ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-601 All Questions

View all questions & answers for the SY0-601 exam
Go to Exam

Exam SY0-601 topic 1 question 59 discussion

Actual exam question from CompTIA's SY0-601
Question #: 59
Topic #: 1
[All SY0-601 Questions]

An organization is building backup server rooms in geographically diverse locations. The Chief Information Security Officer implemented a requirement on the project that states the new hardware cannot be susceptible to the same vulnerabilities in the existing server room. Which of the following should the systems engineer consider?

  • A. Purchasing hardware from different vendors
  • B. Migrating workloads to public cloud infrastructure
  • C. Implementing a robust patch management solution
  • D. Designing new detective security controls
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by cozzmo at Aug. 31, 2022, 6:13 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Gravoc
Highly Voted 2 years, 9 months ago
Don't let this one trip you up. A seems to be too easy of an answer, but it's A. Part of the reason it tripped me up is anytime I learned about vender diversity, it was always in the context of anti-malware, SIEM, NIDS, etc. Never dawned on me that vendor diversity also applies to physical hardware, but it makes sense. Vender diversity is a part of the swiss cheese model, or defense-in-depth. Having your production server, and your backup server running identical configurations means that there's two perfectly aligned holes in the swiss cheese model. Meaning the integrity of the backup server cannot be trusted in the event of an attack that damages or shuts down the production server. Different hardware is a defense layer that gives the defenders a buffer time to get their operation back in order, and defend against potentially inbound attacks on the backup server.
upvoted 24 times
...
Strykar
Highly Voted 2 years, 9 months ago
Selected Answer: A
It's A. Who's answering these questions?
upvoted 8 times
Demilitarized_zone
2 years, 8 months ago
help me ask please.... i feel the owners of this platform should get professionals to answer these questions. Many of the answers are clearly wrong.
upvoted 5 times
Ggonza3
2 years, 7 months ago
I think that they're not allowed to outright post the correct answers, hence why this website is community based.
upvoted 12 times
...
Secplas
1 year, 7 months ago
Especially that many people tout this platform around as one that helped them pass the exam. Some of the votes are emotionally placed.
upvoted 1 times
...
Kraken84
1 year, 10 months ago
they need to be for this to not be TOO perfect of a place to join and DISCUSS all these wonderful questions.
upvoted 5 times
GenerativeAI
1 year, 5 months ago
This is the best answer to that. And I am glad that most of these questions were answered incorrectly. It's a good thing.
upvoted 1 times
...
...
...
...
lekiam
Most Recent 1 year, 3 months ago
Selected Answer: A
Gravoc said it. Deversifying hardware vendores can help mitigate the risk of common vulnerabilities that maybe specific to a particular vendor's products
upvoted 2 times
...
JustJess
1 year, 3 months ago
I'm thinking C....many companies may have contracts in which they are required to purchase their equiptment from. Implementing a robust patch management would help address vulnerabilities
upvoted 2 times
...
alicia2024
1 year, 4 months ago
Selected Answer: D
Detective security controls are measures that are put in place to detect and alert on security events or potential vulnerabilities. By designing new detective security controls, the organization can enhance its ability to identify and respond to security threats and vulnerabilities in the backup server rooms. This could include implementing intrusion detection systems (IDS), security information and event management (SIEM) systems, or continuous monitoring solutions. While options like purchasing hardware from different vendors (A), migrating workloads to public cloud infrastructure (B), and implementing a robust patch management solution (C) are important considerations for overall security, they may not directly address the requirement to ensure that the new hardware in the backup server rooms is not susceptible to the same vulnerabilities as the existing server room. Therefore, designing new detective security controls would be the most appropriate action to meet this requirement.
upvoted 2 times
...
[Removed]
1 year, 5 months ago
Why is C so obviously not the answer? I was in between A and C.
upvoted 2 times
...
B3hindCl0sedD00rs
1 year, 5 months ago
Selected Answer: A
A is correct here!
upvoted 1 times
...
fiela1
1 year, 5 months ago
the answer is A, this is about vendor diversity which is an example of security in depth
upvoted 1 times
...
Thurams
1 year, 8 months ago
The ans. is A and D is also good one to consider here. Implementing additional detective security controls can help identify vulnerabilities and threats. This can include intrusion detection systems, security information and event management (SIEM) solutions, and other monitoring tools that can detect and alert on suspicious activities.
upvoted 1 times
...
Cyberjerry
1 year, 8 months ago
Selected Answer: A
To ensure that the new backup server rooms are not susceptible to the same vulnerabilities as the existing server room, it's a good practice to diversify the hardware vendors. This approach reduces the risk of common vulnerabilities affecting all systems in the same way. Different vendors may use different hardware designs, software stacks, and security configurations, which can provide a level of diversity and defense in depth.
upvoted 2 times
...
Dtimap
1 year, 9 months ago
Selected Answer: A
B cannot be correct. The question states they are purchasing and building new server rooms. Hence, utilizing a cloud for data storage conflicts with the statement that they are purchasing their own equipment and creating their own physical facility. Go with A
upvoted 1 times
...
RevolutionaryAct
1 year, 10 months ago
Selected Answer: A
It's A because you have no idea what the public cloud is using, no right to audit, no right to patch, no right to run scans, etc. and for all you know they are using the same hardware as you and have zero control over it as opposed to buying your own hardware.
upvoted 2 times
...
Protract8593
1 year, 11 months ago
Selected Answer: D
The organization is building backup server rooms in geographically diverse locations to enhance redundancy and business continuity. The Chief Information Security Officer (CISO) wants to ensure that the new hardware in these backup server rooms does not have the same vulnerabilities as the existing server room. To address this requirement, the systems engineer should consider designing new detective security controls. Detective controls are designed to identify and detect potential security incidents or vulnerabilities. By implementing new detective controls in the backup server rooms, the organization can continuously monitor for any vulnerabilities that might exist in the hardware or software and take appropriate actions to mitigate them. Why it's not A according to ChatGPT (which has been fed the CompTIA Security+ SY0-601 exam objectives and is insistent that D is the correct answer for this question):
upvoted 2 times
MortG7
1 year, 8 months ago
Tell ChatGPT it is wrong. Ask ChatGPT, how many physical rooms can you build in the cloud?
upvoted 1 times
...
Protract8593
1 year, 11 months ago
Option A, which suggests purchasing hardware from different vendors to ensure vendor diversity, may indeed provide some level of protection against vulnerabilities that are specific to a particular vendor's hardware or software. Vendor diversity can reduce the risk of a single point of failure and can introduce variations in security implementations across different products. However, the CISO's requirement is specifically focused on ensuring that the new hardware in the backup server rooms is not susceptible to the same vulnerabilities as the existing server room. While vendor diversity can be a valuable strategy for increasing overall resilience, it does not guarantee that all the hardware from different vendors will be free from the same vulnerabilities present in the existing environment.
upvoted 1 times
Protract8593
1 year, 11 months ago
Vulnerabilities can arise from various sources, such as misconfigurations, software bugs, or design flaws, and they may exist across multiple vendors' products. Therefore, relying solely on vendor diversity to address the CISO's requirement may not be sufficient. Designing new detective security controls, as mentioned in option D, can be a more proactive and comprehensive approach to address the specific requirement. These controls will continuously monitor and detect vulnerabilities or potential security issues in the new hardware, regardless of the vendor. By doing so, the organization can take appropriate actions to mitigate any risks effectively. In summary, while vendor diversity can be part of an overall security strategy, it may not fully address the CISO's requirement to ensure that the new hardware in the backup server rooms is not susceptible to the same vulnerabilities as the existing server room. Therefore, designing new detective security controls would be a more direct and suitable approach to meet the specified requirement.
upvoted 1 times
...
...
daddylonglegs
1 year, 8 months ago
So sick of the ChatGPT answers here. Are you going to learn to think critically or are you going to ask ChatGPT for everything for the rest of your life? A detective control will detect potential malicious activity, that's it. It will not ensure that a piece of hardware is or isn't susceptible to the same vulnerabilities as a different piece of hardware. The only way to do that is to do research on your hardware and your vendors. Sooner or later you will have to realize that ChatGPT isn't a genie in a bottle. It doesn't know the answer to everything despite how insistent it is that it does.
upvoted 3 times
...
...
Dan_26
2 years, 1 month ago
They're BUYING hardware. You rent in the cloud. So the answer is A. Buy it from someone else. A Palo Alto firewall will have different problems than a Fortigate, as an example. An Aruba switch will be different from a Cisco.
upvoted 3 times
...
McLobster
2 years, 2 months ago
An organization is building backup server rooms in geographically diverse locations. The Chief Information Security Officer implemented a requirement on the project that states the new hardware cannot be susceptible to the same vulnerabilities in the existing server room. Which of the following should the systems engineer consider? The question itself gives away the answer it mentions "the new hardware" cannot be susceptible... So pretty much get different hardware. The answer is A.
upvoted 1 times
...
Saphi
2 years, 3 months ago
"An organization is building backup server rooms" The exact reason why it can't be C. I agree that Cloud would be the most resilient to downtime but the point is that if they're building a new server room it has to be A.
upvoted 1 times
...
MasterControlProgram
2 years, 3 months ago
Selected Answer: A
To ensure that the new hardware is not susceptible to the same vulnerabilities as the existing server room, the systems engineer should consider purchasing hardware from different vendors. This approach will increase the likelihood that any vulnerabilities present in the existing hardware will not be present in the new hardware.
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel