa.pub [email protected]chmod 644 /.ssh/id_rsassh [email protected]QUESTION NO: 3 HOTSPOTSelect the appropriate attack and remediation from each drop-down list to label the correspondingattack with its remediation.INSTRUCTIONSCompTIA SY0-601 Exam"Everything is under control" - 7 Not all attacks and remediation actions will be used.If at any time you would like to bring back the initial state of the simulation, please click the ResetAll button.CompTIA SY0-601 Exam"Everything is under control" - 8 Answer:CompTIA SY0-601 Exam"Everything is under control" - 9 Explanation:Botnet – Enable DDoS protectionRAT – Implement a host-based IPSCompTIA SY0-601 Exam"Everything is under control" - 10 What is needed before SSH Passwordless?These commands should work on the majority of Linux distributions, and instructions are included for modern client machines of the macOS, Windows, and Linux varieties.. Step 1: Generate a key pair. ... . Step 2: Create SSH directory on server. ... . Step 3: Upload public key to remote server.. How does SSH Passwordless work?The passwordless SSH protocol utilizes an SSH client to send a cryptographic key to and from the client device. The key exchange procedure does not use a password as it uses public-key cryptography principles. A public key is a long string of random characters generated from a private key.
Is Passwordless SSH Secure?Passwordless SSH is a network security protocol that authenticates the user and creates a secure communication channel between a server and client. It does this with the help of public key infrastructure or asymmetric encryption.
|
