Comptia Security + SY0-601 Exam Review (Latest 2023/ 2024 Update) Questions and Verified Answers| 100% Correct

Comptia Security + SY0-601 Exam Review

(Latest 2023/ 2024 Update) Questions and

Verified Answers| 100% Correct

Q: What is a security policy?

Answer:

A formalized statement that defines how security will be implemented within an organization

Q: Overall internal responsibility for security might be allocated to a dedicated department such

as a

Answer:

Director of Security, Chief Security Officer (CSO), or Chief Information Security Officer

(CISO).

Q: What is a Security Operations Center (SOC)?

Answer:

a location where security professionals monitor and protect critical information assets across

other business functions, such as finance, operations, sales/marketing, and so on. Because SOCs

can be difficult to establish, maintain, and finance, they are usually employed by larger

corporations, like a government agency or a healthcare company.

Q: What is Development and Operations (DevOps)?

Answer:

a cultural shift within an organization to encourage much more collaboration between developers

and system administrators. By creating a highly orchestrated environment, IT personnel and

developers can build, test, and release software faster and more reliably.

Q: a single point-of-contact for the notification of security incidents should be handled by a

dedicated...

Answer:

cyber incident response team (CIRT)/computer security incident response team

(CSIRT)/computer emergency response team (CERT)

Q: A multinational company manages a large amount of valuable intellectual property (IP) data,

plus personal data for its customers and account holders. What type of business unit can be used

to manage such important and complex security requirements?

Answer:

Q: A business is expanding rapidly and the owner is worried about tensions between its

established IT and programming divisions. What type of security business unit or function could

help to resolve these issues?

Answer:

Q: What is a security control?

Answer:

is something designed to make give a system or data asset the properties of confidentiality,

integrity, availability, and non-repudiation.

Q: What are the three broad categories of security controls?

Answer:

Technical, Operational, Managerial

Q: What entails a technical security control?

Answer:

the control is implemented as a system (hardware, software, or firmware). For example,

firewalls, antivirus software, and OS access control models are technical controls. Technical

controls may also be described as logical controls.

Q: What entails a managerial security control?

Answer:

the control gives oversight of the information system. Examples could include risk identification

or a tool allowing the evaluation and selection of other security controls.

Q: What entails an operational security control?

Answer:

the control is implemented primarily by people rather than systems. For example, security guards

and training programs are operational controls rather than technical controls.

Q: What are the categories of security controls according to their objective/function?

Answer:

Preventative, Detective, Corrective, Physical, Deterrent, Compensating

Q: What entails a 'Corrective Security Control'?

Answer: