ExamGecko
Search Search Login
Home Home / CompTIA / SY0-601

CompTIA SY0-601 Practice Test - Questions Answers, Page 15

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A security analyst notices an unusual amount of traffic hitting the edge of the network. Upon examining the logs, the analyst identifies a source IP address and blocks that address from communicating with the network. Even though the analyst is blocking this address, the attack is still ongoing and coming from a large number of different source IP addresses. Which of the following describes this type of attack?
HOTSPOT You received the output of a recent vulnerability assessment. Review the assessment and scan output and determine the appropriate remedialion(s} 'or «ach dewce. Remediation options may be selected multiple times, and some devices may require more than one remediation. If at any time you would like to biing bade the initial state ot the simulation, please dick me Reset All button.
A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system Which of the following would detect this behavior?
A company is adding a clause to its AUP that states employees are not allowed to modify the operating system on mobile devices. Which of the following vulnerabilities is the organization addressing?
Which of the following threat actors is most likely to be motivated by ideology?
Which Of the following vulnerabilities is exploited an attacker Overwrite a reg-ister with a malicious address that changes the execution path?
Which Of the following will provide the best physical security countermeasures to Stop intruders? (Select two).
Which of the following would most likely include language prohibiting end users from accessing personal email from a company device?
A police department is using the cloud to share information city officials Which of the cloud models describes this scenario?
Which of the following is a solution that can be used to stop a disgruntled employee from copying confidential data to a USB drive?

Question 141

Report
Export
Collapse

A security manager needs to assess the security posture of one of the organization's vendors. The contract with the vendor does not allow for auditing of the vendor's security controls. Which of (he following should the manager request to complete the assessment?

A.
A service-level agreement
A.
A service-level agreement
Answers
B.
A business partnership agreement
B.
A business partnership agreement
Answers
C.
A SOC 2 Type 2 report
C.
A SOC 2 Type 2 report
Answers
D.
A memorandum of understanding
D.
A memorandum of understanding
Answers
Suggested answer: C

Explanation:

SOC 2 (Service Organization Control 2) is a type of audit report that evaluates the controls of service providers to verify their compliance with industry standards for security, availability, processing integrity, confidentiality, and privacy. A Type 2 report is based on an audit that tests the effectiveness of the controls over a period of time, unlike a Type 1 report which only evaluates the design of the controls at a specific point in time.

A SOC 2 Type 2 report would provide evidence of the vendor's security controls and how effective they are over time, which can help the security manager assess the vendor's security posture despite the vendor not allowing for a direct audit.

The security manager should request a SOC 2 Type 2 report to assess the security posture of the vendor. Reference: CompTIA Security+ Study Guide: Exam SY0-601, Chapter 5

Question 142

Report
Export
Collapse

A security administrator has discovered that workstations on the LAN are becoming infected with malware. The cause of the infections appears to be users receiving phishing emails that are bypassing the current email-filtering technology. As a result, users are being tricked into clicking on malicious URLs, as no internal controls currently exist in the environment to evaluate their safety. Which of the following would be BEST to implement to address the issue?

A.
Forward proxy
A.
Forward proxy
Answers
B.
HIDS
B.
HIDS
Answers
C.
Awareness training
C.
Awareness training
Answers
D.
A jump server
D.
A jump server
Answers
E.
IPS
E.
IPS
Answers
Suggested answer: C

Explanation:

Awareness training should be implemented to educate users on the risks of clicking on malicious URLs. Reference: CompTIA Security+ Study Guide: Exam SY0-601, Chapter 9

Question 143

Report
Export
Collapse

A company's public-facing website, https://www.organization.com, has an IP address of 166.18.75.6. However, over the past hour the SOC has received reports of the site's homepage displaying incorrect information. A quick nslookup search shows hitps://;www.organization.com is pointing to 151.191.122.115. Which of the following is occurring?

A.
DoS attack
A.
DoS attack
Answers
B.
ARP poisoning
B.
ARP poisoning
Answers
C.
DNS spoofing
C.
DNS spoofing
Answers
D.
NXDOMAIN attack
D.
NXDOMAIN attack
Answers
Suggested answer: C

Explanation:

The issue is DNS spoofing, where the DNS resolution has been compromised and is pointing to a malicious IP address. Reference: CompTIA Security+ Study Guide: Exam SY0-601, Chapter 7

Question 144

Report
Export
Collapse

A dynamic application vulnerability scan identified code injection could be performed using a web form. Which of the following will be BEST remediation to prevent this vulnerability?

A.
Implement input validations
A.
Implement input validations
Answers
B.
Deploy MFA
B.
Deploy MFA
Answers
C.
Utilize a WAF
C.
Utilize a WAF
Answers
D.
Configure HIPS
D.
Configure HIPS
Answers
Suggested answer: A

Explanation:

Implementing input validations will prevent code injection attacks by verifying the type and format of user input. Reference: CompTIA Security+ Study Guide: Exam SY0-601, Chapter 8

Question 145

Report
Export
Collapse

A Chief information Officer is concerned about employees using company-issued laptops to steal data when accessing network shares Which of the following should the company implement?

A.
DLP
A.
DLP
Answers
B.
CASB
B.
CASB
Answers
C.
HIDS
C.
HIDS
Answers
D.
EDR
D.
EDR
Answers
E.
UEFI
E.
UEFI
Answers
Suggested answer: A

Explanation:

Detailed Data Loss Prevention (DLP) can help prevent employees from stealing data by monitoring and controlling access to sensitive data. DLP can also detect and block attempts to transfer sensitive data outside of the organization, such as via email, file transfer, or cloud storage.

Reference: CompTIA Security+ Study Guide: Exam SY0-601, Chapter 10: Managing Identity and Access, p. 465

Question 146

Report
Export
Collapse

A junior security analyst is reviewing web server logs and identifies the following pattern in the log file:

Which ol the following types of attacks is being attempted and how can it be mitigated?

A.
XSS. mplement a SIEM
A.
XSS. mplement a SIEM
Answers
B.
CSRF. implement an IPS
B.
CSRF. implement an IPS
Answers
C.
Directory traversal implement a WAF
C.
Directory traversal implement a WAF
Answers
D.
SQL infection, mplement an IDS
D.
SQL infection, mplement an IDS
Answers
Suggested answer: C

Explanation:

Detailed The attack being attempted is directory traversal, which is a web application attack that allows an attacker to access files and directories outside of the web root directory. A WAF can help mitigate this attack by detecting and blocking attempts to access files outside of the web root directory.

Reference: CompTIA Security+ Study Guide: Exam SY0-601, Chapter 4: Securing Application Development and Deployment, p. 191

Question 147

Report
Export
Collapse

A security analyst has been tasked with creating a new WiFi network for the company. The requirements received by the analyst are as follows:

• Must be able to differentiate between users connected to WiFi

• The encryption keys need to change routinely without interrupting the users or forcing reauthentication

• Must be able to integrate with RADIUS

• Must not have any open SSIDs

Which of the following options BEST accommodates these requirements?

A.
WPA2-Enterprise
A.
WPA2-Enterprise
Answers
B.
WPA3-PSK
B.
WPA3-PSK
Answers
C.
802.11n
C.
802.11n
Answers
D.
WPS
D.
WPS
Answers
Suggested answer: A

Explanation:

Detailed WPA2-Enterprise can accommodate all of the requirements listed. WPA2-Enterprise uses 802.1X authentication to differentiate between users, supports the use of RADIUS for authentication, and allows for the use of dynamic encryption keys that can be changed without disrupting the users or requiring reauthentication. Additionally, WPA2-Enterprise does not allow for open SSIDs.

Reference: CompTIA Security+ Study Guide: Exam SY0-601, Chapter 7: Securing Networks, p. 317

Question 148

Report
Export
Collapse

Employees at a company are receiving unsolicited text messages on their corporate cell phones. The unsolicited text messages contain a password reset Link. Which of the attacks is being used to target the company?

A.
Phishing
A.
Phishing
Answers
B.
Vishing
B.
Vishing
Answers
C.
Smishing
C.
Smishing
Answers
D.
Spam
D.
Spam
Answers
Suggested answer: C

Explanation:

Smishing is a type of phishing attack which begins with an attacker sending a text message to an individual. The message contains social engineering tactics to convince the person to click on a malicious link or send sensitive information to the attacker. Criminals use smishing attacks for purposes like:

Learn login credentials to accounts via credential phishing

Discover private data like social security numbers

Send money to the attacker

Install malware on a phone

Establish trust before using other forms of contact like phone calls or emails

Attackers may pose as trusted sources like a government organization, a person you know, or your bank. And messages often come with manufactured urgency and time-sensitive threats. This can make it more difficult for a victim to notice a scam.

Phone numbers are easy to spoof with VoIP texting, where users can create a virtual number to send and receive texts. If a certain phone number is flagged for spam, criminals can simply recycle it and use a new one.

Question 149

Report
Export
Collapse

Which of the following involves the inclusion of code in the main codebase as soon as it is written?

A.
Continuous monitoring
A.
Continuous monitoring
Answers
B.
Continuous deployment
B.
Continuous deployment
Answers
C.
Continuous Validation
C.
Continuous Validation
Answers
D.
Continuous integration
D.
Continuous integration
Answers
Suggested answer: D

Explanation:

Detailed Continuous Integration (CI) is a practice where developers integrate code into a shared repository frequently, preferably several times a day. Each integration is verified by an automated build and automated tests. CI allows for the detection of errors early in the development cycle, thereby reducing overall development costs.

Question 150

Report
Export
Collapse

An information security manager for an organization is completing a PCI DSS self-assessment for the first time. which of the is following MOST likely reason for this type of assessment?

A.
An international expansion project is currently underway.
A.
An international expansion project is currently underway.
Answers
B.
Outside consultants utilize this tool to measure security maturity.
B.
Outside consultants utilize this tool to measure security maturity.
Answers
C.
The organization is expecting to process credit card information.
C.
The organization is expecting to process credit card information.
Answers
D.
A government regulator has requested this audit to be completed
D.
A government regulator has requested this audit to be completed
Answers
Suggested answer: C

Explanation:

PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. Any organization that accepts credit card payments is required to comply with PCI DSS.

Total 603 questions
Go to page: of 61
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms