CompTIA SY0-601 Security+ Take Ten Challenge #2Step 1 of 1010%2-1: Which security framework is mandatory for US federal agencies and includes a six step process? NIST RMF CIS CSC CSA CCM SSAE SOC 2 Type I/II 2-2: Which of these threat actors would be motivated by social change and would likely have limited funding options? Shadow IT Competitor Organized crime Nation state Hacktivist 2-3: A system administrator has replaced a storage drive and restored a server from backup using a full backup and multiple additional tape sets. Which of the following would BEST describe this backup type? Full Scheduled Incremental Imaged Differential 2-4: Which of these features is available when using MAM? Encrypted tunnels Automated failover FDE Multiple authentication factors Enterprise app catalog 2-5: A system administrator would like to identify all known vulnerabilities on a remote device. Which of the following would be the BEST choice for this task? scanless Nessus theHarvester dnsenum Cuckoo 2-6: A pair of managers in the IT department have access to the safe, but each person only knows half of the combination. Which of the following would describe this policy? Separation of duties Clean desk policy Corrective control Least privilege Non-disclosure agreement 2-7: An attacker has circumvented a security control by modifying their MAC address. Which of the following would describe this attack type? Malicious script Denial of service Jamming Rogue access point Cloning 2-8: A data center optimizes the cooling process by specifying the orientation of equipment during installation. Which of the following would describe this technique? Hot and cold aisles Faraday cage Air gap Dual power supplies USB data blocker 2-9: A security engineer would like to connect a private cloud subnet to other cloud services. Which of the following would be the BEST choice? Default route SSL VPN VPC gateway Container WPA3 2-10: An endpoint security client has identified a suspicious application and moved the file to a safe area. Which of the following would describe this activity? Block list Hash identification Approval list Digital signature Quarantine
