CompTIA SY0-601 Security+ Take Ten Challenge #2Step 1 of 1010%2-1: Which security framework is mandatory for US federal agencies and includes a six step process? SSAE SOC 2 Type I/II CSA CCM NIST RMF CIS CSC 2-2: Which of these threat actors would be motivated by social change and would likely have limited funding options? Organized crime Hacktivist Competitor Nation state Shadow IT 2-3: A system administrator has replaced a storage drive and restored a server from backup using a full backup and multiple additional tape sets. Which of the following would BEST describe this backup type? Scheduled Full Differential Imaged Incremental 2-4: Which of these features is available when using MAM? Multiple authentication factors Automated failover Encrypted tunnels Enterprise app catalog FDE 2-5: A system administrator would like to identify all known vulnerabilities on a remote device. Which of the following would be the BEST choice for this task? Nessus theHarvester dnsenum Cuckoo scanless 2-6: A pair of managers in the IT department have access to the safe, but each person only knows half of the combination. Which of the following would describe this policy? Separation of duties Non-disclosure agreement Corrective control Clean desk policy Least privilege 2-7: An attacker has circumvented a security control by modifying their MAC address. Which of the following would describe this attack type? Jamming Cloning Rogue access point Malicious script Denial of service 2-8: A data center optimizes the cooling process by specifying the orientation of equipment during installation. Which of the following would describe this technique? Dual power supplies Hot and cold aisles USB data blocker Faraday cage Air gap 2-9: A security engineer would like to connect a private cloud subnet to other cloud services. Which of the following would be the BEST choice? VPC gateway Container SSL VPN WPA3 Default route 2-10: An endpoint security client has identified a suspicious application and moved the file to a safe area. Which of the following would describe this activity? Quarantine Hash identification Digital signature Block list Approval list
