ExamGecko
Search Search Login
Home Home / CompTIA / SY0-601

CompTIA SY0-601 Practice Test - Questions Answers, Page 12

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A security analyst notices an unusual amount of traffic hitting the edge of the network. Upon examining the logs, the analyst identifies a source IP address and blocks that address from communicating with the network. Even though the analyst is blocking this address, the attack is still ongoing and coming from a large number of different source IP addresses. Which of the following describes this type of attack?
HOTSPOT You received the output of a recent vulnerability assessment. Review the assessment and scan output and determine the appropriate remedialion(s} 'or «ach dewce. Remediation options may be selected multiple times, and some devices may require more than one remediation. If at any time you would like to biing bade the initial state ot the simulation, please dick me Reset All button.
A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system Which of the following would detect this behavior?
A company is adding a clause to its AUP that states employees are not allowed to modify the operating system on mobile devices. Which of the following vulnerabilities is the organization addressing?
Which of the following threat actors is most likely to be motivated by ideology?
Which Of the following vulnerabilities is exploited an attacker Overwrite a reg-ister with a malicious address that changes the execution path?
Which Of the following will provide the best physical security countermeasures to Stop intruders? (Select two).
Which of the following would most likely include language prohibiting end users from accessing personal email from a company device?
A police department is using the cloud to share information city officials Which of the cloud models describes this scenario?
Which of the following is a solution that can be used to stop a disgruntled employee from copying confidential data to a USB drive?

Question 111

Report
Export
Collapse

After gaining access to a dual-homed (i.e.. wired and wireless) multifunction device by exploiting a vulnerability in the device's firmware, a penetration tester then gains shell access on another networked asset This technique is an example of:

A.
privilege escalation
A.
privilege escalation
Answers
B.
footprinting
B.
footprinting
Answers
C.
persistence
C.
persistence
Answers
D.
pivoting.
D.
pivoting.
Answers
Suggested answer: D

Explanation:

The technique of gaining access to a dual-homed multifunction device and then gaining shell access on another networked asset is an example of pivoting. Reference: CompTIA Security+ Study Guide by Emmett Dulaney, Chapter 8: Application, Data, and Host Security, Enumeration and Penetration Testing

Question 112

Report
Export
Collapse

A backdoor was detected on the containerized application environment. The investigation detected that a zero-day vulnerability was introduced when the latest container image version was downloaded from a public registry. Which of the following is the BEST solution to prevent this type of incident from occurring again?

A.
Enforce the use of a controlled trusted source of container images
A.
Enforce the use of a controlled trusted source of container images
Answers
B.
Deploy an IPS solution capable of detecting signatures of attacks targeting containers
B.
Deploy an IPS solution capable of detecting signatures of attacks targeting containers
Answers
C.
Define a vulnerability scan to assess container images before being introduced on the environment
C.
Define a vulnerability scan to assess container images before being introduced on the environment
Answers
D.
Create a dedicated VPC for the containerized environment
D.
Create a dedicated VPC for the containerized environment
Answers
Suggested answer: A

Explanation:

Enforcing the use of a controlled trusted source of container images is the best solution to prevent incidents like the introduction of a zero-day vulnerability through container images from occurring again. Reference: CompTIA Security+ Study Guide by Emmett Dulaney, Chapter 11: Cloud Security, Container Security

Question 113

Report
Export
Collapse

A help desk technician receives an email from the Chief Information Officer (C/O) asking for documents. The technician knows the CIO is on vacation for a few weeks. Which of the following should the technician do to validate the authenticity of the email?

A.
Check the metadata in the email header of the received path in reverse order to follow the email’s path.
A.
Check the metadata in the email header of the received path in reverse order to follow the email’s path.
Answers
B.
Hover the mouse over the CIO's email address to verify the email address.
B.
Hover the mouse over the CIO's email address to verify the email address.
Answers
C.
Look at the metadata in the email header and verify the "From." line matches the CIO's email address.
C.
Look at the metadata in the email header and verify the "From." line matches the CIO's email address.
Answers
D.
Forward the email to the CIO and ask if the CIO sent the email requesting the documents.
D.
Forward the email to the CIO and ask if the CIO sent the email requesting the documents.
Answers
Suggested answer: B

Explanation:

The “From” line in the email header can be easily spoofed or manipulated by an attacker to make it look like the email is coming from the CIO’s email address. However, this does not mean that the email address is actually valid or that the email is actually sent by the CIO. A better way to check the email address is to hover over it and see if it matches the CIO’s email address exactly. This can help to spot any discrepancies or typos that might indicate a phishing attempt. For example, if the CIO’s email address is [email protected], but when you hover over it, it shows [email protected], then you know that the email is not authentic and likely a phishing attempt.

Question 114

Report
Export
Collapse

A Chief Information Officer receives an email stating a database will be encrypted within 24 hours unless a payment of $20,000 is credited to the account mentioned In the email. This BEST describes a scenario related to:

A.
whaling.
A.
whaling.
Answers
B.
smishing.
B.
smishing.
Answers
C.
spear phishing
C.
spear phishing
Answers
D.
vishing
D.
vishing
Answers
Suggested answer: C

Explanation:

The scenario of receiving an email stating a database will be encrypted unless a payment is made is an example of spear phishing. Reference: CompTIA Security+ Study Guide by Emmett Dulaney, Chapter 2: Threats, Attacks, and Vulnerabilities, Social Engineering

Question 115

Report
Export
Collapse

The Chief Information Security Officer wants to pilot a new adaptive, user-based authentication method. The concept Includes granting logical access based on physical location and proximity. Which of the following Is the BEST solution for the pilot?

A.
Geofencing
A.
Geofencing
Answers
B.
Self-sovereign identification
B.
Self-sovereign identification
Answers
C.
PKl certificates
C.
PKl certificates
Answers
D.
SSO
D.
SSO
Answers
Suggested answer: A

Explanation:

Geofencing is a location-based technology that allows an organization to define and enforce logical access control policies based on physical location and proximity. Geofencing can be used to grant or restrict access to systems, data, or facilities based on an individual's location, and it can be integrated into a user's device or the infrastructure. This makes it a suitable solution for the pilot project to test the adaptive, user-based authentication method that includes granting logical access based on physical location and proximity.

Reference: CompTIA Security+ SY0-601 Official Text Book, Chapter 4: "Identity and Access Management".

Question 116

Report
Export
Collapse

Which of the following environments typically hosts the current version configurations and code, compares user-story responses and workflow, and uses a modified version of actual data for testing?

A.
Development
A.
Development
Answers
B.
Staging
B.
Staging
Answers
C.
Production
C.
Production
Answers
D.
Test
D.
Test
Answers
Suggested answer: B

Explanation:

Staging is an environment in the software development lifecycle that is used to test a modified version of the actual data, current version configurations, and code. This environment compares user-story responses and workflow before the software is released to the production environment.

Reference: CompTIA Security+ Study Guide, Sixth Edition, Sybex, pg. 496

Question 117

Report
Export
Collapse

A systems analyst determines the source of a high number of connections to a web server that were initiated by ten different IP addresses that belong to a network block in a specific country. Which of the following techniques will the systems analyst MOST likely implement to address this issue?

A.
Content filter
A.
Content filter
Answers
B.
SIEM
B.
SIEM
Answers
C.
Firewall rules
C.
Firewall rules
Answers
D.
DLP
D.
DLP
Answers
Suggested answer: C

Explanation:

A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. The systems analyst can use firewall rules to block connections from the ten IP addresses in question, or from the entire network block in the specific country. This would be a quick and effective way to address the issue of high connections to the web server initiated by these IP addresses.

Reference: CompTIA Security+ SY0-601 Official Text Book, Chapter 5: "Network Security".

Question 118

Report
Export
Collapse

During an investigation, the incident response team discovers that multiple administrator accounts were suspected of being compromised. The host audit logs indicate a repeated brute-force attack on a single administrator account followed by suspicious logins from unfamiliar geographic locations. Which of the following data sources would be BEST to use to assess the accounts impacted by this attack?

A.
User behavior analytics
A.
User behavior analytics
Answers
B.
Dump files
B.
Dump files
Answers
C.
Bandwidth monitors
C.
Bandwidth monitors
Answers
D.
Protocol analyzer output
D.
Protocol analyzer output
Answers
Suggested answer: A

Explanation:

User behavior analytics (UBA) would be the best data source to assess the accounts impacted by the attack, as it can identify abnormal activity, such as repeated brute-force attacks and logins from unfamiliar geographic locations, and provide insights into the behavior of the impacted accounts.

Reference: CompTIA Security+ Study Guide, Exam SY0-601, 4th Edition, Chapter 7: Incident Response, pp. 338-341

Question 119

Report
Export
Collapse

Which of the following provides a catalog of security and privacy controls related to the United States federal information systems?

A.
GDPR
A.
GDPR
Answers
B.
PCI DSS
B.
PCI DSS
Answers
C.
ISO 27000
C.
ISO 27000
Answers
D.
NIST 800-53
D.
NIST 800-53
Answers
Suggested answer: D

Explanation:

NIST 800-53 provides a catalog of security and privacy controls related to the United States federal information systems. Reference: CompTIA Security+ Study Guide, Exam SY0-601, 4th Edition, Chapter 3: Architecture and Design, pp. 123-125

Question 120

Report
Export
Collapse

A grocery store is expressing security and reliability concerns regarding the on-site backup strategy currently being performed by locally attached disks. The main concerns are the physical security of the backup media and the durability of the data stored on these devices Which of the following is a cost-effective approach to address these concerns?

A.
Enhance resiliency by adding a hardware RAID.
A.
Enhance resiliency by adding a hardware RAID.
Answers
B.
Move data to a tape library and store the tapes off-site
B.
Move data to a tape library and store the tapes off-site
Answers
C.
Install a local network-attached storage.
C.
Install a local network-attached storage.
Answers
D.
Migrate to a cloud backup solution
D.
Migrate to a cloud backup solution
Answers
Suggested answer: D

Explanation:

a backup strategy is a plan that defines how to protect data from loss or corruption by creating and storing copies of data on a different medium or location1. A backup strategy should consider the security and reliability of the backup data and the backup storage234. Based on these definitions, the best option that is a cost-effective approach to address the security and reliability concerns regarding the on-site backup strategy would be D. Migrate to a cloud backup solution24. A cloud backup solution can provide several benefits, such as:

Enhanced physical security of the backup data by storing it in a remote location that is protected by multiple layers of security measures.

Enhanced durability of the backup data by storing it on highly reliable storage devices that are replicated across multiple availability zones or regions.

Reduced costs of backup storage by paying only for the amount of data stored and transferred, and by using features such as compression, deduplication, encryption, and lifecycle management. Increased flexibility and scalability of backup storage by choosing from various storage classes and tiers that match the performance and availability requirements of the backup data.

Total 603 questions
Go to page: of 61
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms