Comptia Security + SY0-601 Exam Review (Latest 2023/ 2024 Update) Questions and Verified Answers| 100% Correct
Comptia Security + SY0-601 Exam Review
(Latest 2023/ 2024 Update) Questions and
Verified Answers| 100% Correct
Q: What is a security policy?
Answer:
A formalized statement that defines how security will be implemented within an organization
Q: Overall internal responsibility for security might be allocated to a dedicated department such
as a
Answer:
Director of Security, Chief Security Officer (CSO), or Chief Information Security Officer
(CISO).
Q: What is a Security Operations Center (SOC)?
Answer:
a location where security professionals monitor and protect critical information assets across
other business functions, such as finance, operations, sales/marketing, and so on. Because SOCs
can be difficult to establish, maintain, and finance, they are usually employed by larger
corporations, like a government agency or a healthcare company.
Q: What is Development and Operations (DevOps)?
Answer:
a cultural shift within an organization to encourage much more collaboration between developers
and system administrators. By creating a highly orchestrated environment, IT personnel and
developers can build, test, and release software faster and more reliably.
Q: a single point-of-contact for the notification of security incidents should be handled by a
dedicated...
Answer:
cyber incident response team (CIRT)/computer security incident response team
(CSIRT)/computer emergency response team (CERT)
Q: A multinational company manages a large amount of valuable intellectual property (IP) data,
plus personal data for its customers and account holders. What type of business unit can be used
to manage such important and complex security requirements?
Answer:
Q: A business is expanding rapidly and the owner is worried about tensions between its
established IT and programming divisions. What type of security business unit or function could
help to resolve these issues?
Answer:
Q: What is a security control?
Answer:
is something designed to make give a system or data asset the properties of confidentiality,
integrity, availability, and non-repudiation.
Q: What are the three broad categories of security controls?
Answer:
Technical, Operational, Managerial
Q: What entails a technical security control?
Answer:
the control is implemented as a system (hardware, software, or firmware). For example,
firewalls, antivirus software, and OS access control models are technical controls. Technical
controls may also be described as logical controls.
Q: What entails a managerial security control?
Answer:
the control gives oversight of the information system. Examples could include risk identification
or a tool allowing the evaluation and selection of other security controls.
Q: What entails an operational security control?
Answer:
the control is implemented primarily by people rather than systems. For example, security guards
and training programs are operational controls rather than technical controls.
Q: What are the categories of security controls according to their objective/function?
Answer:
Preventative, Detective, Corrective, Physical, Deterrent, Compensating
Q: What entails a 'Corrective Security Control'?
Answer:
Category | Exams and Certifications |
Comments | 0 |
Rating | |
Sales | 0 |